Original post

Hey HN,

My name is Jack Naglieri. I’m the founder of Panther Labs – an SF-based cybersecurity startup. Prior to Panther, I was an engineering manager at Airbnb. Before that a security engineer/analyst/forensic analyst.

Today, I’m excited to announce Panther v1.0, an open source, cloud-native SIEM:


Teams can use Panther as an alternative to traditional SIEMs like Splunk.

Panther is the culmination of our team’s experience building security tools at scale, including StreamAlert at Airbnb and critical internal monitoring systems at Amazon.

Panther runs entirely on serverless to enable small teams to detect threats at scale. Our backend is Golang and our frontend is React/Typescript. Panther is also self-hosted and uses Python3 for flexible detections.

At a high level:

– Panther receives security logs

– Panther baseline scans cloud infra and determines security posture

– All data is saved to your data warehouse (powered by Athena/Glue/S3)

– Alerts are dispatched to your team via Slack, PagerDuty, etc

– Automatic remediations can also be applied to fix infrastructure

Panther v1.0 includes support for:

– Analyzing logs from AWS, OSS tools such as Osquery, OSSEC, Suricata, and more

– Threat hunting on all your security data with standardized fields (IPs, domains, etc)

– Real-time cloud configuration monitoring

– 150+ built-in detections

– A UI for creating, updating and tuning detections

To get started:

– Quick-start: https://docs.runpanther.io/quick-start

– Read our v1.0 announcement: https://blog.runpanther.io/panther-v1-open-source-siem/

– Register for our webinar tomorrow: https://webinars.runpanther.io/panther-101

You can also find us on Slack (https://panther-labs-oss-slackin.herokuapp.com/), Twitter (@panther__labs), and Github (github.com/panther-labs/panther).

We’re happy to answer your questions. Just drop a message here.


We also send our best wishes to those affected by COVID-19