What do you like best about the product?

Detection-as-code is the next frontier! This platform gives you everything you could want from your old SIEM platform and amplifies it to 11! The support behind the product is as amazing as the product itself, which is a rare trait these days.

What do you dislike about the product?

Not really a downside but more of a fyi: To make the most of the platform, you want to understand and manage it via CI/CD practices and tooling. Pretty much everything can be done through the UI, but if you really want to get into the weeds and maintain a tight control over detections and alerting, you'll want to have some familiarity with proper CI/CD practices.

What problems is the product solving and how is that benefiting you?

From having built in packs and schemas for all of our current use cases to supporting our most needed alerting destinations, Panther covers pretty much all of our current needs. The unified search and simple query language for more advanced searches should satisfy all analyst, young to old, green to experienced!
Detection-as-code provides us with a huge amount of flexibility for how we would like to create, manage, and deprecate our detection mechanisms.