Sold by: Panther
Deployed on AWS
Panther is a modern Security Information and Event Management (SIEM) tool that solves the challenges of security operations at scale.
Overview
Note: Listing is specific to Panther's Cloud Connected deployment model, which requires the customer to own AWS and Snowflake infrastructure and associated costs. For custom pricing, SaaS deployment options, EULA, private contract, or private offers please contact sales@panther.com .
The shift to the cloud has resulted in an explosion of data that security teams need to collect, analyze, and retain to detect threats. However, traditional security monitoring tools were never built with cloud-scale in mind and cannot meet the demands of today's modern workloads. Panther is an AWS cloud-native threat detection platform that transforms terabytes of raw logs per day into a structured security data lake to power real-time detection, swift incident response, and thorough investigations.
With detection-as-code in Python and out-of-the-box integrations for critical log sources including S3, CloudTrail, VPC Flow Logs and more - Panther solves the challenges of security operations at scale.
Highlights
- Detect threats immediately by analyzing logs as soon as they are ingested, giving you the fastest possible time to detection.
- Answer security questions quickly with the ability to immediately query months of data in minutes and efficiently search for IoCs across all logs.
- Reduce SIEM costs dramatically while gaining lightning-fast query speeds, with an efficient, highly scalable data lake architecture.
Details
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor, and additional usage. You pay upfront or in installments according to your contract terms with the vendor. This entitles you to a specified quantity of use for the contract duration. Usage-based pricing is in effect for overages or additional usage not covered in the contract. These charges are applied on top of the contract price. If you choose not to renew or replace your contract before the contract end date, access to your entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Panther - 1TB/Month | Panther Cloud Connected - 1TB of Monthly Ingestion - 1 Year Data Retention | $50,000.00 |
Dimension | Cost/unit |
|---|---|
Details of overage can be found in EULA | $1.00 |
Vendor refund policy
Please reference EULA for refund policy
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
Panther support has been continuously praised by customers. See the SLA's page attached for further insight. support@panther.io
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Tailored detection engineering services to create customized, specific detections to trigger on logs in a given schema or data format within your Panther instance.
1Password Business
By Ibexlabs
1Password takes the guesswork out of logins, shadow IT, and infrastructure secrets so you can keep your people safe and your business moving.
1Password Business
By 1Password
1Password takes the guesswork out of logins, shadow IT, and infrastructure secrets so you can keep your people safe and your business moving.
Luminate Completed Films Dataset (Hackathon Eligible)
By Luminate Film & TV
Luminate's Completed Films dataset includes over 31,000 titles for feature length films that have been released in the US from 1960 to present. A completed/released film is defined as a film that has reached its US release date. A film with a release date that hasn’t passed is still listed under development.
Customer reviews
Information Technology and Services
Great SIEM With Lots of Out of the Box Detections
Reviewed on May 15, 2025
Review provided by G2
What do you like best about the product?
One of the things I like most about Panther is it's Python based detection rules. It easy to start with simple rule writing, but moving to writing more complex rules using Python is a breeze.
What do you dislike about the product?
As someone responsible for triaging alerts, I’ve found the UI a bit cumbersome—it’s missing some key quality-of-life features that would streamline triaging alerts. Integrating it with automation systems could unlock a lot of value to ease some of this.
What problems is the product solving and how is that benefiting you?
Panther handles log ingestion and normalization across cloud infrastructure without needing a heavy ELK stack or complex data plumbing. Panther makes it easier to focus on writing detections rather than operating a log ingestion infrastructure.
Leave a comment0 comments
Marketing and Advertising
Great for Writing Detections
Reviewed on May 08, 2025
Review provided by G2
What do you like best about the product?
Writing detections in Python is super nice.
Being able to throw an indicator such as an IP address or username into Panther and having it search everywhere is convenient.
Being able to throw an indicator such as an IP address or username into Panther and having it search everywhere is convenient.
What do you dislike about the product?
When we make customizations to detection rules, it often causes merge conflicts when syncing from the upstream panther-analysis repo.
Custom SQL queries are often slow (on the order of 10 minutes).
Custom SQL queries are often slow (on the order of 10 minutes).
What problems is the product solving and how is that benefiting you?
Having our security relevant logs in one place where we can customize alerting and easily search during manual investigations.
Information Technology and Services
SaaS Security Operations
Reviewed on May 05, 2025
Review provided by G2
What do you like best about the product?
We've been using Panther for nearly two years, and it's been a fantastic experience. Their commercial team has been consistently fair and transparent, which made the onboarding process smooth and the long-term relationship easy to manage.
Support-wise, Panther has been exceptional — fast, knowledgeable, and genuinely helpful whenever we’ve needed them. What’s impressed us most, though, is the platform’s rapid evolution. Since we joined, Panther has rolled out a steady stream of valuable features and native integrations, showing their strong commitment to innovation and customer needs.
Panther has become a key part of our security stack, and we’re excited to see how the platform continues to grow.
Support-wise, Panther has been exceptional — fast, knowledgeable, and genuinely helpful whenever we’ve needed them. What’s impressed us most, though, is the platform’s rapid evolution. Since we joined, Panther has rolled out a steady stream of valuable features and native integrations, showing their strong commitment to innovation and customer needs.
Panther has become a key part of our security stack, and we’re excited to see how the platform continues to grow.
What do you dislike about the product?
We work with external consultants who are more familiar with traditional SIEM platforms, so there was a brief adjustment period for them when adapting to Panther’s approach. That said, once they understood the architecture and workflows, things went smoothly. Beyond that, there's very little to dislike — Panther has consistently delivered on both functionality and support.
What problems is the product solving and how is that benefiting you?
Panther solves our core needs around log aggregation, monitoring, and detection. It provides a scalable and efficient way to manage security events across our cloud infrastructure, with flexibility that fits our engineering-driven workflows. This has helped us streamline threat detection and response while keeping costs predictable.
Michael K.
Panther: Easy, Capable, and Constantly Innovating
Reviewed on May 01, 2025
Review provided by G2
What do you like best about the product?
Panther is easy to use and easy to maintain. Between the constant UI and feature improvements (dashboards, correlation detections, log manipulation, etc.) and the support we get from our Panther team, I feel like there are little to no hurdles for implementing the use cases we come up with.
What do you dislike about the product?
The biggest downside to Panther is probably the immaturity of their dashboard feature (and in fairness, it _is_ in beta). Basic visualization and graphing is easy, but doing more complex analysis and charting still needs some love.
What problems is the product solving and how is that benefiting you?
Panther is our one-stop-shop for ingesting any of our security logs. We have a need to ensure that new logs are easily ingested and quickly turned into alerting. Panther allows us to set up new ingest endpoints in minutes, allowing integration of non-standard logs without having to architect and engineer an entire ingest pipeline. The ability to quickly infer log structure and mask sensitive data is great, and the resulting logs are easily searchable in a number of different ways (simple text searching, SQL, PantherFlow).
Brooks B.
Panther AI + Python = Next-Level Detection Engineering
Reviewed on Apr 30, 2025
Review provided by G2
What do you like best about the product?
Panther's new AI is a massive time-saver, it instantly pulls the right fields from complex JSON logs. The AI saves me time parsing JSON and more time for responding. The Python-based alerting is a major win too. Writing detection logic feels like proper software development: it's clean, flexible, and testable. The alert testing feature is especially powerful. No more guessing if your logic will work in production. Custom lookup tables to map things like GitHub usernames to employees, or AWS accounts to Terraform workspace, which adds powerful context to our alerts. Implementation and integration was fast and straightforward, easy to add custom features. Their customer support is exceptional — they added a feature the very next day after our request. We use Panther every single day across the team to save hours vs. our old SIEM.
What do you dislike about the product?
The core platform is strong, but a few things could be smoother. Some UI elements still feel a bit early-stage./ More out-of-the-box templates or integration options would really level up the experience.
What problems is the product solving and how is that benefiting you?
Panther helps us move fast without breaking things. We’re reducing false positives, accelerating investigations, and building high-quality detections with real engineering discipline. It’s replaced our legacy SIEM with something that feels purpose-built for modern cloud security teams.