Knowledge Base Community Release Notes Request Demo

Overview

Panther is a cloud-native, code-driven detection and response platform

Panther is a cloud-native SIEM featuring detections-as-code and advanced search, with a number of natively supported log sources and alert destinations. Ingest terabytes of security events per day into a structured data lake in Panther to power real-time detections and investigations.

A diagram showing how Panther works: It ingests, parses, and normalizes security logs, detects anomalies with rules, then alerts your team of suspicious activity. At the bottom of the diagram is a "Long-term retention" box, showing that data is stored in Snowflake and queryable.

Explore Panther features

Cover

Start using Panther

Onboarding Guide

Cover

Data ingestion

Supported Log Sources

Custom Log Sources

Ingestion Filters

Cover

Detections

Simple Detections

Python Detections

Derived Detections

Panther-managed Detections

Cover

Alerts

Alert Destinations

AI Alert Triage

Assigning and Managing Alerts

Cover

Investigations

Standard Fields

Saved & Scheduled Searches

Cover

Data enrichment

Custom Lookup Tables

Identity Provider Profiles

Enrichment Providers

Cover

Developer tools

Panther Analysis Tool

CI/CD for Panther Content

Converting Sigma Rules

Get started

Want to learn more about Panther? Visit our website.
Interested in a demo? Fill out this form.
Have a brand-new Panther account? Check out Quick Start.
Ready to start detecting threats? Follow the Onboarding Guide.

NextQuick Start

Last updated 3 months ago

Was this helpful?