Panther Reviews & Product Details

Detection as code is handy for version control and creating an alert lifecycle (dev/staging/prod) Panther AI Triage is a game changer! Add in Panther MCP and GitHub Co-Pilot and we are on the cusp of fully automating a lot of our work! Review collected by and hosted on G2.com.

Alert pipeline includes unnecessary checks (via yaml and the test cases) that are really perfunctory and don't actually test the logic of the rule in question. Also fits unit testing approach which aligns more with software development than security. Review collected by and hosted on G2.com.

I appreciate Panther for precisely meeting our needs and offering great value. Setting up Panther was smooth and easy, and the onboarding mentoring was super helpful. The Terraform interface is very nice for its supported features. Panther closed a critical gap by centralizing security event logs from various systems, simplifying incident investigation and correlation. PantherAI has been a significant help, taking the guesswork out of security incidents and enabling quicker issue identification. The UI is easy to use and navigate, and the alert investigation tools are intuitive. Review collected by and hosted on G2.com.

I would like to see greater Terraform support and the ability to manage rules as code outside of the Panther Analysis repository mechanism. Review collected by and hosted on G2.com.

Panther has completely imbibed the ethos of Security Data Lake in its product. This will define the future of how all SIEMs will operate. Gone are the days of imagining SIEMs as a pay per GB product where you can make some custom language rules. Security Analysis is essentially a data problem and Panther's approach to solving it is the best in the business.

From no nonsense connectors to stellar in built detections, Panther has it all. For companies with low capacity for custom in house detection engineering, it just works. For teams with dedicated detection engineering staff, all the tools to make you successful are available out of the box.

The old guard of the SIEM industry are dead and security data lake is the future, with Panther leading the pack in the new generation of security analysis providers. Review collected by and hosted on G2.com.

Only thing I want to see from Panther is for them to start offering a MSSP style solution and staffing a SOC to monitor my Panther alerts! Review collected by and hosted on G2.com.

If you have a threat hunting culture or have security in your DNA Panther is the product for you. As a Solution Architect implementing SIEM\ SOAR systems, I work with 10 different SIEM products every day. Not only is it the only platform where I write my best detections\ correlations in both the GUI and IDE - but where I also see daily, continued engagement from the D&R and InfoSec teams. Companies that buy Panther are more secure than those that do not as a result. Also their support is miles ahead of any other product on the market. Review collected by and hosted on G2.com.

I would like them to develop dashboards further and export their excellent AI analysis to alert destinations Review collected by and hosted on G2.com.

What stands out the most is how fast and flexible Panther is compared to traditional SIEMs. The detection-as-code approach has completely changed how we build and maintain rules—it’s version-controlled, testable, and easy to adapt as our environment changes. Onboarding cloud logs was surprisingly smooth, and the out-of-the-box normalization saved us a ton of setup time. The platform just feels built for modern security teams that need speed without sacrificing accuracy, and the support team has been phenomenal at helping us with all our questions. Review collected by and hosted on G2.com.

Right now, there isn’t a native way to bring in your own third-party enrichment, and incoming logs can only be enriched if a detection fires that matches its logic, which then applies the enrichment to that triggering event. That said, Panther has “Bring Your Own Enrichment” on their roadmap, and once that’s released, this small gap pretty much disappears. Review collected by and hosted on G2.com.

Panther is easy to use and easy to maintain. Between the constant UI and feature improvements (dashboards, correlation detections, log manipulation, etc.) and the support we get from our Panther team, I feel like there are little to no hurdles for implementing the use cases we come up with. Review collected by and hosted on G2.com.

The biggest downside to Panther is probably the immaturity of their dashboard feature (and in fairness, it _is_ in beta). Basic visualization and graphing is easy, but doing more complex analysis and charting still needs some love. Review collected by and hosted on G2.com.

I have been utilizing Panther extensively over the past 18 months, and it has consistently proven to be an exceptionally reliable and robust solution. Its flexibility allows users to seamlessly operate via the console or integrate directly with existing CI/CD pipelines. The user interface is notably intuitive and offers multiple sophisticated options for querying data, complemented by customizable dashboards that significantly enhance analytical capabilities.

Panther includes numerous pre-built detections that are effortlessly adaptable, making it straightforward to align them with specific environmental requirements. Additionally, authoring detections as code in Python is streamlined and efficient. The platform stands out with valuable features such as comprehensive metadata fields including MITRE ATT&CK mapping, summaries, runbooks, and tagging capabilities.

Equally impressive is Panther's outstanding customer support team, whose responsiveness and expertise ensure issues are typically resolved within just a few hours. Their proactive engagement and consistent receptiveness to feedback, reflected clearly in periodic review meetings, continually demonstrate their commitment to customer success.

Overall, my experience with Panther has been exceptional, and I strongly recommend it to organizations seeking a versatile, powerful, and user-friendly security solution. Review collected by and hosted on G2.com.

There is nothing that i dislike about the product. Review collected by and hosted on G2.com.

Detection-as-code is the next frontier! This platform gives you everything you could want from your old SIEM platform and amplifies it to 11! The support behind the product is as amazing as the product itself, which is a rare trait these days. Review collected by and hosted on G2.com.

Not really a downside but more of a fyi: To make the most of the platform, you want to understand and manage it via CI/CD practices and tooling. Pretty much everything can be done through the UI, but if you really want to get into the weeds and maintain a tight control over detections and alerting, you'll want to have some familiarity with proper CI/CD practices. Review collected by and hosted on G2.com.

There are few key areas where Panther SIEM does an amazing job. First one is the easy way to onboard any log source, it can support various data format and ways to ingest logs, it allows you to easily create parsers and for the out of the box integrations it provides many pre-build detections. Detections can be either written in python or UI low-code builder. There are also capabilities to create scheduled searches and correlation rules. As far as investigation goes there is an AI investigation functionality that is quite good. Review collected by and hosted on G2.com.

Is bit limited on external enrichment providers. Is also limited on the Alert UI as it can't be customised, neither custom statuses can be created, Review collected by and hosted on G2.com.

The log retention feature is reliable, and querying the logs is straightforward. I also find the signals provided to be quite helpful. Review collected by and hosted on G2.com.

The User Interface can be slow to load at times. Review collected by and hosted on G2.com.