Panther

?? Thanks to everyone who visited us at #KubeCon + #CloudNativeCon! We loved sharing the good times with you at our packed happy hour. Onwards and upwards, friends!

To all making the annual pilgrimage to Vegas for #aws #reinvent: we're hosting an intimate happy hour with our customers. Come join us, Snowflake, Panther, Vanta, and Rootly for fun convos before you go bet it all on red. What do we have in common? We're all AWS partners who's in on marketplace and co-sell. We're almost at capacity. Let us know if you can join, we'd love to host you. ?? Location: Clique Bar & Lounge, Las Vegas ?? Date/Time: Tuesday, December 3, 5:00 PM - 7:00 PM Drinks, bites, and a chance to win a prize. #REINVENT2024 #happyhour #awspartners #cloud #marketplaces #paceyourself #wearcomfortableshoes

?? Last chance to register! ?? Our webinar on #PantherFlow starts in T - 6 hours at 1 PM EST / 10 AM PST. Join us for an in-depth walkthrough on our piped query language, including major design decisions and where we are headed next. ?? What we’re most looking forward to is showing you how to use PantherFlow to investigate a threat scenario ?? an account compromise, lateral movement, data exfiltration, and privilege escalation. ? Sign up now! https://lnkd.in/g-RZiZC4 #DetectionAsCode #DetectionEngineering #SecurityEngineering

?? Last chance to register! ?? Our webinar on #PantherFlow starts in T - 6 hours at 1 PM EST / 10 AM PST. Join us for an in-depth walkthrough on our piped query language, including major design decisions and where we are headed next. ?? What we’re most looking forward to is showing you how to use PantherFlow to investigate a threat scenario ?? an account compromise, lateral movement, data exfiltration, and privilege escalation. ? Sign up now! https://lnkd.in/g-RZiZC4 #DetectionAsCode #DetectionEngineering #SecurityEngineering

Why is it helpful when investigation workflows do not require a fixed schema? ?? Well, security data is almost ubiquitously JSON, which has variable schema. And when you don’t require unstructured security data to fit into structured schemas, this opens up many possibilities. ?? For starters, raw text search across all your logs for when you just don’t know what field a value might be in. Then there’s seamless, multi-table queries that don't require special handling when the tables contain different columns. And you can even use JSON data itself as inputs for your queries. #PantherFlow does all of the above, and more! Learn about the design decisions behind our piped search language in our blog by Douglas Miller, Staff Backend Software Engineer at Panther ?? https://lnkd.in/g4PURrzB #DetectionAsCode #DetectionEngineering #SecurityEngineering

Finding related activity by a threat actor across different log types is a pain ?? when you need to conduct multiple joins to match up various fields. With #PantherFlow, this is as simple as extracting the fields you need from each log type with the “coalesce” function. ?? Live tomorrow, join us for a webinar on how to use PantherFlow to investigate a threat scenario involving an account compromise and secrets exfiltration. This video clip is just a sneak peek at the more in-depth walkthrough to come! ?? Save your spot ?? https://lnkd.in/g-RZiZC4 #DetectionAsCode #DetectionEngineering #SecurityEngineering

This clip is just a teaser of what’s to come this Thursday. ?? Join our Nov 21st webinar to explore how to use #PantherFlow to investigate a threat scenario. The creator of PantherFlow, Douglas Miller, and our Principal Threat Researcher, Ariel Ropek, will walk you through developing the queries to identify: 1?? AWS user account compromise 2?? Lateral movement to EKS 3?? Kubernetes secrets exfiltration + privilege escalation Don’t miss this one! Register now ?? https://lnkd.in/g-RZiZC4 #DetectionAsCode #DetectionEngineering #SecurityEngineering

? Panther’s piped query language, #PantherFlow, uses short, digestible statements to build up complex queries. Each statement is driven by an operator to filter, transform, or join your data—like the “where” operator! To learn more, read the blog on how to query in PantherFlow, written by the creator himself Douglas Miller ?? https://lnkd.in/gyzzp28Y Live this Thursday, we’re taking a deep dive into everything PantherFlow. Join us for a webinar on the what and why of PantherFlow, including how to use it to investigate a K8s secrets exfiltration threat scenario. Register now! ? https://lnkd.in/g-RZiZC4 #DetectionAsCode #DetectionEngineering #SecurityEngineering

?? What makes pipelined search languages approachable is the way the query is structured. Like Doug explains, a query is built up from short statements that apply filters, joins, and transformations as intuitive, sequential building blocks. And this is exactly why we built #PantherFlow, Panther’s piped query language—to give you the power of SQL, without inheriting its complexities. ?? But there’s more to that story! Learn about our major design goals in building PantherFlow in our blog by Douglas Miller, the creator of PantherFlow. Read the blog ?? https://lnkd.in/g4PURrzB #DetectionAsCode #DetectionEngineering #SecurityEngineering #KubeCon #CloudNativeCon

#PantherFlow + Visualizations! ?? Share insights with key stakeholders, find trends or outliers, and monitor KPIs. ?? Use the “visualize” operator to generate bar and line charts directly from your PantherFlow query. Customize your chart with the same expressive power you use to query your security data lake. ?? Come see PantherFlow in action! On Nov 21st, we’ll demonstrate how to use PantherFlow to investigate a threat scenario involving an account compromise, data exfiltration, and privilege escalation. Save your spot ?? https://lnkd.in/g-RZiZC4 Ready to start using PantherFlow visualizations? Contact your account team to enable it. #DetectionAsCode #DetectionEngineering #SecurityEngineering #KubeCon #CloudNativeCon