Reviews from AWS customer
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
33 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Top technology in the market
What do you like best about the product?
I like many features from Panther, one of the best thing for me is always coming with new improvements that align where the market is pointing out. Also, they are always listening to their customers that provides feedbacks and work as a team to provide a solution.
What do you dislike about the product?
Fully managing Panther in the long run can bring some operational work regarding updates and upgrades for their detections and the CI/CD pipeline. Those tasks requires more time and experience from teams outside SecOps.
What problems is the product solving and how is that benefiting you?
For my role here, Panther helps me to have a good visibility regarding my cloud accounts and create policies/alerts for things that I can identify as risk.
A giant in the SIEM space
What do you like best about the product?
I have been utilizing Panther extensively over the past 18 months, and it has consistently proven to be an exceptionally reliable and robust solution. Its flexibility allows users to seamlessly operate via the console or integrate directly with existing CI/CD pipelines. The user interface is notably intuitive and offers multiple sophisticated options for querying data, complemented by customizable dashboards that significantly enhance analytical capabilities.
Panther includes numerous pre-built detections that are effortlessly adaptable, making it straightforward to align them with specific environmental requirements. Additionally, authoring detections as code in Python is streamlined and efficient. The platform stands out with valuable features such as comprehensive metadata fields including MITRE ATT&CK mapping, summaries, runbooks, and tagging capabilities.
Equally impressive is Panther's outstanding customer support team, whose responsiveness and expertise ensure issues are typically resolved within just a few hours. Their proactive engagement and consistent receptiveness to feedback, reflected clearly in periodic review meetings, continually demonstrate their commitment to customer success.
Overall, my experience with Panther has been exceptional, and I strongly recommend it to organizations seeking a versatile, powerful, and user-friendly security solution.
Panther includes numerous pre-built detections that are effortlessly adaptable, making it straightforward to align them with specific environmental requirements. Additionally, authoring detections as code in Python is streamlined and efficient. The platform stands out with valuable features such as comprehensive metadata fields including MITRE ATT&CK mapping, summaries, runbooks, and tagging capabilities.
Equally impressive is Panther's outstanding customer support team, whose responsiveness and expertise ensure issues are typically resolved within just a few hours. Their proactive engagement and consistent receptiveness to feedback, reflected clearly in periodic review meetings, continually demonstrate their commitment to customer success.
Overall, my experience with Panther has been exceptional, and I strongly recommend it to organizations seeking a versatile, powerful, and user-friendly security solution.
What do you dislike about the product?
There is nothing that i dislike about the product.
What problems is the product solving and how is that benefiting you?
We are currently ingesting logs from all corporate and cloud infrastructure into this solution, enabling comprehensive visibility and centralized management of our log data. The implementation process is straightforward and intuitive, requiring minimal effort, and the ongoing management of the platform has proven to be exceptionally simple and efficient.
This solution has become our primary tool for detection engineering and forensic log analysis, thanks to its powerful querying capabilities, versatile functionality, and reliability. It seamlessly supports our operational workflows and significantly enhances our capability to quickly detect and respond to security incidents, ultimately strengthening our organization's overall security posture.
This solution has become our primary tool for detection engineering and forensic log analysis, thanks to its powerful querying capabilities, versatile functionality, and reliability. It seamlessly supports our operational workflows and significantly enhances our capability to quickly detect and respond to security incidents, ultimately strengthening our organization's overall security posture.
Amazing SIEM for this AND the next generation of defenders!
What do you like best about the product?
Detection-as-code is the next frontier! This platform gives you everything you could want from your old SIEM platform and amplifies it to 11! The support behind the product is as amazing as the product itself, which is a rare trait these days.
What do you dislike about the product?
Not really a downside but more of a fyi: To make the most of the platform, you want to understand and manage it via CI/CD practices and tooling. Pretty much everything can be done through the UI, but if you really want to get into the weeds and maintain a tight control over detections and alerting, you'll want to have some familiarity with proper CI/CD practices.
What problems is the product solving and how is that benefiting you?
From having built in packs and schemas for all of our current use cases to supporting our most needed alerting destinations, Panther covers pretty much all of our current needs. The unified search and simple query language for more advanced searches should satisfy all analyst, young to old, green to experienced!
Detection-as-code provides us with a huge amount of flexibility for how we would like to create, manage, and deprecate our detection mechanisms.
Detection-as-code provides us with a huge amount of flexibility for how we would like to create, manage, and deprecate our detection mechanisms.
Detection capabilities and helpful support team enhance log analysis and integration flexibility
What is our primary use case?
We use Panther for our SIEM solution. It is used for aggregating logs and analyzing user activities. We can filter down to individual roles inside of AWS through all the accounts and user activities.
What is most valuable?
I find Panther's detection capabilities and integrations to be highly valuable. It allows integration with anything as long as I am willing to write detections, and their team is very helpful. I find its log analysis capabilities valuable. It enables me to filter down to individual roles in AWS, and if I am skilled at SQL queries, I can query anything. The infrastructure as code feature allows me to use Git repositories to manage detections and import detections from other Git repositories.
What needs improvement?
The solution could be improved by providing more built-in integrations, which would reduce the need for me to build them myself.
For how long have I used the solution?
I have had experience with Panther for two years.
What was my experience with deployment of the solution?
The search is pretty good, and it builds SQL queries for me, allowing me to go through logs and click on elements to add filters, automatically building the query.
How are customer service and support?
The support team is very helpful and supportive.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
Before Panther, we mainly relied on CloudWatch and did not have a dedicated SIEM solution. We are a cloud-only company, and Panther was a good fit for us.
How was the initial setup?
Setting up Panther was straightforward and easy, worthy of an eight out of ten in terms of ease.
What about the implementation team?
Our security team is quite small, consisting of fewer than five people, and we were able to deploy Panther. The same small team can maintain the solution and build integrations.
What was our ROI?
Panther does what is expected of a SIEM solution. It is used by engineers for troubleshooting issues and defining role-based controls for visibility between teams.
What's my experience with pricing, setup cost, and licensing?
I find the pricing to be reasonable, although I can't recall the exact cost.
Which other solutions did I evaluate?
We evaluated Panther against Devo and Gurucul. Panther offered better hot storage for logs and was less expensive than Devo.
What other advice do I have?
I would recommend Panther to other companies because of its ease of use. The infrastructure as code feature allows using Git repositories for secure detections. Overall, I would rate the solution eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Excellent tool for teams using detection as code
What do you like best about the product?
Panther is incredibly responsive - it's a definite partnership. The team continues to develop features with input from customers about what is most needed. The ability to write detections in Python is very helpful. New feature rollouts make creating detections and doing searches more accessible to less technical employees. The ability to truly implement detection as code is really cool, but it's not a must to implement Panther. The flexibility of ingesting anything you can get to S3 introduces some up front work, but once a process is established, custom ingestions can be done quickly.
What do you dislike about the product?
Panther lacks some functionality you expect from the typical SIEM - visualizations specifically lag, but this can be addressed with other tools. There is a fairly steep learning curve if you are not experienced with Python, SQL, and YAML. However, all SIEMs have a fairly steep learning curve. If your team has some experience with development, the languages should be familiar and easy to get the hang of how Panther uses them.
What problems is the product solving and how is that benefiting you?
Centralized monitoring, detection, and response. Ingesting data via API is straight forward and can be largely templatized for efficiency. Recent additions to ingestion options (like webhooks) will continue to make ingestions more efficient. The ability to work in code is a major benefit for teams committed to a CI/CD environment.
Flexible and Robust - a Modern SIEM
What do you like best about the product?
The ability for our detections to be as simple or complex as Python allows is the most significant benefit to Panther as a SIEM. While specific log sources don't necessarily need this, custom log sources (such as an organization's app logs) benefit tremendously from this added flexibility. Panther helps foster collaboration in our environment and provides a tool to which all of Engineering can contribute. The ability to embed our alert building into our existing SDLC to ensure proper custody and approvals before going into production is tremendous. As a partner, Panther is transparent and always provides constant opportunities for feedback and service improvement. The community is growing faster everyday and there are always new alerts being offered for adoption by all of the community.
What do you dislike about the product?
While it doesn't impact our team, a non-technical Security team could struggle to realize all of the benefits of a SIEM like Panther vs some of the drag-and-drop competitors.
What problems is the product solving and how is that benefiting you?
Panther helps us solve our problem of centralized visibility and monitoring of our many (often custom) log sources. As a SIEM Panther excels at providing robust and custom alerting mechanisms so we can build out world-class detection and response capabilities.
A great and convenient SIEM product to transition to
What do you like best about the product?
Overall a very positive experience. It was very easy to deploy and the how-to's and guides throughout were really helpful to help guide and integrate through the new security system.
What do you dislike about the product?
I feel that there's too much coding needed if you want to fine tuning inclusion and exclusion criteria. These can use more automation and promote more user-friendliness.
What problems is the product solving and how is that benefiting you?
Panther integrates with various threat intelligence sources, providing up-to-date information on known threats and vulnerabilities. This integration enables the system to correlate real-time events with threat intelligence data, enhancing the accuracy of threat detection and response. The seamless integration with external sources ensures that organizations stay one step ahead of emerging threats.
Panther.io -- Modern Security Analytics, Detection & Response
What do you like best about the product?
Modern, cloud-based architecture. Bring your own Snowflake. Detection as Code (Python & SQL).
What do you dislike about the product?
Response workflow creation (what to do with a detection) is lackluster and underdeveloped.
What problems is the product solving and how is that benefiting you?
Log source integration into Snowflake. Detection as code, many good detections out of the box. Security Analytics is super simple, I don't have to worry about any details on the ingest or warehouse. Snowflake storage is super cheap. Amazing post-sales and support team.
Panther - The Best SIEM & Shadow IT!
What do you like best about the product?
Panther is a clear winner for ease of deployment and usability. Their support and customer-success team is very communicative and eager to help. No coding is necessary to integrate the data sources we needed in our tech stack.It has out-of-the-box detections which are immensely useful when you have a very small IT/Infosec Team. The notification setup and Slack integration are seamless. I also love the How-To's for integrations and notifications , which are very well-written
What do you dislike about the product?
The only improvement I wanted when I started using panther in 2021 was to have assignment for the alerts so that I know who is working on the issue. The Customer Success & Product Team took our feedback & got this rolled out. Now I am happy & there isnt anything I dislike about Panther
What problems is the product solving and how is that benefiting you?
We have a small team & Panther Tool seems to work as a SOC for us. It makes my team's life easier by automated out of the box detections & log analysis
Alert Destination features for our Amazon SQS and SNS services are effective for health notification
What do you like best about the product?
We enable one-way alert synchronization between the Panther console and our incident management platform to generate real-time notifications & updates. Pulling MongoDB and AWS DynamoDB logs is done seamlessly through Panther APIs. To improve detection match rates, we use its Data Replay processing to get transparency about event triggers.
What do you dislike about the product?
Updation in CloudFormation deployment parameters is required in Panther's backend framework. This will help us to orchestrate our infrastructure monitoring better and reorganize our rules, queries and customer policies. All other features for custom detection, log analysis, and notification is excellent with Panther.
What problems is the product solving and how is that benefiting you?
Panther gives the privilege to write custom detections & queries for our audit logs for ingesting security events. By enabling its Data Replay, we effectively reduce the time taken to load events and create its retention policy. For real-time health notifications, we integrate Panther with our Amazon Simple Notification Service (SNS) and regulate mail alerts through Simple Queue Service (SQS) for all business-critical applications. We can also override these destination alerts with either rule-based or policy-based metadata inclusions.
showing 11 - 20