Panther AI (Beta)
Last updated
Was this helpful?
Last updated
Was this helpful?
Panther AI encompasses a set of generative AI features aimed at speeding up your detection and response workflows.
Use Panther AI in the Panther Console to aid in triaging alerts—learn more in . There are also AI GraphQL API operations available to customers—view them in the .
To enable Panther AI:
In the upper-right corner of your Panther Console, click the gear icon (Settings) > General.
Once Enable Panther AI is set to ON, the Run Panther AI permission will be:
Claude 3.5 Sonnet v1 (anthropic.claude-3-5-sonnet-20240620-v1:0)
Claude 3.5 Sonnet v2 (anthropic.claude-3-5-sonnet-20241022-v2:0)
Claude 3.7 Sonnet v1 (anthropic.claude-3-7-sonnet-20250219-v1:0)
Claude 3.5 Haiku v1 (anthropic.claude-3-5-haiku-20241022-v1:0)
Panther AI assumes the role and associated permissions of the user running it—i.e., the user logged into the Console where AI operations are being run, or the user executing AI-related API calls.
When Panther AI aids in triaging or summarizing your data, it will return links to relevant data so you can verify its findings. Citations may include alerts, detections, and/or data queries.
Use of Panther AI features is subject to the .
To use Panther AI features, your Panther instance's Enable Panther AI setting must be set to ON and your user role must have the Run Panther AI permission. If you have a Panther instance, you must also enable certain AI models in AWS.
On the , click the Enable Panther AI toggle to ON.
The Enable Panther AI setting is set to OFF by default, and can only be updated by a user with the Edit Settings & SAML Preferences permission.
Granted automatically to the Admin role.
Available to assign to additional roles. .
If you have a Panther instance, follow the instructions on the AWS documentation to request access to the following in the region your Panther instance is deployed in:
This means Panther AI will not perform read or write operations the current user could not perform themselves. This includes , if set for that user role.
