Panther Reviews & Product Details

The support team is responsive and provides detailed guidance when we need help.

The platform is easy to implement and operate, even with a small team. Through its intuitive interface and AI capabilities, a small security team can work as effectively as larger ones.

Cost predictability is a significant advantage. Panther's cost structure allows us to forecast our security budget accurately, which is important for planning.

The MCP (Model Context Protocol) integration lets us build custom detection rules that combine Panther's data with our local data sources for tailored threat detection. MCP and PantherAI also help non-native English speakers quickly understand complex security information, reducing language barriers across our team. Review collected by and hosted on G2.com.

I don't have any significant concerns or areas where I feel Panther needs improvement. Review collected by and hosted on G2.com.

Detection as code is handy for version control and creating an alert lifecycle (dev/staging/prod) Panther AI Triage is a game changer! Add in Panther MCP and GitHub Co-Pilot and we are on the cusp of fully automating a lot of our work! Review collected by and hosted on G2.com.

Alert pipeline includes unnecessary checks (via yaml and the test cases) that are really perfunctory and don't actually test the logic of the rule in question. Also fits unit testing approach which aligns more with software development than security. Review collected by and hosted on G2.com.

Built for what matters in SecOps, detection and response at scale. Panther does not waste time on useless features as everything has purpose and meaning. Their search function has 3 modes, with PantherFlow being very much like KQL and a delight to use. The DAC concepts are top notch and .. their AI SOC functions actually work, Panther AI may be one of the best on the market right now. Review collected by and hosted on G2.com.

I’d prefer if it also supported self-hosting in Azure, in addition to AWS. That said, AWS works perfectly fine for me—it’s really just a matter of personal preference. Review collected by and hosted on G2.com.

I appreciate Panther for precisely meeting our needs and offering great value. Setting up Panther was smooth and easy, and the onboarding mentoring was super helpful. The Terraform interface is very nice for its supported features. Panther closed a critical gap by centralizing security event logs from various systems, simplifying incident investigation and correlation. PantherAI has been a significant help, taking the guesswork out of security incidents and enabling quicker issue identification. The UI is easy to use and navigate, and the alert investigation tools are intuitive. Review collected by and hosted on G2.com.

I would like to see greater Terraform support and the ability to manage rules as code outside of the Panther Analysis repository mechanism. Review collected by and hosted on G2.com.

Context for alerts, easy easy log source integration and clear development pipeline Review collected by and hosted on G2.com.

Raw log view without a basic summary of each alert unless AI triage is run Review collected by and hosted on G2.com.

Panther has completely imbibed the ethos of Security Data Lake in its product. This will define the future of how all SIEMs will operate. Gone are the days of imagining SIEMs as a pay per GB product where you can make some custom language rules. Security Analysis is essentially a data problem and Panther's approach to solving it is the best in the business.

From no nonsense connectors to stellar in built detections, Panther has it all. For companies with low capacity for custom in house detection engineering, it just works. For teams with dedicated detection engineering staff, all the tools to make you successful are available out of the box.

The old guard of the SIEM industry are dead and security data lake is the future, with Panther leading the pack in the new generation of security analysis providers. Review collected by and hosted on G2.com.

Only thing I want to see from Panther is for them to start offering a MSSP style solution and staffing a SOC to monitor my Panther alerts! Review collected by and hosted on G2.com.

If you have a threat hunting culture or have security in your DNA Panther is the product for you. As a Solution Architect implementing SIEM\ SOAR systems, I work with 10 different SIEM products every day. Not only is it the only platform where I write my best detections\ correlations in both the GUI and IDE - but where I also see daily, continued engagement from the D&R and InfoSec teams. Companies that buy Panther are more secure than those that do not as a result. Also their support is miles ahead of any other product on the market. Review collected by and hosted on G2.com.

I would like them to develop dashboards further and export their excellent AI analysis to alert destinations Review collected by and hosted on G2.com.

What stands out the most is how fast and flexible Panther is compared to traditional SIEMs. The detection-as-code approach has completely changed how we build and maintain rules—it’s version-controlled, testable, and easy to adapt as our environment changes. Onboarding cloud logs was surprisingly smooth, and the out-of-the-box normalization saved us a ton of setup time. The platform just feels built for modern security teams that need speed without sacrificing accuracy, and the support team has been phenomenal at helping us with all our questions. Review collected by and hosted on G2.com.

Right now, there isn’t a native way to bring in your own third-party enrichment, and incoming logs can only be enriched if a detection fires that matches its logic, which then applies the enrichment to that triggering event. That said, Panther has “Bring Your Own Enrichment” on their roadmap, and once that’s released, this small gap pretty much disappears. Review collected by and hosted on G2.com.

Panther is easy to use and easy to maintain. Between the constant UI and feature improvements (dashboards, correlation detections, log manipulation, etc.) and the support we get from our Panther team, I feel like there are little to no hurdles for implementing the use cases we come up with. Review collected by and hosted on G2.com.

The biggest downside to Panther is probably the immaturity of their dashboard feature (and in fairness, it _is_ in beta). Basic visualization and graphing is easy, but doing more complex analysis and charting still needs some love. Review collected by and hosted on G2.com.

I have been utilizing Panther extensively over the past 18 months, and it has consistently proven to be an exceptionally reliable and robust solution. Its flexibility allows users to seamlessly operate via the console or integrate directly with existing CI/CD pipelines. The user interface is notably intuitive and offers multiple sophisticated options for querying data, complemented by customizable dashboards that significantly enhance analytical capabilities.

Panther includes numerous pre-built detections that are effortlessly adaptable, making it straightforward to align them with specific environmental requirements. Additionally, authoring detections as code in Python is streamlined and efficient. The platform stands out with valuable features such as comprehensive metadata fields including MITRE ATT&CK mapping, summaries, runbooks, and tagging capabilities.

Equally impressive is Panther's outstanding customer support team, whose responsiveness and expertise ensure issues are typically resolved within just a few hours. Their proactive engagement and consistent receptiveness to feedback, reflected clearly in periodic review meetings, continually demonstrate their commitment to customer success.

Overall, my experience with Panther has been exceptional, and I strongly recommend it to organizations seeking a versatile, powerful, and user-friendly security solution. Review collected by and hosted on G2.com.

There is nothing that i dislike about the product. Review collected by and hosted on G2.com.