Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Great SIEM With Lots of Out of the Box Detections
What do you like best about the product?
One of the things I like most about Panther is it's Python based detection rules. It easy to start with simple rule writing, but moving to writing more complex rules using Python is a breeze.
What do you dislike about the product?
As someone responsible for triaging alerts, I’ve found the UI a bit cumbersome—it’s missing some key quality-of-life features that would streamline triaging alerts. Integrating it with automation systems could unlock a lot of value to ease some of this.
What problems is the product solving and how is that benefiting you?
Panther handles log ingestion and normalization across cloud infrastructure without needing a heavy ELK stack or complex data plumbing. Panther makes it easier to focus on writing detections rather than operating a log ingestion infrastructure.
- Leave a Comment |
- Mark review as helpful
Great for Writing Detections
What do you like best about the product?
Writing detections in Python is super nice.
Being able to throw an indicator such as an IP address or username into Panther and having it search everywhere is convenient.
Being able to throw an indicator such as an IP address or username into Panther and having it search everywhere is convenient.
What do you dislike about the product?
When we make customizations to detection rules, it often causes merge conflicts when syncing from the upstream panther-analysis repo.
Custom SQL queries are often slow (on the order of 10 minutes).
Custom SQL queries are often slow (on the order of 10 minutes).
What problems is the product solving and how is that benefiting you?
Having our security relevant logs in one place where we can customize alerting and easily search during manual investigations.
SaaS Security Operations
What do you like best about the product?
We've been using Panther for nearly two years, and it's been a fantastic experience. Their commercial team has been consistently fair and transparent, which made the onboarding process smooth and the long-term relationship easy to manage.
Support-wise, Panther has been exceptional — fast, knowledgeable, and genuinely helpful whenever we’ve needed them. What’s impressed us most, though, is the platform’s rapid evolution. Since we joined, Panther has rolled out a steady stream of valuable features and native integrations, showing their strong commitment to innovation and customer needs.
Panther has become a key part of our security stack, and we’re excited to see how the platform continues to grow.
Support-wise, Panther has been exceptional — fast, knowledgeable, and genuinely helpful whenever we’ve needed them. What’s impressed us most, though, is the platform’s rapid evolution. Since we joined, Panther has rolled out a steady stream of valuable features and native integrations, showing their strong commitment to innovation and customer needs.
Panther has become a key part of our security stack, and we’re excited to see how the platform continues to grow.
What do you dislike about the product?
We work with external consultants who are more familiar with traditional SIEM platforms, so there was a brief adjustment period for them when adapting to Panther’s approach. That said, once they understood the architecture and workflows, things went smoothly. Beyond that, there's very little to dislike — Panther has consistently delivered on both functionality and support.
What problems is the product solving and how is that benefiting you?
Panther solves our core needs around log aggregation, monitoring, and detection. It provides a scalable and efficient way to manage security events across our cloud infrastructure, with flexibility that fits our engineering-driven workflows. This has helped us streamline threat detection and response while keeping costs predictable.
Panther: Easy, Capable, and Constantly Innovating
What do you like best about the product?
Panther is easy to use and easy to maintain. Between the constant UI and feature improvements (dashboards, correlation detections, log manipulation, etc.) and the support we get from our Panther team, I feel like there are little to no hurdles for implementing the use cases we come up with.
What do you dislike about the product?
The biggest downside to Panther is probably the immaturity of their dashboard feature (and in fairness, it _is_ in beta). Basic visualization and graphing is easy, but doing more complex analysis and charting still needs some love.
What problems is the product solving and how is that benefiting you?
Panther is our one-stop-shop for ingesting any of our security logs. We have a need to ensure that new logs are easily ingested and quickly turned into alerting. Panther allows us to set up new ingest endpoints in minutes, allowing integration of non-standard logs without having to architect and engineer an entire ingest pipeline. The ability to quickly infer log structure and mask sensitive data is great, and the resulting logs are easily searchable in a number of different ways (simple text searching, SQL, PantherFlow).
Panther AI + Python = Next-Level Detection Engineering
What do you like best about the product?
Panther's new AI is a massive time-saver, it instantly pulls the right fields from complex JSON logs. The AI saves me time parsing JSON and more time for responding. The Python-based alerting is a major win too. Writing detection logic feels like proper software development: it's clean, flexible, and testable. The alert testing feature is especially powerful. No more guessing if your logic will work in production. Custom lookup tables to map things like GitHub usernames to employees, or AWS accounts to Terraform workspace, which adds powerful context to our alerts. Implementation and integration was fast and straightforward, easy to add custom features. Their customer support is exceptional — they added a feature the very next day after our request. We use Panther every single day across the team to save hours vs. our old SIEM.
What do you dislike about the product?
The core platform is strong, but a few things could be smoother. Some UI elements still feel a bit early-stage./ More out-of-the-box templates or integration options would really level up the experience.
What problems is the product solving and how is that benefiting you?
Panther helps us move fast without breaking things. We’re reducing false positives, accelerating investigations, and building high-quality detections with real engineering discipline. It’s replaced our legacy SIEM with something that feels purpose-built for modern cloud security teams.
Great SIEM Solution
What do you like best about the product?
Panther's user interface is very intuitive, making navigation effortless even for new users. The documentation is both comprehensive and well-written, providing clear guidance throughout. Writing detecting rules in Panther is easy, and Panther provides a robust environment to test the rules.
What do you dislike about the product?
It's a little tricky to manage the version of the detection rules. The "packs" and "helpers" lack individual version control. This can be workaround by using the CI/CD workflow, but on Panther UI it's not straightforward.
What problems is the product solving and how is that benefiting you?
Panther is a centralized SIEM solution that provides a great platform for us to manage logs and find issues.
Powerful SIEM tool with high customization
What do you like best about the product?
Panther is easily implemented with many integrations to different services available.
What do you dislike about the product?
Can require some work to configure alerts to better the signal/noise ratio. Updates to detection packs often contain new alerts which need configuring.
What problems is the product solving and how is that benefiting you?
Panther allows us to aggregate all of our ingestion and alerting into one platform.
SIEM with best architecture
What do you like best about the product?
I personally think panther is well architectured SIEM that has a enormous potential to growth in various aspect such as volume increases and very flexible architecture for writing detecting rules, especially geared us many tools to help e do detection engieering
What do you dislike about the product?
Panther also has some latencies, each often ignored in other SIEM solutions.
I personally love how panther shows their latencies in plain sight, and make us understand whats happening under detections. I did managed other SIEMs, but these are the first one that has tranaparencies in detection processes.
I personally love how panther shows their latencies in plain sight, and make us understand whats happening under detections. I did managed other SIEMs, but these are the first one that has tranaparencies in detection processes.
What problems is the product solving and how is that benefiting you?
The ease of Integrations and their architecture to ingest more logs with less costs.
Top technology in the market
What do you like best about the product?
I like many features from Panther, one of the best thing for me is always coming with new improvements that align where the market is pointing out. Also, they are always listening to their customers that provides feedbacks and work as a team to provide a solution.
What do you dislike about the product?
Fully managing Panther in the long run can bring some operational work regarding updates and upgrades for their detections and the CI/CD pipeline. Those tasks requires more time and experience from teams outside SecOps.
What problems is the product solving and how is that benefiting you?
For my role here, Panther helps me to have a good visibility regarding my cloud accounts and create policies/alerts for things that I can identify as risk.
A giant in the SIEM space
What do you like best about the product?
I have been utilizing Panther extensively over the past 18 months, and it has consistently proven to be an exceptionally reliable and robust solution. Its flexibility allows users to seamlessly operate via the console or integrate directly with existing CI/CD pipelines. The user interface is notably intuitive and offers multiple sophisticated options for querying data, complemented by customizable dashboards that significantly enhance analytical capabilities.
Panther includes numerous pre-built detections that are effortlessly adaptable, making it straightforward to align them with specific environmental requirements. Additionally, authoring detections as code in Python is streamlined and efficient. The platform stands out with valuable features such as comprehensive metadata fields including MITRE ATT&CK mapping, summaries, runbooks, and tagging capabilities.
Equally impressive is Panther's outstanding customer support team, whose responsiveness and expertise ensure issues are typically resolved within just a few hours. Their proactive engagement and consistent receptiveness to feedback, reflected clearly in periodic review meetings, continually demonstrate their commitment to customer success.
Overall, my experience with Panther has been exceptional, and I strongly recommend it to organizations seeking a versatile, powerful, and user-friendly security solution.
Panther includes numerous pre-built detections that are effortlessly adaptable, making it straightforward to align them with specific environmental requirements. Additionally, authoring detections as code in Python is streamlined and efficient. The platform stands out with valuable features such as comprehensive metadata fields including MITRE ATT&CK mapping, summaries, runbooks, and tagging capabilities.
Equally impressive is Panther's outstanding customer support team, whose responsiveness and expertise ensure issues are typically resolved within just a few hours. Their proactive engagement and consistent receptiveness to feedback, reflected clearly in periodic review meetings, continually demonstrate their commitment to customer success.
Overall, my experience with Panther has been exceptional, and I strongly recommend it to organizations seeking a versatile, powerful, and user-friendly security solution.
What do you dislike about the product?
There is nothing that i dislike about the product.
What problems is the product solving and how is that benefiting you?
We are currently ingesting logs from all corporate and cloud infrastructure into this solution, enabling comprehensive visibility and centralized management of our log data. The implementation process is straightforward and intuitive, requiring minimal effort, and the ongoing management of the platform has proven to be exceptionally simple and efficient.
This solution has become our primary tool for detection engineering and forensic log analysis, thanks to its powerful querying capabilities, versatile functionality, and reliability. It seamlessly supports our operational workflows and significantly enhances our capability to quickly detect and respond to security incidents, ultimately strengthening our organization's overall security posture.
This solution has become our primary tool for detection engineering and forensic log analysis, thanks to its powerful querying capabilities, versatile functionality, and reliability. It seamlessly supports our operational workflows and significantly enhances our capability to quickly detect and respond to security incidents, ultimately strengthening our organization's overall security posture.
showing 1 - 10