Knowledge BasePanther.comRelease NotesDemo Request
Search…
Overview
Quick Start
Data Sources & Transports
Writing Detections
Cloud Security Scanning
Alert Destinations
Data Analytics
Enrichment
System Configuration
Guides
Help
Panther Developer Workflows
Panther API
Panther Analysis Tool
Managing Detections via CI/CD
GitHub Actions Onboarding Guide
Panther Config SDK (Beta)
Powered By GitBook
Quick Start
Get started with your new Panther account
Get started with Panther by scheduling a demo!
Welcome to Panther!
This guide will walk you through:
  • Your initial login and how to invite other users to your Panther Console
  • Setting up a destination where you will receive alerts
  • Onboarding logs you want to monitor
  • Setting up detections to alert you against common security threats

Overview

Overview Video

Tour video of getting started in the Panther Console

Using Panther

You can manage your account and workflows in the Panther Console or using Panther Developer Workflows.

Panther Console

The Panther Console is Panther's web-based UI where Panther admins manage their account.
Check out the Overview video above or the Panther Product Tour for a preview of the Panther Console.

Panther Developer Workflows

Panther Developer Workflows are non-console workflows you can use to interact with your Panther account, including CI/CD, API, and the Panther Analysis Tool (PAT).

Glossary

Panther's Glossary introduces common cloud-native, security, and Panther-specific terminology. Refer to the Glossary for extra context and clarity on terms found throughout the Documentation site.

Getting Started in Panther

Initial Login

To access your Panther Console, you need an instance. An instance is created when the Panther team provisions your account.
Once your account has been provisioned, you will receive an invitation email from [email protected] with your temporary Panther Console login credentials. If you don't see it, be sure to check your spam folder or reach out to your customer support team.
After the initial console login with the provided credentials, you will need to update your password and set up MFA.

Inviting Users

After you have successfully logged in, you can invite more users to the platform by navigating to Settings > Users. You may also set up SAML integration.
We strongly recommend having at least two users with Admin role set up. This will help your organization regain access to the Panther Console if needed.
It is also recommended to routinely audit the users who have access to your Panther Console.

Alert Destinations

The first recommended step after initial login to the Panther Console is to configure destinations to receive alerts in notification systems such as Slack, PagerDuty, or automation platforms like Tines with a custom webhook. You can quickly set up a destination by following the steps below:
  1. 1.
    In the Panther Console, go to Configure > Alert Destinations.
  2. 2.
    Click +Add your first Destination.
  3. 3.
    Click a destination you would like to configure:
    ​
See Panther's Destinations documentation for configuration steps specific to each service.

Data Onboarding

Next up is to onboard data sources for data normalization, which will also allow you to query the logs in the data lake and perform real-time analysis with Python.
This Quick Start guide provides the general steps required to onboard data. To view instructions for specific integrations, please see the documentation on Data Sources & Transports.

Create a new log source

To start onboarding data, navigate to Configure > Log Sources and click Create New. Here you can choose from a list of services we currently support.
The most common data source methods are ingesting data from an Amazon S3 bucket or directly pulling the logs from a supported SaaS service. For more information on each method, visit the links below:
If the log source you want to ingest is not natively supported yet, visit the Custom Log Types documentation to upload logs and infer a schema.
After following the onboarding steps, your data will begin to be ingested into Panther. Your logs will be checked against the built-in Python detections and will be searchable within the Data Explorer. You can now query Indicator Search for investigations on common indicators for your various data sources.
​

Set Up Detections and Cloud Compliance

Panther comes with built-in detections that alert against common security events and monitoring of cloud infrastructure. Building on these built-in detections is easy; use Panther to create custom detections that address your organizational needs. Use the documentation below to guide you through setting up detections and cloud compliance:

Next Steps: Plan your Panther onboarding

Once you're up and running in the Panther Console, it's time to make the most of everything Panther has to offer. We have created a checklist to help you plan your full onboarding and track feature adoption. This guided checklist, Success Schema: Enable, Configure and Detect with Panther, will walk you through planning and completing your Panther onboarding.
Previous
Overview
Next
Data Sources & Transports
Last modified 24d ago
Copy link
On this page
Overview
Overview Video
Using Panther
Glossary
Getting Started in Panther
Initial Login
Inviting Users
Alert Destinations
Data Onboarding
Set Up Detections and Cloud Compliance
Next Steps: Plan your Panther onboarding