Panther AI

Overview

Panther AI is in open beta starting with Panther version 1.112, and is available to all customers. Please share any bug reports and feature requests with your Panther support team.

Panther AI encompasses a set of generative AI features aimed at speeding up your detection and response workflows.

[ TODO: add more content here describing features, once we have them nailed down ]

There are AI entry points in Panther in the following places:

On the Search page
- See AI event summaries in Search
On the Alerts and alert details pages
- See Using AI alert list and alert event summaries

Use of Panther AI features is subject to the AI disclaimer found on the Legal page.

Enabling Panther AI

To use Panther AI features, your Panther instance's Enable Panther AI setting must be set to ON, and your user role must have the Run Panther AI permission.

The Enable Panther AI setting is set to OFF by default, can only be updated by a user with the Edit Settings & SAML Preferences permission. Find this setting on the Settings > General page, within the Main Information tab:

Once Enable Panther AI is set to ON, the Run Panther AI permission will be:

Granted automatically to the default Admin role
Available to assign to additional roles. Learn how to update a role's permissions here.

If this option is not displayed, reach out to Panther's support team to get invited to the beta

Automated Search summary and alert triage

~~The Search Results and Alert Detail screens have introduced AI functionality that allows an analyst to tap a button in order to get an AI summarization of what is happening.~~

~~From the Search Results screen, simply tap the blue~~ ~~Summarize with AI~~ ~~button.~~

[COPIED TO ALERTS PAGE] ~~From the Alert Detail screen, tap the blue~~ ~~Start Panther AI Triage~~ ~~button.~~

AI prompt settings

Use AI prompt settings to tailor AI-generated content in Panther to your preferences. To set your AI prompt settings:

Navigate to one of the AI entry points in Panther.
Set the response length setting.
Click Save Settings.

AI settings are universally applied to all AI entry points in Panther, but are specific to each Panther user.

Response length

The response length AI setting has three possible values:

Short: Runs quickly and produces a brief summary.
Medium: Elaborates more than Short, but is usually shorter than five paragraphs.
Long: Allows AI to analyze intricately, and can produce very long and informative outputs.

Example response lengths

do we want to provide an event here that the AI summarizes? or provide a prompt the AI answers?

Summarizing the below event (or alert),

{}

we could also use three expandable blocks instead of a table, if the responses are really long

Response length value

Example output

Short

Medium

Long

Citations and fact-checking

When Panther AI aids in triaging or summarizing your data, it will return links to relevant data so you can verify its findings. Citations may include alerts, detections, and/or data queries.

PreviousTrailDiscover (Beta)NextSystem Configuration

Last updated 14 days ago

Was this helpful?