What do you like best about the product?

The ability for our detections to be as simple or complex as Python allows is the most significant benefit to Panther as a SIEM. While specific log sources don't necessarily need this, custom log sources (such as an organization's app logs) benefit tremendously from this added flexibility. Panther helps foster collaboration in our environment and provides a tool to which all of Engineering can contribute. The ability to embed our alert building into our existing SDLC to ensure proper custody and approvals before going into production is tremendous. As a partner, Panther is transparent and always provides constant opportunities for feedback and service improvement. The community is growing faster everyday and there are always new alerts being offered for adoption by all of the community.

What do you dislike about the product?

While it doesn't impact our team, a non-technical Security team could struggle to realize all of the benefits of a SIEM like Panther vs some of the drag-and-drop competitors.

What problems is the product solving and how is that benefiting you?

Panther helps us solve our problem of centralized visibility and monitoring of our many (often custom) log sources. As a SIEM Panther excels at providing robust and custom alerting mechanisms so we can build out world-class detection and response capabilities.