Panther - Cloud Connected
PantherExternal reviews
40 reviews
from
External reviews are not included in the AWS star rating for the product.
Overall a great SIEM
What do you like best about the product?
Having the scalability and flexibility to create an overall positive user experience
What do you dislike about the product?
The UI is not optimal for my workflow. Having to switch between tabs can be cumbersome
What problems is the product solving and how is that benefiting you?
Having a secure solution in the SIEM space is rare
"Panther is an easy-to-use, scalable SIEM."
What do you like best about the product?
Panther handles high-volume cloud security log streaming. We tested its capacity to process data from various cloud services and found that it worked fine with AWS, OKTA, and G Suite. The product's out-of-the-box alerts and detections were helpful. Panther is built on Snowflake, which helped us quickly make a backend data warehouse. Panther is a scalable SIEM, enabling us to write detection definitions as code and then automatically push those definitions to our Panther deployment. It is a powerful detections-as-code feature that can make a private copy of this repository to manage custom detections. The back end scales as needed, so we no longer manage servers, load balancers, and other infrastructure for our old SIEM.
What do you dislike about the product?
The number of customers is still pretty small, and we'd like to have a bigger group of customers with whom we could share ideas. Since detection as code is new, we'd love an online community or user group to exchange rulesets and discuss best practices. Panther has few native integrations, and ingesting data from some sources can be difficult. It also needs more integrations, finer exclusions and allowlists, and resolution/status options in case management.
What problems is the product solving and how is that benefiting you?
Panther has been a fantastic partner, and their product is truly next-gen. It helped us design a robust detection and incident response program using test-driven development and detection-as-code. We can create powerful detection rules that call REST services, integrate external libraries, and manipulate alerts fluidly. Positive experience overall about Panther's team is responsive, mission-driven, and workable. After watching a Snowflake webinar, we saw a demo, did a POC, and bought it. The product's cloud-first approach has many benefits, which was one of our drivers.
Great for cloud logging, especially AWS
What do you like best about the product?
Panther was a refreshing change for our team. We got out of spending time managing servers and infrastructure. We also avoided a lot of costs by moving away from an expensive Splunk license. Our favorite capabilities were: 1. streaming of cloud logs into Snowflake 2. Built on snowflake, so was super fast and reliable. 3 serverless - so easy! 4. easy detections as code in realtime using python.
What do you dislike about the product?
Product was great at speed and power, but lacked in some usability. This was only an issue during onboarding. Their team supported us and walked us through some of the less intuitive areas, now we love it.
What problems is the product solving and how is that benefiting you?
Lower costs for licenses and infrastructure, much faster performance on queries, now have real-time alerting and detection. Lightening fast streaming of all of our cloud logs.
showing 11 - 13