panther v1.5.1 releases: cloud-native SIEM for threat detection, cloud security, and data analytics
What is Panther?
Panther was founded by the core architect of StreamAlert, a cloud-native solution for automated log analysis open-sourced by Airbnb.
Panther is the next step for security teams who need a modern alternative to traditional SIEMs. We designed Panther for a massive scale, with a rich and intuitive user experience, in-browser Python rule editing, and first-class AWS support.
Our mission is to provide an open platform to effectively protect businesses from cybersecurity threats.
Panther is a powerful, open-source, cloud-native SIEM designed to be:
Flexible: Python-based detections and alerting support for PagerDuty, Slack, MS Teams, and more
Scalable: Built on serverless technologies for cost and operational efficiency at scale
Fast: Near real-time rules analysis, alerting, and automatic remediation
Integrated: Analyze both security logs and cloud resources for total visibility
Automated: Fast and simple deployments with AWS CloudFormation
Secure: Least-privilege and encrypted infrastructure that you control
Panther’s use-cases include:
Log Analysis: Centralize and analyze log data with Rules for threats and suspicious activity
Incident Response: Perform historical queries with SQL over long-term data for analytics, log correlation, and forensics.
Cloud Compliance: Detect misconfigured cloud infrastructure and enforce best practices.
Auto Remediation: Automatically correct non-compliance infrastructure
Panther analyzes all security data generated by your clouds, networks, applications, and hosts to power threat detection, compliance, and security investigations. Panther provides flexible detection logic, a secure deployment within your AWS cloud, support for common security tools, and automation for painless deployments. Common uses include:
- Detect Unauthorized Access: Analyze logs to identify unauthorized access into systems
- Threat Hunting: Quickly search logs for matches against indicators of compromise with Panther’s standardized data fields
- Achieve Compliance: Use built-in detections as controls for SOC/PCI/HIPAA compliance
- Secure Your Cloud Resources: Automatically fix misconfigurations that could cause severe damage if exploited
This is a quick patch to fix a number of bugs identified in the last release:
- Fix rollback when upgrading deployments with GuardDuty enabled
- Remove excessive “missing accountID” errors logged by the Cloud Security scanner
- Fix an issue where paginating the events of an alert would occasionally cause a crash
- [Enterprise] Fix sources page when an Okta integration is present
Copyright (C) 2020 panther-labs