# Panther Reviews **Vendor:** Panther Labs **Category:** [Security Information and Event Management (SIEM) Software](https://www.g2.com/categories/security-information-and-event-management-siem) **Average Rating:** 4.7/5.0 **Total Reviews:** 49 ## About Panther Panther is the AI SOC Platform that scales security expertise by embedding AI agents across your security operations with native access to your data lake, detection logic, and organizational knowledge. Unlike bolt-on tools, Panther's closed-loop architecture turns every alert into compounding intelligence that makes the system smarter over time. Request a demo today at: https://panther.com/product/request-a-demo/ ## Panther Pros & Cons **What users like:** - Users highly value Panther's **responsive customer support** , which ensures timely assistance and effective problem resolution. (12 reviews) - Users commend Panther's **detection efficiency** , appreciating its rapid data processing and adaptable pre-built detections. (9 reviews) - Users find Panther's platform incredibly **easy to use** , allowing small teams to operate effectively with minimal effort. (9 reviews) - Users commend Panther for its **intuitive interface and robust features** , enhancing security operations even for small teams. (9 reviews) - Users appreciate the **easy log source integrations** of Panther, enhancing their data ingestion and analytical capabilities. (7 reviews) - Implementation Ease (7 reviews) - Integrations (7 reviews) - Users value Panther's **seamless onboarding and robust detection capabilities** , showcasing its commitment to innovation and support. (7 reviews) - Alerting System (6 reviews) - Alerting (5 reviews) **What users dislike:** - Users find the **Alert Management** limited due to basic summary absence and restricted customization options for alerts. (3 reviews) - Users find the **complex configuration** of Panther challenging, needing extensive custom setups for effective integration. (3 reviews) - Users find the **dashboard features immature** and lacking in customization, limiting their ability to perform complex analysis. (3 reviews) - Users find **limited access** a challenge, with integration and customization requiring significant effort to achieve functionality. (3 reviews) - Users note a **difficult learning curve** for Panther, especially for those unfamiliar with programming languages. (2 reviews) - Users find the **immaturity of the dashboard feature** limits their ability for complex analysis and charting. (2 reviews) - Inefficient Alert System (2 reviews) - Integration Issues (2 reviews) - Learning Curve (2 reviews) - Learning Difficulty (2 reviews) ## Panther Reviews ### 1. Panther’s SIEM + AI Makes Triage and Threat Hunting Fast and Seamless **Rating:** 5.0/5.0 stars **Reviewed by:** Richard E. | Security Engineer, Enterprise (> 1000 emp.) **Reviewed Date:** June 04, 2026 **What do you like best about Panther?** Panther’s SIEM iteration into the AI security space has been a real shift in our security team’s capabilities. With AI Auto Triage, the triage process is quick, and the Panther AI integration enables automated threat hunting. Having threat intel pushed into the MCPs has also been helpful. The price-to-capability balance feels fair, and it’s the only SIEM I’ve seen so far that has pushed this heavily into SIEM + AI integration. The standard plug-and-play integrations are limited to a typical security tech stack; however, it isn’t difficult to ship logs to S3 and normalize them directly in Panther. Using a Snowflake datalake, queries are efficient and it’s one of the more seamless ways I’ve used to query log sources at scale. We also have monthly visits with the Panther team to help integrate and upgrade our instances, uncover new release items, and help us engineer the platform for success. Lastly, the UI/UX is easy to navigate. Most SIEMs are difficult to work with, with buttons doing various things across different areas. This is a SIEM through and through: if you know what you want to find or what detection you want to build, you can do it easily since the backend query structure is SQL and the detections are all detection as code. **What do you dislike about Panther?** The hardest part of working with Panther is making sure you manage your detections as code in a solid, maintainable way. It’s easy for your implementation to drift and become out of date compared with the upstream managed Panther repo. Before you start implementing rules and creating your own detections, it’s really important to think through the upstream conflicts that can come up when you customize things. If you account for that upfront while designing your detection-as-code infrastructure, you shouldn’t run into major problems. **What problems is Panther solving and how is that benefiting you?** Panther is really moving forward with its AI capabilities. The Panther AI Auto Triage feature has helped us go from triaging hundreds of alerts to focusing only on the important ones. While other companies are adding built-on features to enable AI auto-triage in combination with your SIEM, Panther has this functionality built in, and it works great. On top of that, they’re taking it a step further by working toward AI that can create new detections directly within the platform. It can also help identify areas with high false positives so we can reduce the noise our analysts deal with, including by suggesting updates to detections that cut down on unnecessary alerts. ### 2. Panther Makes Security Operations Simpler and Faster **Rating:** 5.0/5.0 stars **Reviewed by:** Busra K. | Senior Security Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** May 29, 2026 **What do you like best about Panther?** What I like best about Panther is how quickly it helps us move from alert to action. It’s powerful and highly automated, with strong native integrations that made setup and onboarding easy across teams. Features like enrichment and AI-assisted analysis make SOC investigations much faster and simpler, and the support team is consistently responsive whenever we need help. **What do you dislike about Panther?** At the moment, I don’t have any major dislikes. Our experience with Panther has been smooth so far, from onboarding to daily SOC operations. **What problems is Panther solving and how is that benefiting you?** Panther is helping us solve the biggest SIEM challenge: turning large volumes of security data into fast, actionable investigation workflows. It centralizes signals from multiple tools through native integrations, enriches alerts with useful context, and uses AI-assisted analysis to reduce manual triage time. The benefit for us is a faster and more efficient SOC process. Our team can investigate and respond more quickly, onboarding across teams is easier, and we spend less time on repetitive analysis and more time on real risk reduction. ### 3. Compact, Powerful SIEM with Fast-Evolving AI Analytics **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Marketing and Advertising | Enterprise (> 1000 emp.) **Reviewed Date:** May 11, 2026 **What do you like best about Panther?** Panther is a compact, powerful SIEM with AI Analytics that are currently evolving by the day. Each category is easy to browse and use, there are several integrations that can be requested, the price is very competitive with other tools on the market, and the custom rule builder is very well designed. **What do you dislike about Panther?** The tool is still in its infancy, however as it continues to grow and reaches action parity with larger, more advanced SIEMs, it will be world class **What problems is Panther solving and how is that benefiting you?** Adapting an AI ruleset builder + detection triage helper can really help small teams fill the skill gap found in a SOC. A well built AI helper inside of a SIEM like this, when additional OSINT and context is added, could get an entire operation up and running in a matter of weeks without bloating a team to cover skills. ### 4. Reliable SIEM with Strong Support and AI-Powered Efficient Operations **Rating:** 5.0/5.0 stars **Reviewed by:** Daichi H. | Corporate IT, Mid-Market (51-1000 emp.) **Reviewed Date:** January 20, 2026 **What do you like best about Panther?** The support team is responsive and provides detailed guidance when we need help. The platform is easy to implement and operate, even with a small team. Through its intuitive interface and AI capabilities, a small security team can work as effectively as larger ones. Cost predictability is a significant advantage. Panther's cost structure allows us to forecast our security budget accurately, which is important for planning. The MCP (Model Context Protocol) integration lets us build custom detection rules that combine Panther's data with our local data sources for tailored threat detection. MCP and PantherAI also help non-native English speakers quickly understand complex security information, reducing language barriers across our team. **What do you dislike about Panther?** I don't have any significant concerns or areas where I feel Panther needs improvement. **What problems is Panther solving and how is that benefiting you?** As a small team implementing our first SIEM solution, we needed a platform that we could implement and manage without requiring extensive resources. During our POC, we evaluated Panther alongside two other solutions, and Panther proved to be the most effective in both implementation and operation, solving this challenge most smoothly. The predictable cost structure was also crucial for getting approval from our leadership team, making the approval process straightforward. ### 5. Detection as Code and AI Triage Make Panther a Standout **Rating:** 4.0/5.0 stars **Reviewed by:** Mark H. | Security Operations Manager, Enterprise (> 1000 emp.) **Reviewed Date:** January 12, 2026 **What do you like best about Panther?** Detection as code is handy for version control and creating an alert lifecycle (dev/staging/prod) Panther AI Triage is a game changer! Add in Panther MCP and GitHub Co-Pilot and we are on the cusp of fully automating a lot of our work! **What do you dislike about Panther?** Alert pipeline includes unnecessary checks (via yaml and the test cases) that are really perfunctory and don't actually test the logic of the rule in question. Also fits unit testing approach which aligns more with software development than security. **What problems is Panther solving and how is that benefiting you?** Panther is solving the noisy alert/alert fatigue challenge via Panther AI Triage. We can leverage it's insights to then tune our alerts better and narrow down the behaviors we want to protect and alert against. Not to mention we can off load analysis for signals we trust are lower in severity while still allowing a human-in-the-loop to review complex and higher severity alerts. This in turn is allowing our team to scale in ways not previously imagined (essentially being able to do more with less headcount). ### 6. Awesome Detection as Code That Speeds Up Investigations **Rating:** 5.0/5.0 stars **Reviewed by:** Tejas P. | Senior Security Engineer, Small-Business (50 or fewer emp.) **Reviewed Date:** April 28, 2026 **What do you like best about Panther?** Detection as code is awesome. Also, the mcp allows me to work through investigations super quickly. **What do you dislike about Panther?** Not all services are supported, in line with what you'd expect from a new product. **What problems is Panther solving and how is that benefiting you?** It helps speed up D&R as a whole. And with AI getting smarter, DaaC makes a lot of sense ### 7. Purpose-Built SIEM for SecOps at Scale with a Delightful Search and Top-Tier AI SOC **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Health, Wellness and Fitness | Enterprise (> 1000 emp.) **Reviewed Date:** January 27, 2026 **What do you like best about Panther?** Built for what matters in SecOps, detection and response at scale. Panther does not waste time on useless features as everything has purpose and meaning. Their search function has 3 modes, with PantherFlow being very much like KQL and a delight to use. The DAC concepts are top notch and .. their AI SOC functions actually work, Panther AI may be one of the best on the market right now. **What do you dislike about Panther?** I’d prefer if it also supported self-hosting in Azure, in addition to AWS. That said, AWS works perfectly fine for me—it’s really just a matter of personal preference. **What problems is Panther solving and how is that benefiting you?** Complex analysis of Cyber, Fraud, and Product Security events, with AI analysis and assistance to support investigations. Detections as code helps standardize and maintain detection logic in a clear, repeatable way. ### 8. Panther AI Makes Log Analysis and Dashboard Queries Fast and Easy **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Computer & Network Security | Enterprise (> 1000 emp.) **Reviewed Date:** April 29, 2026 **What do you like best about Panther?** The most useful feature is the Panther AI which helps to quickly skim through your logs, create search queries and also queries for creating the dashboard **What do you dislike about Panther?** At times, I run into UI issues with Panther AI when fetching results, and I think this part of the experience could be improved. **What problems is Panther solving and how is that benefiting you?** Visibility and monitoring all the possible areas in our organisation ### 9. Effortless SIEM with Powerful Integrations **Rating:** 5.0/5.0 stars **Reviewed by:** Billy B. **Reviewed Date:** October 09, 2025 **What do you like best about Panther?** I appreciate Panther for precisely meeting our needs and offering great value. Setting up Panther was smooth and easy, and the onboarding mentoring was super helpful. The Terraform interface is very nice for its supported features. Panther closed a critical gap by centralizing security event logs from various systems, simplifying incident investigation and correlation. PantherAI has been a significant help, taking the guesswork out of security incidents and enabling quicker issue identification. The UI is easy to use and navigate, and the alert investigation tools are intuitive. **What do you dislike about Panther?** I would like to see greater Terraform support and the ability to manage rules as code outside of the Panther Analysis repository mechanism. **What problems is Panther solving and how is that benefiting you?** Panther closes critical gaps by centralizing security logs from various systems, enabling easier incident investigation and correlation, and enhancing our ability to identify true positives. ### 10. Great Alert Context and a Clear Development Pipeline **Rating:** 5.0/5.0 stars **Reviewed by:** Alejandro V. | Security Analyst, Mid-Market (51-1000 emp.) **Reviewed Date:** January 21, 2026 **What do you like best about Panther?** Context for alerts, easy easy log source integration and clear development pipeline **What do you dislike about Panther?** Raw log view without a basic summary of each alert unless AI triage is run **What problems is Panther solving and how is that benefiting you?** The alert context is very useful for false positives detection, noise reduction and rule tuning ### 11. Truly the next generation of Security Logging and Monitoring **Rating:** 5.0/5.0 stars **Reviewed by:** Soumitr P. | Tech Lead Security, Mid-Market (51-1000 emp.) **Reviewed Date:** June 04, 2025 **What do you like best about Panther?** Panther has completely imbibed the ethos of Security Data Lake in its product. This will define the future of how all SIEMs will operate. Gone are the days of imagining SIEMs as a pay per GB product where you can make some custom language rules. Security Analysis is essentially a data problem and Panther's approach to solving it is the best in the business. From no nonsense connectors to stellar in built detections, Panther has it all. For companies with low capacity for custom in house detection engineering, it just works. For teams with dedicated detection engineering staff, all the tools to make you successful are available out of the box. The old guard of the SIEM industry are dead and security data lake is the future, with Panther leading the pack in the new generation of security analysis providers. **What do you dislike about Panther?** Only thing I want to see from Panther is for them to start offering a MSSP style solution and staffing a SOC to monitor my Panther alerts! **What problems is Panther solving and how is that benefiting you?** Ingesting, analysing, and alerting on security logs so I can be aware of any security events/incidents that I should be investigating/following up on. ### 12. Best SIEM on the market **Rating:** 5.0/5.0 stars **Reviewed by:** Kyle Jerome T. | Solutions Architect, Small-Business (50 or fewer emp.) **Reviewed Date:** July 29, 2025 **What do you like best about Panther?** If you have a threat hunting culture or have security in your DNA Panther is the product for you. As a Solution Architect implementing SIEM\ SOAR systems, I work with 10 different SIEM products every day. Not only is it the only platform where I write my best detections\ correlations in both the GUI and IDE - but where I also see daily, continued engagement from the D&R and InfoSec teams. Companies that buy Panther are more secure than those that do not as a result. Also their support is miles ahead of any other product on the market. **What do you dislike about Panther?** I would like them to develop dashboards further and export their excellent AI analysis to alert destinations **What problems is Panther solving and how is that benefiting you?** Detection as code ### 13. A SIEM That Works the Way Security Teams Do **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Small-Business (50 or fewer emp.) **Reviewed Date:** July 28, 2025 **What do you like best about Panther?** What stands out the most is how fast and flexible Panther is compared to traditional SIEMs. The detection-as-code approach has completely changed how we build and maintain rules—it’s version-controlled, testable, and easy to adapt as our environment changes. Onboarding cloud logs was surprisingly smooth, and the out-of-the-box normalization saved us a ton of setup time. The platform just feels built for modern security teams that need speed without sacrificing accuracy, and the support team has been phenomenal at helping us with all our questions. **What do you dislike about Panther?** Right now, there isn’t a native way to bring in your own third-party enrichment, and incoming logs can only be enriched if a detection fires that matches its logic, which then applies the enrichment to that triggering event. That said, Panther has “Bring Your Own Enrichment” on their roadmap, and once that’s released, this small gap pretty much disappears. **What problems is Panther solving and how is that benefiting you?** Panther is solving the pain points of traditional SIEMs: slow searches, rigid detection formats, and expensive scaling. For us, this means faster investigations, fewer false positives, and a platform that actually grows with our environment instead of holding it back. ### 14. Panther: Easy, Capable, and Constantly Innovating **Rating:** 5.0/5.0 stars **Reviewed by:** Michael K. | Engineering Manager, Security, Mid-Market (51-1000 emp.) **Reviewed Date:** May 01, 2025 **What do you like best about Panther?** Panther is easy to use and easy to maintain. Between the constant UI and feature improvements (dashboards, correlation detections, log manipulation, etc.) and the support we get from our Panther team, I feel like there are little to no hurdles for implementing the use cases we come up with. **What do you dislike about Panther?** The biggest downside to Panther is probably the immaturity of their dashboard feature (and in fairness, it _is_ in beta). Basic visualization and graphing is easy, but doing more complex analysis and charting still needs some love. **What problems is Panther solving and how is that benefiting you?** Panther is our one-stop-shop for ingesting any of our security logs. We have a need to ensure that new logs are easily ingested and quickly turned into alerting. Panther allows us to set up new ingest endpoints in minutes, allowing integration of non-standard logs without having to architect and engineer an entire ingest pipeline. The ability to quickly infer log structure and mask sensitive data is great, and the resulting logs are easily searchable in a number of different ways (simple text searching, SQL, PantherFlow). ### 15. A giant in the SIEM space **Rating:** 5.0/5.0 stars **Reviewed by:** Zhel P. | Sr. Detection & Response Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** April 29, 2025 **What do you like best about Panther?** I have been utilizing Panther extensively over the past 18 months, and it has consistently proven to be an exceptionally reliable and robust solution. Its flexibility allows users to seamlessly operate via the console or integrate directly with existing CI/CD pipelines. The user interface is notably intuitive and offers multiple sophisticated options for querying data, complemented by customizable dashboards that significantly enhance analytical capabilities. Panther includes numerous pre-built detections that are effortlessly adaptable, making it straightforward to align them with specific environmental requirements. Additionally, authoring detections as code in Python is streamlined and efficient. The platform stands out with valuable features such as comprehensive metadata fields including MITRE ATT&CK mapping, summaries, runbooks, and tagging capabilities. Equally impressive is Panther's outstanding customer support team, whose responsiveness and expertise ensure issues are typically resolved within just a few hours. Their proactive engagement and consistent receptiveness to feedback, reflected clearly in periodic review meetings, continually demonstrate their commitment to customer success. Overall, my experience with Panther has been exceptional, and I strongly recommend it to organizations seeking a versatile, powerful, and user-friendly security solution. **What do you dislike about Panther?** There is nothing that i dislike about the product. **What problems is Panther solving and how is that benefiting you?** We are currently ingesting logs from all corporate and cloud infrastructure into this solution, enabling comprehensive visibility and centralized management of our log data. The implementation process is straightforward and intuitive, requiring minimal effort, and the ongoing management of the platform has proven to be exceptionally simple and efficient. This solution has become our primary tool for detection engineering and forensic log analysis, thanks to its powerful querying capabilities, versatile functionality, and reliability. It seamlessly supports our operational workflows and significantly enhances our capability to quickly detect and respond to security incidents, ultimately strengthening our organization's overall security posture. ### 16. Amazing SIEM for this AND the next generation of defenders! **Rating:** 5.0/5.0 stars **Reviewed by:** Aaron T. | Senior Security Analyst, Mid-Market (51-1000 emp.) **Reviewed Date:** April 28, 2025 **What do you like best about Panther?** Detection-as-code is the next frontier! This platform gives you everything you could want from your old SIEM platform and amplifies it to 11! The support behind the product is as amazing as the product itself, which is a rare trait these days. **What do you dislike about Panther?** Not really a downside but more of a fyi: To make the most of the platform, you want to understand and manage it via CI/CD practices and tooling. Pretty much everything can be done through the UI, but if you really want to get into the weeds and maintain a tight control over detections and alerting, you'll want to have some familiarity with proper CI/CD practices. **What problems is Panther solving and how is that benefiting you?** From having built in packs and schemas for all of our current use cases to supporting our most needed alerting destinations, Panther covers pretty much all of our current needs. The unified search and simple query language for more advanced searches should satisfy all analyst, young to old, green to experienced! Detection-as-code provides us with a huge amount of flexibility for how we would like to create, manage, and deprecate our detection mechanisms. ### 17. The best SIEM for Detection as a Code implemnetation **Rating:** 5.0/5.0 stars **Reviewed by:** Filip S. | Staff Security Engineer - Enterprise Security, Enterprise (> 1000 emp.) **Reviewed Date:** June 11, 2025 **What do you like best about Panther?** There are few key areas where Panther SIEM does an amazing job. First one is the easy way to onboard any log source, it can support various data format and ways to ingest logs, it allows you to easily create parsers and for the out of the box integrations it provides many pre-build detections. Detections can be either written in python or UI low-code builder. There are also capabilities to create scheduled searches and correlation rules. As far as investigation goes there is an AI investigation functionality that is quite good. **What do you dislike about Panther?** Is bit limited on external enrichment providers. Is also limited on the Alert UI as it can't be customised, neither custom statuses can be created, **What problems is Panther solving and how is that benefiting you?** Helping us with security monitoring coverage and threat detection and response. ### 18. Reliable Log Retention and Helpful Signals, But UI Can Be Slow **Rating:** 5.0/5.0 stars **Reviewed by:** Adam B. | Director, Security and Compliance, Mid-Market (51-1000 emp.) **Reviewed Date:** October 24, 2025 **What do you like best about Panther?** The log retention feature is reliable, and querying the logs is straightforward. I also find the signals provided to be quite helpful. **What do you dislike about Panther?** The User Interface can be slow to load at times. **What problems is Panther solving and how is that benefiting you?** Log retention, detection as code, operationalization of detection and response. ### 19. Efficient Code-Driven Alert Management **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Computer Software | Enterprise (> 1000 emp.) **Reviewed Date:** October 17, 2025 **What do you like best about Panther?** Code-driven alert management! Wide range of pre-built alerts. Solid support. Straightforward integration with AWS and anything that can write to AWS S3. **What do you dislike about Panther?** Full `git` integration with a consistent deployment pipeline is challenging to set up and requires a lot of custom workflow implementation and legwork to get fully working. Incomplete story around temporary access credentials and avoiding static/durable credentials. **What problems is Panther solving and how is that benefiting you?** Proactively identify risks and risky behavior, alert on suspicious behavior, perform retrospective analysis to understand causal factors for issues and perform forensics. ### 20. The most intuitive and practical SIEM, designed for modern security teams. **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Small-Business (50 or fewer emp.) **Reviewed Date:** July 29, 2025 **What do you like best about Panther?** Panther is flexible, intuitive and practical. I have used Panther's Console (UI) and their Panther Analysis repository for detection as code quite frequently. The Panther Console is intuitive and configuring integrations was straightforward. I also used Panther quite frequently for Detection as code. One of the ways I like using it is creating new detections that are derived from Panther's detections and adding any custom logic that's needed for my organization. What I like best: - Support for Detection as Code, i.e. version control, validation, CI/CD etc.). - Integrations with popular alert destinations, log sources, etc. - Ease of Implementation / Ease of Integration Bonus: - I found Panther's customer support to be highly responsive and helpful. They were great at assisting my team and I, whether I had a simple technical question or a complex challenge unique to my organization. - Good Documentation and examples within the documentation **What do you dislike about Panther?** Nothing that I necessarily dislike, usually anything that's missing or needed has been added as a feature. One issue came up when using the Panther analysis repository. Merge conflicts can occur when syncing from the upstream panther-analysis repository but a custom workflow can be built as a workaround for that. **What problems is Panther solving and how is that benefiting you?** Panther solves problems related to alert fatigue, slow detection times, and the complexity of managing security at cloud scale. Reduces complexity of security operations. It's benefiting me because I can use Panther's out of the box detections and further customize them with extra logic tailored to my organization. Overall it helps reduce the complexity of security operations and does not take a lot of time to onboard new log sources or configure integrations. ### 21. SaaS Security Operations **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Mid-Market (51-1000 emp.) **Reviewed Date:** May 05, 2025 **What do you like best about Panther?** We've been using Panther for nearly two years, and it's been a fantastic experience. Their commercial team has been consistently fair and transparent, which made the onboarding process smooth and the long-term relationship easy to manage. Support-wise, Panther has been exceptional — fast, knowledgeable, and genuinely helpful whenever we’ve needed them. What’s impressed us most, though, is the platform’s rapid evolution. Since we joined, Panther has rolled out a steady stream of valuable features and native integrations, showing their strong commitment to innovation and customer needs. Panther has become a key part of our security stack, and we’re excited to see how the platform continues to grow. **What do you dislike about Panther?** We work with external consultants who are more familiar with traditional SIEM platforms, so there was a brief adjustment period for them when adapting to Panther’s approach. That said, once they understood the architecture and workflows, things went smoothly. Beyond that, there's very little to dislike — Panther has consistently delivered on both functionality and support. **What problems is Panther solving and how is that benefiting you?** Panther solves our core needs around log aggregation, monitoring, and detection. It provides a scalable and efficient way to manage security events across our cloud infrastructure, with flexibility that fits our engineering-driven workflows. This has helped us streamline threat detection and response while keeping costs predictable. ### 22. Panther AI + Python = Next-Level Detection Engineering **Rating:** 5.0/5.0 stars **Reviewed by:** Brooks B. | Security Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** April 30, 2025 **What do you like best about Panther?** Panther's new AI is a massive time-saver, it instantly pulls the right fields from complex JSON logs. The AI saves me time parsing JSON and more time for responding. The Python-based alerting is a major win too. Writing detection logic feels like proper software development: it's clean, flexible, and testable. The alert testing feature is especially powerful. No more guessing if your logic will work in production. Custom lookup tables to map things like GitHub usernames to employees, or AWS accounts to Terraform workspace, which adds powerful context to our alerts. Implementation and integration was fast and straightforward, easy to add custom features. Their customer support is exceptional — they added a feature the very next day after our request. We use Panther every single day across the team to save hours vs. our old SIEM. **What do you dislike about Panther?** The core platform is strong, but a few things could be smoother. Some UI elements still feel a bit early-stage./ More out-of-the-box templates or integration options would really level up the experience. **What problems is Panther solving and how is that benefiting you?** Panther helps us move fast without breaking things. We’re reducing false positives, accelerating investigations, and building high-quality detections with real engineering discipline. It’s replaced our legacy SIEM with something that feels purpose-built for modern cloud security teams. ### 23. Top technology in the market **Rating:** 4.5/5.0 stars **Reviewed by:** Vinicius F. | Senior Security Engineer, Enterprise (> 1000 emp.) **Reviewed Date:** April 29, 2025 **What do you like best about Panther?** I like many features from Panther, one of the best thing for me is always coming with new improvements that align where the market is pointing out. Also, they are always listening to their customers that provides feedbacks and work as a team to provide a solution. **What do you dislike about Panther?** Fully managing Panther in the long run can bring some operational work regarding updates and upgrades for their detections and the CI/CD pipeline. Those tasks requires more time and experience from teams outside SecOps. **What problems is Panther solving and how is that benefiting you?** For my role here, Panther helps me to have a good visibility regarding my cloud accounts and create policies/alerts for things that I can identify as risk. ### 24. Great Value and Support, But Needs Better Security Dashboards and RBAC **Rating:** 5.0/5.0 stars **Reviewed by:** Mike G. | Head of Security, Compliance, and Technology, Mid-Market (51-1000 emp.) **Reviewed Date:** October 17, 2025 **What do you like best about Panther?** Ease of use and value for money. Excellent customer support and engagement team. **What do you dislike about Panther?** Lack of comprehensive, out of the box, dashboards that focus on security leadership. Additionally, a lack of internal RBAC to create silos of access based on audit log source. **What problems is Panther solving and how is that benefiting you?** Full, cross cloud audit log with scaleability and access that allows rapid triaging of alerts and issues. ### 25. SIEM with best architecture **Rating:** 4.0/5.0 stars **Reviewed by:** Finn (Seonghwan) C. | Senior Security Engineer, Enterprise (> 1000 emp.) **Reviewed Date:** April 29, 2025 **What do you like best about Panther?** I personally think panther is well architectured SIEM that has a enormous potential to growth in various aspect such as volume increases and very flexible architecture for writing detecting rules, especially geared us many tools to help e do detection engieering **What do you dislike about Panther?** Panther also has some latencies, each often ignored in other SIEM solutions. I personally love how panther shows their latencies in plain sight, and make us understand whats happening under detections. I did managed other SIEMs, but these are the first one that has tranaparencies in detection processes. **What problems is Panther solving and how is that benefiting you?** The ease of Integrations and their architecture to ingest more logs with less costs. ### 26. Exceptional Customer Focus and Agile, Tailored Solutions **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Financial Services | Enterprise (> 1000 emp.) **Reviewed Date:** October 22, 2025 **What do you like best about Panther?** Panther works closely with customers to resolve issues efficiently and deliver agile solutions tailored to their needs. **What do you dislike about Panther?** Panther would benefit from having additional custom script–based log collectors to improve flexibility and coverage. **What problems is Panther solving and how is that benefiting you?** Panther delivers comprehensive detection coverage across varied log sources — from cloud infrastructure to application data. ### 27. Great SIEM Solution **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Computer Software | Small-Business (50 or fewer emp.) **Reviewed Date:** April 29, 2025 **What do you like best about Panther?** Panther's user interface is very intuitive, making navigation effortless even for new users. The documentation is both comprehensive and well-written, providing clear guidance throughout. Writing detecting rules in Panther is easy, and Panther provides a robust environment to test the rules. **What do you dislike about Panther?** It's a little tricky to manage the version of the detection rules. The "packs" and "helpers" lack individual version control. This can be workaround by using the CI/CD workflow, but on Panther UI it's not straightforward. **What problems is Panther solving and how is that benefiting you?** Panther is a centralized SIEM solution that provides a great platform for us to manage logs and find issues. ### 28. Great for Writing Detections **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Marketing and Advertising | Mid-Market (51-1000 emp.) **Reviewed Date:** May 08, 2025 **What do you like best about Panther?** Writing detections in Python is super nice. Being able to throw an indicator such as an IP address or username into Panther and having it search everywhere is convenient. **What do you dislike about Panther?** When we make customizations to detection rules, it often causes merge conflicts when syncing from the upstream panther-analysis repo. Custom SQL queries are often slow (on the order of 10 minutes). **What problems is Panther solving and how is that benefiting you?** Having our security relevant logs in one place where we can customize alerting and easily search during manual investigations. ### 29. Great SIEM With Lots of Out of the Box Detections **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Mid-Market (51-1000 emp.) **Reviewed Date:** May 15, 2025 **What do you like best about Panther?** One of the things I like most about Panther is it's Python based detection rules. It easy to start with simple rule writing, but moving to writing more complex rules using Python is a breeze. **What do you dislike about Panther?** As someone responsible for triaging alerts, I’ve found the UI a bit cumbersome—it’s missing some key quality-of-life features that would streamline triaging alerts. Integrating it with automation systems could unlock a lot of value to ease some of this. **What problems is Panther solving and how is that benefiting you?** Panther handles log ingestion and normalization across cloud infrastructure without needing a heavy ELK stack or complex data plumbing. Panther makes it easier to focus on writing detections rather than operating a log ingestion infrastructure. ### 30. Powerful SIEM tool with high customization **Rating:** 5.0/5.0 stars **Reviewed by:** Tyler B. | Security Analyst, Mid-Market (51-1000 emp.) **Reviewed Date:** April 29, 2025 **What do you like best about Panther?** Panther is easily implemented with many integrations to different services available. **What do you dislike about Panther?** Can require some work to configure alerts to better the signal/noise ratio. Updates to detection packs often contain new alerts which need configuring. **What problems is Panther solving and how is that benefiting you?** Panther allows us to aggregate all of our ingestion and alerting into one platform. ### 31. Excellent tool for teams using detection as code **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Computer Software | Mid-Market (51-1000 emp.) **Reviewed Date:** July 13, 2023 **What do you like best about Panther?** Panther is incredibly responsive - it's a definite partnership. The team continues to develop features with input from customers about what is most needed. The ability to write detections in Python is very helpful. New feature rollouts make creating detections and doing searches more accessible to less technical employees. The ability to truly implement detection as code is really cool, but it's not a must to implement Panther. The flexibility of ingesting anything you can get to S3 introduces some up front work, but once a process is established, custom ingestions can be done quickly. **What do you dislike about Panther?** Panther lacks some functionality you expect from the typical SIEM - visualizations specifically lag, but this can be addressed with other tools. There is a fairly steep learning curve if you are not experienced with Python, SQL, and YAML. However, all SIEMs have a fairly steep learning curve. If your team has some experience with development, the languages should be familiar and easy to get the hang of how Panther uses them. **What problems is Panther solving and how is that benefiting you?** Centralized monitoring, detection, and response. Ingesting data via API is straight forward and can be largely templatized for efficiency. Recent additions to ingestion options (like webhooks) will continue to make ingestions more efficient. The ability to work in code is a major benefit for teams committed to a CI/CD environment. ### 32. Flexible and Robust - a Modern SIEM **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Financial Services | Mid-Market (51-1000 emp.) **Reviewed Date:** July 11, 2023 **What do you like best about Panther?** The ability for our detections to be as simple or complex as Python allows is the most significant benefit to Panther as a SIEM. While specific log sources don't necessarily need this, custom log sources (such as an organization's app logs) benefit tremendously from this added flexibility. Panther helps foster collaboration in our environment and provides a tool to which all of Engineering can contribute. The ability to embed our alert building into our existing SDLC to ensure proper custody and approvals before going into production is tremendous. As a partner, Panther is transparent and always provides constant opportunities for feedback and service improvement. The community is growing faster everyday and there are always new alerts being offered for adoption by all of the community. **What do you dislike about Panther?** While it doesn't impact our team, a non-technical Security team could struggle to realize all of the benefits of a SIEM like Panther vs some of the drag-and-drop competitors. **What problems is Panther solving and how is that benefiting you?** Panther helps us solve our problem of centralized visibility and monitoring of our many (often custom) log sources. As a SIEM Panther excels at providing robust and custom alerting mechanisms so we can build out world-class detection and response capabilities. ### 33. Panther - The Best SIEM & Shadow IT! **Rating:** 5.0/5.0 stars **Reviewed by:** Mimoh D. | Head of IT, Mid-Market (51-1000 emp.) **Reviewed Date:** April 11, 2023 **What do you like best about Panther?** Panther is a clear winner for ease of deployment and usability. Their support and customer-success team is very communicative and eager to help. No coding is necessary to integrate the data sources we needed in our tech stack.It has out-of-the-box detections which are immensely useful when you have a very small IT/Infosec Team. The notification setup and Slack integration are seamless. I also love the How-To's for integrations and notifications , which are very well-written **What do you dislike about Panther?** The only improvement I wanted when I started using panther in 2021 was to have assignment for the alerts so that I know who is working on the issue. The Customer Success & Product Team took our feedback & got this rolled out. Now I am happy & there isnt anything I dislike about Panther **What problems is Panther solving and how is that benefiting you?** We have a small team & Panther Tool seems to work as a SOC for us. It makes my team's life easier by automated out of the box detections & log analysis ### 34. Alert Destination features for our Amazon SQS and SNS services are effective for health notification **Rating:** 4.5/5.0 stars **Reviewed by:** Ravi C. | Cloud Engineer, Information Technology and Services, Enterprise (> 1000 emp.) **Reviewed Date:** January 21, 2023 **What do you like best about Panther?** We enable one-way alert synchronization between the Panther console and our incident management platform to generate real-time notifications & updates. Pulling MongoDB and AWS DynamoDB logs is done seamlessly through Panther APIs. To improve detection match rates, we use its Data Replay processing to get transparency about event triggers. **What do you dislike about Panther?** Updation in CloudFormation deployment parameters is required in Panther's backend framework. This will help us to orchestrate our infrastructure monitoring better and reorganize our rules, queries and customer policies. All other features for custom detection, log analysis, and notification is excellent with Panther. **What problems is Panther solving and how is that benefiting you?** Panther gives the privilege to write custom detections & queries for our audit logs for ingesting security events. By enabling its Data Replay, we effectively reduce the time taken to load events and create its retention policy. For real-time health notifications, we integrate Panther with our Amazon Simple Notification Service (SNS) and regulate mail alerts through Simple Queue Service (SQS) for all business-critical applications. We can also override these destination alerts with either rule-based or policy-based metadata inclusions. ### 35. Panther.io -- Modern Security Analytics, Detection & Response **Rating:** 5.0/5.0 stars **Reviewed by:** Timothy K. | Director, Software Engineering & DevSecOps, Mid-Market (51-1000 emp.) **Reviewed Date:** April 17, 2023 **What do you like best about Panther?** Modern, cloud-based architecture. Bring your own Snowflake. Detection as Code (Python & SQL). **What do you dislike about Panther?** Response workflow creation (what to do with a detection) is lackluster and underdeveloped. **What problems is Panther solving and how is that benefiting you?** Log source integration into Snowflake. Detection as code, many good detections out of the box. Security Analytics is super simple, I don't have to worry about any details on the ingest or warehouse. Snowflake storage is super cheap. Amazing post-sales and support team. ### 36. A great and convenient SIEM product to transition to **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Hospital & Health Care | Small-Business (50 or fewer emp.) **Reviewed Date:** May 16, 2023 **What do you like best about Panther?** Overall a very positive experience. It was very easy to deploy and the how-to's and guides throughout were really helpful to help guide and integrate through the new security system. **What do you dislike about Panther?** I feel that there's too much coding needed if you want to fine tuning inclusion and exclusion criteria. These can use more automation and promote more user-friendliness. **What problems is Panther solving and how is that benefiting you?** Panther integrates with various threat intelligence sources, providing up-to-date information on known threats and vulnerabilities. This integration enables the system to correlate real-time events with threat intelligence data, enhancing the accuracy of threat detection and response. The seamless integration with external sources ensures that organizations stay one step ahead of emerging threats. ### 37. "Panther is an easy-to-use, scalable SIEM." **Rating:** 4.0/5.0 stars **Reviewed by:** Eva Sharmin T. | Software Developer, Mid-Market (51-1000 emp.) **Reviewed Date:** October 25, 2022 **What do you like best about Panther?** Panther handles high-volume cloud security log streaming. We tested its capacity to process data from various cloud services and found that it worked fine with AWS, OKTA, and G Suite. The product's out-of-the-box alerts and detections were helpful. Panther is built on Snowflake, which helped us quickly make a backend data warehouse. Panther is a scalable SIEM, enabling us to write detection definitions as code and then automatically push those definitions to our Panther deployment. It is a powerful detections-as-code feature that can make a private copy of this repository to manage custom detections. The back end scales as needed, so we no longer manage servers, load balancers, and other infrastructure for our old SIEM. **What do you dislike about Panther?** The number of customers is still pretty small, and we'd like to have a bigger group of customers with whom we could share ideas. Since detection as code is new, we'd love an online community or user group to exchange rulesets and discuss best practices. Panther has few native integrations, and ingesting data from some sources can be difficult. It also needs more integrations, finer exclusions and allowlists, and resolution/status options in case management. **What problems is Panther solving and how is that benefiting you?** Panther has been a fantastic partner, and their product is truly next-gen. It helped us design a robust detection and incident response program using test-driven development and detection-as-code. We can create powerful detection rules that call REST services, integrate external libraries, and manipulate alerts fluidly. Positive experience overall about Panther's team is responsive, mission-driven, and workable. After watching a Snowflake webinar, we saw a demo, did a POC, and bought it. The product's cloud-first approach has many benefits, which was one of our drivers. ### 38. They are great to work with and get the job done **Rating:** 5.0/5.0 stars **Reviewed by:** Alyshia H. | Advisory Board Member, Small-Business (50 or fewer emp.) **Reviewed Date:** October 25, 2022 **What do you like best about Panther?** They made the language and the coding simple. They also took our challenges of traditional SIEM away. **What do you dislike about Panther?** It was a bit tough to use but that was to be expected. **What problems is Panther solving and how is that benefiting you?** They have helped us a great deal, mainly with speed, and real-time alereting and detection. ### 39. Overall a great SIEM **Rating:** 4.0/5.0 stars **Reviewed by:** John P. | sales, Mid-Market (51-1000 emp.) **Reviewed Date:** October 27, 2022 **What do you like best about Panther?** Having the scalability and flexibility to create an overall positive user experience **What do you dislike about Panther?** The UI is not optimal for my workflow. Having to switch between tabs can be cumbersome **What problems is Panther solving and how is that benefiting you?** Having a secure solution in the SIEM space is rare ### 40. Tech Savvy and User Friendly Design **Rating:** 5.0/5.0 stars **Reviewed by:** Vikas M S. | Service Project Manager, Enterprise (> 1000 emp.) **Reviewed Date:** October 25, 2022 **What do you like best about Panther?** Log monitoring with Panther is like childs play. I havnt seen any other log monitoring tool with such an ease of use. **What do you dislike about Panther?** Nothing so far that i have encountered with this tool **What problems is Panther solving and how is that benefiting you?** Service logs, Cloud App Monitoring, logs monitoring ### 41. Sweet spot between ease of use and technical capabilities. **Rating:** 5.0/5.0 stars **Reviewed by:** Chris P. | VP of Engineering, Mid-Market (51-1000 emp.) **Reviewed Date:** July 14, 2021 **What do you like best about Panther?** The team at Panther are some of the best people I have had the pleasure of interacting with. They have created a great product that mixes technical capability with ease of use. I have used other log monitoring tools that require you to learn complex, proprietary languages, are too difficult to make any use out of them, or are just too simplistic to do anything outside of the box. We were able to get set up and running with Pather quickly, taking advantage of their built-in rules, and their method for creating custom rules will take us into the future. And finally, their support is excellent and someone is always available to answer questions or help out in any way that is needed. **What do you dislike about Panther?** There honestly hasn't been anything I have come across that I dislike. **What problems is Panther solving and how is that benefiting you?** We use Panther to monitor our Cloud applications for security issues that might arise. Panther can monitor logs from many of our applications, including logs from custom services we have created. ### 42. The next iteration of a modern SIEM! Detection-as-code done right! **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Computer Software | Mid-Market (51-1000 emp.) **Reviewed Date:** July 24, 2021 **What do you like best about Panther?** Speed to value. For the past several years, I've been a huge advocate of getting detection engineering to model modern software engineering with version control, test cases and leveraging community contributions. It's normally been things we have had to implement ourselves. With many legacy solutions, it can take months to get something working. We were able to get a fully functioning SIEM with corporate logs, cloud logs and detections turned on within days. The built in primitives that let you test your detections as you develop them was 🤯. Very well thought out and out of the box has things I used to have to spend weeks building with prior solutions. **What do you dislike about Panther?** The product doesn't have decades of development and there are a few features that legacy solutions have built in like dashboarding built in but it can integrate with purpose built tools like tableau, mode, and even python notebooks. **Recommendations to others considering Panther:** The power of the scripting detection language, test driven development and detection as code will save you a ton of headaches doing it early. Panther does this out of the box. **What problems is Panther solving and how is that benefiting you?** A cloud scalable SIEM that's cost effective with a rich detections language. Yes, Panther does a good job doing that. ### 43. A modern SIEM for the ever growing log and event sources that leverages detections as code **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Computer & Network Security | Mid-Market (51-1000 emp.) **Reviewed Date:** July 02, 2021 **What do you like best about Panther?** Panther's approach to detections as code allows our team to implement the same SDLC processes to our detections as the rest of our tooling and in the same language, Python. We build flexible and resilient detections that are thoroughly tested and produce less noisy alerts. Deployments follow our change control processes reducing deployments times and ensuring all detections are peer-reviewed. The Panther team is responsive to requests for assistance, product improvements, and releases new features on a rapid basis. **What do you dislike about Panther?** There isn't anything we currently dislike about the product. Forethought must be put into the management of detection rules and the process for merging upstream changes to prevent it from becoming time consuming or difficult. **Recommendations to others considering Panther:** Review the set of natively supported systems and your ability to implement log shippers for anything not on the list. **What problems is Panther solving and how is that benefiting you?** We are building fully auditable security detection and monitoring processes, reducing time to detect security events, and improving efficiency in investigations. The ability to make detections as code, use pipelines for testing and continuous deployment. A side effect of the detection as code philosophy is that it is easier to onboard security engineers with less traditional backgrounds, especially software engineering backgrounds. ### 44. Great for cloud logging, especially AWS **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Management Consulting | Mid-Market (51-1000 emp.) **Reviewed Date:** July 10, 2021 **What do you like best about Panther?** Panther was a refreshing change for our team. We got out of spending time managing servers and infrastructure. We also avoided a lot of costs by moving away from an expensive Splunk license. Our favorite capabilities were: 1. streaming of cloud logs into Snowflake 2. Built on snowflake, so was super fast and reliable. 3 serverless - so easy! 4. easy detections as code in realtime using python. **What do you dislike about Panther?** Product was great at speed and power, but lacked in some usability. This was only an issue during onboarding. Their team supported us and walked us through some of the less intuitive areas, now we love it. **What problems is Panther solving and how is that benefiting you?** Lower costs for licenses and infrastructure, much faster performance on queries, now have real-time alerting and detection. Lightening fast streaming of all of our cloud logs. ### 45. Panther is a world-class solution to complex information security problems **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Computer Software | Mid-Market (51-1000 emp.) **Reviewed Date:** July 02, 2021 **What do you like best about Panther?** Onboarding is incredibly simple, detections as code allow for nearly infinite power and possibility, and being able to query all my disparate data from a single location. Panther is simple and intuitive to use yet still incredibly powerful and flexible. **What do you dislike about Panther?** I've had a few, but they've mostly been addressed via continued feature improvement. Nothing immediately comes to mind based on my current use cases. **What problems is Panther solving and how is that benefiting you?** Problems: Managing large volumes of log data across a variety of platforms and enormous cloud sprawl. Threat hunting and detection Cloud security misconfiguration detection and remediation Benefits: Force amplification for a small team Data visibility Flexible response mechanisms ### 46. A non-traditional SIEM that boosts detection as code **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Enterprise (> 1000 emp.) **Reviewed Date:** June 30, 2021 **What do you like best about Panther?** The possibility to write detections as code with Python **What do you dislike about Panther?** We have not found anything that we dislike, that is why we have onboarded them as a vendor **Recommendations to others considering Panther:** Love the product, it just works and the team behind is always willing to listen and adapt the new features to meet our requirements. **What problems is Panther solving and how is that benefiting you?** Building detections as code reliably and in a timely fashion and having a detection pipeline to continuously test and deploy them. ### 47. Great team & modern vision **Rating:** 5.0/5.0 stars **Reviewed by:** Aaron Z. | CISO, Mid-Market (51-1000 emp.) **Reviewed Date:** July 20, 2021 **What do you like best about Panther?** Alignment of eng and alert mgt practices **What do you dislike about Panther?** Limited pre-existing ecosystem (vendors, alert packs) **What problems is Panther solving and how is that benefiting you?** ProdSec & CorpSec monitoring; pervasive data in prod AWS ### 48. Next gen open alert SIEM **Rating:** 2.5/5.0 stars **Reviewed by:** Akash M. | Volunteer, Small-Business (50 or fewer emp.) **Reviewed Date:** August 04, 2021 **What do you like best about Panther?** The integration and API mostly the alerting system **What do you dislike about Panther?** Poor response time from developers and no vendor support **What problems is Panther solving and how is that benefiting you?** Traditional SIEM alerting is costing for integrate with group aleart system but the benefits is using panther it's free ### 49. Good **Rating:** 3.5/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Enterprise (> 1000 emp.) **Reviewed Date:** July 19, 2021 **What do you like best about Panther?** Panther team and their support always help **What do you dislike about Panther?** Sill not easy to search for an IoC with the license that we currently have **What problems is Panther solving and how is that benefiting you?** Log analysis ## Panther Discussions - [What is Panther used for?](https://www.g2.com/discussions/what-is-panther-used-for) - 1 comment - [View Panther pricing details and edition comparison](https://www.g2.com/products/panther/reviews?section=pricing&secure%5Bexpires_at%5D=2026-06-12+10%3A56%3A10+-0500&secure%5Bsession_id%5D=97bc35fb-a388-490f-8e6a-686448dd9892&secure%5Btoken%5D=790e338b1482b18a22700a5ad8af7b776f533ad902b0a0d767ddd701ac0b934a&format=llm_user) ## Panther Integrations - [AWS CloudFormation](https://www.g2.com/products/aws-aws-cloudformation/reviews) - [Cloudflare One (SASE)](https://www.g2.com/products/cloudflare-one-sase/reviews) - [CrowdStrike Falcon Endpoint Protection Platform](https://www.g2.com/products/crowdstrike-falcon-endpoint-protection-platform/reviews) - [GitLab](https://www.g2.com/products/gitlab/reviews) - [Google Cloud Storage](https://www.g2.com/products/google-cloud-storage/reviews) - [Google Kubernetes Engine (GKE)](https://www.g2.com/products/google-kubernetes-engine-gke/reviews) - [Google Workspace](https://www.g2.com/products/google-workspace/reviews) - [Jira](https://www.g2.com/products/jira/reviews) - [Okta](https://www.g2.com/products/okta/reviews) - [Orca Security](https://www.g2.com/products/orca-security/reviews) - [Recorded Future](https://www.g2.com/products/recorded-future/reviews) - [ServiceNow IT Service Management](https://www.g2.com/products/servicenow-it-service-management/reviews) - [Slack](https://www.g2.com/products/slack/reviews) - [Tines](https://www.g2.com/products/tines/reviews) - [Torq AI SOC Platform](https://www.g2.com/products/torq-ai-soc-platform/reviews) - [Wiz](https://www.g2.com/products/wiz-wiz/reviews) ## Panther Features **Activity Monitoring** - Usage Monitoring - Database Monitoring - API Monitoring - Activity Monitoring **Data Preparation** - Data Sources - Indexing - Automated Tagging - Data Blending **Threat Detection & Triage - AI SOC Agents** - Anomaly Detection & Correlation - False‑Positive Suppression - AI‑Driven Alert Triage **Cloud Visibility** - Data Discovery - Cloud Registry - Cloud Gap Analytics **Network Management** - Activity Monitoring - Asset Management - Log Management **Security** - Compliance Monitoring - Risk Analysis - Reporting **Analysis** - Track Trends - Detect Anomalies - Metric and Event Data - Search - Alerts - Live Tail **Investigation & Enrichment - AI SOC Agents** - Autonomous Case Investigation - Contextual Enrichment from Multiple Sources - Attack Path Mapping **Security** - Data Security - Security Auditing **Incident Management** - Event Management - Automated Response - Incident Reporting **Administration** - Security Automation - Security Integration - Multicloud Visibility **Visualization** - Dashboards - Data Discovery **Response & Remediation - AI SOC Agents** - Mean Time Reduction Metrics - Playbook‑Free Dynamic Workflows - Automated Response Execution **Identity** - SSO - Governance - User Analytics **Security Intelligence** - Threat Intelligence - Vulnerability Assessment - Advanced Analytics - Data Examination **Agentic AI - Security Information and Event Management (SIEM)** - Autonomous Task Execution - Multi-step Planning - Proactive Assistance - Decision Making **Agentic AI - Cloud Security Monitoring and Analytics** - Autonomous Task Execution - Proactive Assistance - Decision Making **Agentic AI - Log Analysis** - Autonomous Task Execution - Multi-step Planning - Cross-system Integration - Adaptive Learning - Natural Language Interaction - Proactive Assistance - Decision Making **InfoSec Experience & Governance - AI SOC Agents** - Conversational Analyst Interface - Manual Feedback Learning Loop - Explainability & Audit Trail ## Top Panther Alternatives - [Datadog](https://www.g2.com/products/datadog/reviews) - 4.4/5.0 (708 reviews) - [Sumo Logic](https://www.g2.com/products/sumo-logic/reviews) - 4.3/5.0 (389 reviews) - [Splunk Enterprise](https://www.g2.com/products/splunk-enterprise/reviews) - 4.3/5.0 (414 reviews)