SlideShare a Scribd company logo

Replacing Legacy SIEM with Panther and Snowflake

Download as PPTX, PDF
Panther Labs
Panther Labs

Learn how to leverage Panther to collect, analyze, and retain terabytes of security logs in Snowflake with low costs and real-time alerts.

Technology
1 of 12
© Panther Labs CLOUD-NATIVE SIEM
© Panther Labs CostHiring Cloud ScaleTools SECURITY TEAM’S BIGGEST CHALLENGES
© Panther Labs Incident Management Orchestrate Real-TimeMonitoring Parse Normalize Detect Data Sources (Cloud & On-Prem) Security Data Lake HuntInvestigate Visualize Alerts END-TO-END VISIBILITY
© Panther Labs Real-time Detections Cloud-Native for Extreme Scale Detections as Code Turnkey Security Data Lake PANTHER PRIMITIVES
© Panther Labs Baseline detections with CIS. Attacker tactics and techniques. Detection Packs for: CloudTrail S3 Guard Duty CloudFormation +more Cisco Umbrella Okta Box Osquery GCP +more 200+ BUILT-IN DETECTIONS
© Panther Labs MODERN SYNTAX rex field=_raw"@(?<ip_address>d+.d+.d+.d+)" | where !cidrmatch("10.2.0.0/16", ip_address) OR !cidrmatch("10.1.0.0/16", ip_address) ● Proprietary ● Rigid ● Unpredictable ● Expressive ● Flexible ● Test-driven
© Panther Labs CLOUD SAAS CLOUD-PREM FLEXIBLE DEPLOYMENT Single-tenant hosted, zero administration Self-hosted for complete privacy
© Panther Labs “Panther has proved incredibly easy for a small security team to roll out to a multi- account enterprise environment, and we’re confident we have an easily scalable and maintainable roadmap for the future.” Scribd HAPPY CUSTOMERS
© Panther Labs ● Cost-efficient long-term storage for all of your data ● Zero maintenance overhead ● A normalized data lake to power threat investigations Snowflake & Panther give you best-of-breed solutions for threat detection and response at cloud-scale. BETTER TOGETHER
© Panther Labs "LET’S TALK" Email sales@runpanther.io to schedule a 14-day free trial.
© Panther Labs ADDITIONAL RESOURCES How Panther turns Snowflake into a SIEM Read the Blog Replace your Legacy SIEM w/ Panther & Snowflake Watch the Webinar
© Panther Labs

Recommended

Hybridizing Kubernetes and HPC securely - Pavan Gupta
Hybridizing Kubernetes and HPC securely - Pavan GuptaHybridizing Kubernetes and HPC securely - Pavan Gupta
Hybridizing Kubernetes and HPC securely - Pavan GuptaPacificResearchPlatform
 
WSO2 Virtual Hackathon Big Data in the Cloud Case Study
WSO2 Virtual Hackathon Big Data in the Cloud Case StudyWSO2 Virtual Hackathon Big Data in the Cloud Case Study
WSO2 Virtual Hackathon Big Data in the Cloud Case StudyLakmal Warusawithana
 
Summit 2012 Fall Rob Hirschfeld Quantum Fog v1.pptx
Summit 2012 Fall Rob Hirschfeld Quantum Fog v1.pptxSummit 2012 Fall Rob Hirschfeld Quantum Fog v1.pptx
Summit 2012 Fall Rob Hirschfeld Quantum Fog v1.pptxOpenStack Foundation
 
Cloud-native applications with Java and Kubernetes - Yehor Volkov
Cloud-native applications with Java and Kubernetes - Yehor Volkov Cloud-native applications with Java and Kubernetes - Yehor Volkov
Cloud-native applications with Java and Kubernetes - Yehor VolkovKuberton
 
inGeneoS: Intercontinental Genetic sequencing over trans-Pacific networks and...
inGeneoS: Intercontinental Genetic sequencing over trans-Pacific networks and...inGeneoS: Intercontinental Genetic sequencing over trans-Pacific networks and...
inGeneoS: Intercontinental Genetic sequencing over trans-Pacific networks and...Andrew Howard
 
Tools &amp; techniques, building a dev secops culture at mozilla sba live a...
Tools &amp; techniques, building a dev secops culture at mozilla sba live a...Tools &amp; techniques, building a dev secops culture at mozilla sba live a...
Tools &amp; techniques, building a dev secops culture at mozilla sba live a...SBA Research
 
20150924 rda federation_v1
20150924 rda federation_v120150924 rda federation_v1
20150924 rda federation_v1Tim Bell
 
Panther 101: Bootstrapping Your Cloud SIEM (Webinar Deck)
Panther 101: Bootstrapping Your Cloud SIEM (Webinar Deck)Panther 101: Bootstrapping Your Cloud SIEM (Webinar Deck)
Panther 101: Bootstrapping Your Cloud SIEM (Webinar Deck)Panther Labs
 

Recommended

Hybridizing Kubernetes and HPC securely - Pavan Gupta
Hybridizing Kubernetes and HPC securely - Pavan GuptaHybridizing Kubernetes and HPC securely - Pavan Gupta
Hybridizing Kubernetes and HPC securely - Pavan GuptaPacificResearchPlatform
 
WSO2 Virtual Hackathon Big Data in the Cloud Case Study
WSO2 Virtual Hackathon Big Data in the Cloud Case StudyWSO2 Virtual Hackathon Big Data in the Cloud Case Study
WSO2 Virtual Hackathon Big Data in the Cloud Case StudyLakmal Warusawithana
 
Summit 2012 Fall Rob Hirschfeld Quantum Fog v1.pptx
Summit 2012 Fall Rob Hirschfeld Quantum Fog v1.pptxSummit 2012 Fall Rob Hirschfeld Quantum Fog v1.pptx
Summit 2012 Fall Rob Hirschfeld Quantum Fog v1.pptxOpenStack Foundation
 
Cloud-native applications with Java and Kubernetes - Yehor Volkov
Cloud-native applications with Java and Kubernetes - Yehor Volkov Cloud-native applications with Java and Kubernetes - Yehor Volkov
Cloud-native applications with Java and Kubernetes - Yehor VolkovKuberton
 
inGeneoS: Intercontinental Genetic sequencing over trans-Pacific networks and...
inGeneoS: Intercontinental Genetic sequencing over trans-Pacific networks and...inGeneoS: Intercontinental Genetic sequencing over trans-Pacific networks and...
inGeneoS: Intercontinental Genetic sequencing over trans-Pacific networks and...Andrew Howard
 
Tools &amp; techniques, building a dev secops culture at mozilla sba live a...
Tools &amp; techniques, building a dev secops culture at mozilla sba live a...Tools &amp; techniques, building a dev secops culture at mozilla sba live a...
Tools &amp; techniques, building a dev secops culture at mozilla sba live a...SBA Research
 
20150924 rda federation_v1
20150924 rda federation_v120150924 rda federation_v1
20150924 rda federation_v1Tim Bell
 
Panther 101: Bootstrapping Your Cloud SIEM (Webinar Deck)
Panther 101: Bootstrapping Your Cloud SIEM (Webinar Deck)Panther 101: Bootstrapping Your Cloud SIEM (Webinar Deck)
Panther 101: Bootstrapping Your Cloud SIEM (Webinar Deck)Panther Labs
 
Detecting AWS control plane abuse in an actionable way using Det{R}ails
Detecting AWS control plane abuse in an actionable way using Det{R}ailsDetecting AWS control plane abuse in an actionable way using Det{R}ails
Detecting AWS control plane abuse in an actionable way using Det{R}ailsTenchi Security
 
Detecting s3 breaches with panther slide deck
Detecting s3 breaches with panther slide deckDetecting s3 breaches with panther slide deck
Detecting s3 breaches with panther slide deckKartikey Pandey
 
Apache Spark with Hortonworks Data Platform - Seattle Meetup
Apache Spark with Hortonworks Data Platform - Seattle MeetupApache Spark with Hortonworks Data Platform - Seattle Meetup
Apache Spark with Hortonworks Data Platform - Seattle MeetupSaptak Sen
 
OpenShiftMeetup #4 20190522 - KEDA-
OpenShiftMeetup #4 20190522 - KEDA-OpenShiftMeetup #4 20190522 - KEDA-
OpenShiftMeetup #4 20190522 - KEDA-kei omizo
 
JavaCro'15 - Big Data in a DIY home - Marko Švaljek
JavaCro'15 - Big Data in a DIY home - Marko ŠvaljekJavaCro'15 - Big Data in a DIY home - Marko Švaljek
JavaCro'15 - Big Data in a DIY home - Marko ŠvaljekHUJAK - Hrvatska udruga Java korisnika / Croatian Java User Association
 
20161025 OpenStack at CERN Barcelona
20161025 OpenStack at CERN Barcelona20161025 OpenStack at CERN Barcelona
20161025 OpenStack at CERN BarcelonaTim Bell
 
Downsampling your data October 2017
Downsampling your data October 2017Downsampling your data October 2017
Downsampling your data October 2017InfluxData
 
The OpenStack Cloud at CERN - OpenStack Nordic
The OpenStack Cloud at CERN - OpenStack NordicThe OpenStack Cloud at CERN - OpenStack Nordic
The OpenStack Cloud at CERN - OpenStack NordicTim Bell
 
Threat Hunting for Command and Control Activity
Threat Hunting for Command and Control ActivityThreat Hunting for Command and Control Activity
Threat Hunting for Command and Control ActivitySqrrl
 
Network Monitoring with Icinga
Network Monitoring with IcingaNetwork Monitoring with Icinga
Network Monitoring with Icingalearjk
 
20170926 cern cloud v4
20170926 cern cloud v420170926 cern cloud v4
20170926 cern cloud v4Tim Bell
 
Serverless Architectures on AWS in practice - OSCON 2018
Serverless Architectures on AWS in practice - OSCON 2018Serverless Architectures on AWS in practice - OSCON 2018
Serverless Architectures on AWS in practice - OSCON 2018Manish Pandit
 
K8s in 2hours
K8s in 2hoursK8s in 2hours
K8s in 2hoursDEV Cafe
 
Decreasing Incident Response Time
Decreasing Incident Response TimeDecreasing Incident Response Time
Decreasing Incident Response TimeBoni Bruno
 
OpenStack @ CERN, by Tim Bell
OpenStack @ CERN, by Tim BellOpenStack @ CERN, by Tim Bell
OpenStack @ CERN, by Tim BellAmrita Prasad
 
Getting Started with OpenStack from Hong Kong Summit Session November 5
Getting Started with OpenStack from Hong Kong Summit Session November 5Getting Started with OpenStack from Hong Kong Summit Session November 5
Getting Started with OpenStack from Hong Kong Summit Session November 5Niki Acosta
 
Bcn open stack meet up - july 2014
Bcn open stack meet up - july 2014Bcn open stack meet up - july 2014
Bcn open stack meet up - july 2014Jaume Devesa Gomez
 
CloudModule for Zabbix
CloudModule for ZabbixCloudModule for Zabbix
CloudModule for ZabbixDaisuke Ikeda
 
Automated Intrusion Detection and Response on AWS
Automated Intrusion Detection and Response on AWSAutomated Intrusion Detection and Response on AWS
Automated Intrusion Detection and Response on AWSTeri Radichel
 
Advances in cloud scale machine learning for cyber-defense
Advances in cloud scale machine learning for cyber-defenseAdvances in cloud scale machine learning for cyber-defense
Advances in cloud scale machine learning for cyber-defensePriyanka Aash
 
Common Infrastructure Exploits in AWS/GCP/Azure Servers and Containers
Common Infrastructure Exploits in AWS/GCP/Azure Servers and ContainersCommon Infrastructure Exploits in AWS/GCP/Azure Servers and Containers
Common Infrastructure Exploits in AWS/GCP/Azure Servers and ContainersPriyanka Aash
 
Data center webinar_v2_1
Data center webinar_v2_1Data center webinar_v2_1
Data center webinar_v2_1Lancope, Inc.
 

More Related Content

What's hot

Detecting AWS control plane abuse in an actionable way using Det{R}ails
Detecting AWS control plane abuse in an actionable way using Det{R}ailsDetecting AWS control plane abuse in an actionable way using Det{R}ails
Detecting AWS control plane abuse in an actionable way using Det{R}ailsTenchi Security
 
Detecting s3 breaches with panther slide deck
Detecting s3 breaches with panther slide deckDetecting s3 breaches with panther slide deck
Detecting s3 breaches with panther slide deckKartikey Pandey
 
Apache Spark with Hortonworks Data Platform - Seattle Meetup
Apache Spark with Hortonworks Data Platform - Seattle MeetupApache Spark with Hortonworks Data Platform - Seattle Meetup
Apache Spark with Hortonworks Data Platform - Seattle MeetupSaptak Sen
 
OpenShiftMeetup #4 20190522 - KEDA-
OpenShiftMeetup #4 20190522 - KEDA-OpenShiftMeetup #4 20190522 - KEDA-
OpenShiftMeetup #4 20190522 - KEDA-kei omizo
 
20161025 OpenStack at CERN Barcelona
20161025 OpenStack at CERN Barcelona20161025 OpenStack at CERN Barcelona
20161025 OpenStack at CERN BarcelonaTim Bell
 
Downsampling your data October 2017
Downsampling your data October 2017Downsampling your data October 2017
Downsampling your data October 2017InfluxData
 
The OpenStack Cloud at CERN - OpenStack Nordic
The OpenStack Cloud at CERN - OpenStack NordicThe OpenStack Cloud at CERN - OpenStack Nordic
The OpenStack Cloud at CERN - OpenStack NordicTim Bell
 
Threat Hunting for Command and Control Activity
Threat Hunting for Command and Control ActivityThreat Hunting for Command and Control Activity
Threat Hunting for Command and Control ActivitySqrrl
 
Network Monitoring with Icinga
Network Monitoring with IcingaNetwork Monitoring with Icinga
Network Monitoring with Icingalearjk
 
20170926 cern cloud v4
20170926 cern cloud v420170926 cern cloud v4
20170926 cern cloud v4Tim Bell
 
Serverless Architectures on AWS in practice - OSCON 2018
Serverless Architectures on AWS in practice - OSCON 2018Serverless Architectures on AWS in practice - OSCON 2018
Serverless Architectures on AWS in practice - OSCON 2018Manish Pandit
 
K8s in 2hours
K8s in 2hoursK8s in 2hours
K8s in 2hoursDEV Cafe
 
Decreasing Incident Response Time
Decreasing Incident Response TimeDecreasing Incident Response Time
Decreasing Incident Response TimeBoni Bruno
 
OpenStack @ CERN, by Tim Bell
OpenStack @ CERN, by Tim BellOpenStack @ CERN, by Tim Bell
OpenStack @ CERN, by Tim BellAmrita Prasad
 
Getting Started with OpenStack from Hong Kong Summit Session November 5
Getting Started with OpenStack from Hong Kong Summit Session November 5Getting Started with OpenStack from Hong Kong Summit Session November 5
Getting Started with OpenStack from Hong Kong Summit Session November 5Niki Acosta
 
Bcn open stack meet up - july 2014
Bcn open stack meet up - july 2014Bcn open stack meet up - july 2014
Bcn open stack meet up - july 2014Jaume Devesa Gomez
 
CloudModule for Zabbix
CloudModule for ZabbixCloudModule for Zabbix
CloudModule for ZabbixDaisuke Ikeda
 

What's hot (18)

Detecting AWS control plane abuse in an actionable way using Det{R}ails
Detecting AWS control plane abuse in an actionable way using Det{R}ailsDetecting AWS control plane abuse in an actionable way using Det{R}ails
Detecting AWS control plane abuse in an actionable way using Det{R}ails
 
Detecting s3 breaches with panther slide deck
Detecting s3 breaches with panther slide deckDetecting s3 breaches with panther slide deck
Detecting s3 breaches with panther slide deck
 
Apache Spark with Hortonworks Data Platform - Seattle Meetup
Apache Spark with Hortonworks Data Platform - Seattle MeetupApache Spark with Hortonworks Data Platform - Seattle Meetup
Apache Spark with Hortonworks Data Platform - Seattle Meetup
 
OpenShiftMeetup #4 20190522 - KEDA-
OpenShiftMeetup #4 20190522 - KEDA-OpenShiftMeetup #4 20190522 - KEDA-
OpenShiftMeetup #4 20190522 - KEDA-
 
JavaCro'15 - Big Data in a DIY home - Marko Švaljek
JavaCro'15 - Big Data in a DIY home - Marko ŠvaljekJavaCro'15 - Big Data in a DIY home - Marko Švaljek
JavaCro'15 - Big Data in a DIY home - Marko Švaljek
 
20161025 OpenStack at CERN Barcelona
20161025 OpenStack at CERN Barcelona20161025 OpenStack at CERN Barcelona
20161025 OpenStack at CERN Barcelona
 
Downsampling your data October 2017
Downsampling your data October 2017Downsampling your data October 2017
Downsampling your data October 2017
 
The OpenStack Cloud at CERN - OpenStack Nordic
The OpenStack Cloud at CERN - OpenStack NordicThe OpenStack Cloud at CERN - OpenStack Nordic
The OpenStack Cloud at CERN - OpenStack Nordic
 
Threat Hunting for Command and Control Activity
Threat Hunting for Command and Control ActivityThreat Hunting for Command and Control Activity
Threat Hunting for Command and Control Activity
 
Network Monitoring with Icinga
Network Monitoring with IcingaNetwork Monitoring with Icinga
Network Monitoring with Icinga
 
20170926 cern cloud v4
20170926 cern cloud v420170926 cern cloud v4
20170926 cern cloud v4
 
Serverless Architectures on AWS in practice - OSCON 2018
Serverless Architectures on AWS in practice - OSCON 2018Serverless Architectures on AWS in practice - OSCON 2018
Serverless Architectures on AWS in practice - OSCON 2018
 
K8s in 2hours
K8s in 2hoursK8s in 2hours
K8s in 2hours
 
Decreasing Incident Response Time
Decreasing Incident Response TimeDecreasing Incident Response Time
Decreasing Incident Response Time
 
OpenStack @ CERN, by Tim Bell
OpenStack @ CERN, by Tim BellOpenStack @ CERN, by Tim Bell
OpenStack @ CERN, by Tim Bell
 
Getting Started with OpenStack from Hong Kong Summit Session November 5
Getting Started with OpenStack from Hong Kong Summit Session November 5Getting Started with OpenStack from Hong Kong Summit Session November 5
Getting Started with OpenStack from Hong Kong Summit Session November 5
 
Bcn open stack meet up - july 2014
Bcn open stack meet up - july 2014Bcn open stack meet up - july 2014
Bcn open stack meet up - july 2014
 
CloudModule for Zabbix
CloudModule for ZabbixCloudModule for Zabbix
CloudModule for Zabbix
 

Similar to Replacing Legacy SIEM with Panther and Snowflake

Automated Intrusion Detection and Response on AWS
Automated Intrusion Detection and Response on AWSAutomated Intrusion Detection and Response on AWS
Automated Intrusion Detection and Response on AWSTeri Radichel
 
Advances in cloud scale machine learning for cyber-defense
Advances in cloud scale machine learning for cyber-defenseAdvances in cloud scale machine learning for cyber-defense
Advances in cloud scale machine learning for cyber-defensePriyanka Aash
 
Common Infrastructure Exploits in AWS/GCP/Azure Servers and Containers
Common Infrastructure Exploits in AWS/GCP/Azure Servers and ContainersCommon Infrastructure Exploits in AWS/GCP/Azure Servers and Containers
Common Infrastructure Exploits in AWS/GCP/Azure Servers and ContainersPriyanka Aash
 
Data center webinar_v2_1
Data center webinar_v2_1Data center webinar_v2_1
Data center webinar_v2_1Lancope, Inc.
 
Advertising Fraud Detection at Scale at T-Mobile
Advertising Fraud Detection at Scale at T-MobileAdvertising Fraud Detection at Scale at T-Mobile
Advertising Fraud Detection at Scale at T-MobileDatabricks
 
Spark + Cassandra = Real Time Analytics on Operational Data
Spark + Cassandra = Real Time Analytics on Operational DataSpark + Cassandra = Real Time Analytics on Operational Data
Spark + Cassandra = Real Time Analytics on Operational DataVictor Coustenoble
 
Automate or die! Rootedcon 2017
Automate or die! Rootedcon 2017Automate or die! Rootedcon 2017
Automate or die! Rootedcon 2017Toni de la Fuente
 
Toni de la Fuente - Automate or die! How to survive to an attack in the Cloud...
Toni de la Fuente - Automate or die! How to survive to an attack in the Cloud...Toni de la Fuente - Automate or die! How to survive to an attack in the Cloud...
Toni de la Fuente - Automate or die! How to survive to an attack in the Cloud...RootedCON
 
breed_python_tx_redacted
breed_python_tx_redactedbreed_python_tx_redacted
breed_python_tx_redactedRyan Breed
 
Introduction to Apache NiFi 1.11.4
Introduction to Apache NiFi 1.11.4Introduction to Apache NiFi 1.11.4
Introduction to Apache NiFi 1.11.4Timothy Spann
 
Data Pipelines and Telephony Fraud Detection Using Machine Learning
Data Pipelines and Telephony Fraud Detection Using Machine Learning Data Pipelines and Telephony Fraud Detection Using Machine Learning
Data Pipelines and Telephony Fraud Detection Using Machine Learning Eugene
 
How We Learned To Love The Data Center Operating System
How We Learned To Love The Data Center Operating SystemHow We Learned To Love The Data Center Operating System
How We Learned To Love The Data Center Operating Systemsaulius_vl
 
End to End Processing of 3.7 Million Telemetry Events per Second using Lambda...
End to End Processing of 3.7 Million Telemetry Events per Second using Lambda...End to End Processing of 3.7 Million Telemetry Events per Second using Lambda...
End to End Processing of 3.7 Million Telemetry Events per Second using Lambda...DataWorks Summit/Hadoop Summit
 
Incident response-in-the-cloud
Incident response-in-the-cloudIncident response-in-the-cloud
Incident response-in-the-cloudPriyanka Aash
 
Real time data pipeline with spark streaming and cassandra with mesos
Real time data pipeline with spark streaming and cassandra with mesosReal time data pipeline with spark streaming and cassandra with mesos
Real time data pipeline with spark streaming and cassandra with mesosRahul Kumar
 
Realtime Data Pipeline with Spark Streaming and Cassandra with Mesos (Rahul K...
Realtime Data Pipeline with Spark Streaming and Cassandra with Mesos (Rahul K...Realtime Data Pipeline with Spark Streaming and Cassandra with Mesos (Rahul K...
Realtime Data Pipeline with Spark Streaming and Cassandra with Mesos (Rahul K...DataStax
 
Declarative & workflow based infrastructure with Terraform
Declarative & workflow based infrastructure with TerraformDeclarative & workflow based infrastructure with Terraform
Declarative & workflow based infrastructure with TerraformRadek Simko
 
Get Your Head in the Cloud: A Practical Model for Enterprise Cloud Security
Get Your Head in the Cloud: A Practical Model for Enterprise Cloud SecurityGet Your Head in the Cloud: A Practical Model for Enterprise Cloud Security
Get Your Head in the Cloud: A Practical Model for Enterprise Cloud SecuritySymantec
 

Similar to Replacing Legacy SIEM with Panther and Snowflake (20)

Automated Intrusion Detection and Response on AWS
Automated Intrusion Detection and Response on AWSAutomated Intrusion Detection and Response on AWS
Automated Intrusion Detection and Response on AWS
 
Advances in cloud scale machine learning for cyber-defense
Advances in cloud scale machine learning for cyber-defenseAdvances in cloud scale machine learning for cyber-defense
Advances in cloud scale machine learning for cyber-defense
 
Common Infrastructure Exploits in AWS/GCP/Azure Servers and Containers
Common Infrastructure Exploits in AWS/GCP/Azure Servers and ContainersCommon Infrastructure Exploits in AWS/GCP/Azure Servers and Containers
Common Infrastructure Exploits in AWS/GCP/Azure Servers and Containers
 
Data center webinar_v2_1
Data center webinar_v2_1Data center webinar_v2_1
Data center webinar_v2_1
 
Advertising Fraud Detection at Scale at T-Mobile
Advertising Fraud Detection at Scale at T-MobileAdvertising Fraud Detection at Scale at T-Mobile
Advertising Fraud Detection at Scale at T-Mobile
 
Spark + Cassandra = Real Time Analytics on Operational Data
Spark + Cassandra = Real Time Analytics on Operational DataSpark + Cassandra = Real Time Analytics on Operational Data
Spark + Cassandra = Real Time Analytics on Operational Data
 
Automate or die! Rootedcon 2017
Automate or die! Rootedcon 2017Automate or die! Rootedcon 2017
Automate or die! Rootedcon 2017
 
Toni de la Fuente - Automate or die! How to survive to an attack in the Cloud...
Toni de la Fuente - Automate or die! How to survive to an attack in the Cloud...Toni de la Fuente - Automate or die! How to survive to an attack in the Cloud...
Toni de la Fuente - Automate or die! How to survive to an attack in the Cloud...
 
breed_python_tx_redacted
breed_python_tx_redactedbreed_python_tx_redacted
breed_python_tx_redacted
 
Introduction to Apache NiFi 1.11.4
Introduction to Apache NiFi 1.11.4Introduction to Apache NiFi 1.11.4
Introduction to Apache NiFi 1.11.4
 
SRV408 Deep Dive on AWS IoT
SRV408 Deep Dive on AWS IoTSRV408 Deep Dive on AWS IoT
SRV408 Deep Dive on AWS IoT
 
Data Pipelines and Telephony Fraud Detection Using Machine Learning
Data Pipelines and Telephony Fraud Detection Using Machine Learning Data Pipelines and Telephony Fraud Detection Using Machine Learning
Data Pipelines and Telephony Fraud Detection Using Machine Learning
 
How We Learned To Love The Data Center Operating System
How We Learned To Love The Data Center Operating SystemHow We Learned To Love The Data Center Operating System
How We Learned To Love The Data Center Operating System
 
End to End Processing of 3.7 Million Telemetry Events per Second using Lambda...
End to End Processing of 3.7 Million Telemetry Events per Second using Lambda...End to End Processing of 3.7 Million Telemetry Events per Second using Lambda...
End to End Processing of 3.7 Million Telemetry Events per Second using Lambda...
 
Incident response-in-the-cloud
Incident response-in-the-cloudIncident response-in-the-cloud
Incident response-in-the-cloud
 
Real time data pipeline with spark streaming and cassandra with mesos
Real time data pipeline with spark streaming and cassandra with mesosReal time data pipeline with spark streaming and cassandra with mesos
Real time data pipeline with spark streaming and cassandra with mesos
 
Realtime Data Pipeline with Spark Streaming and Cassandra with Mesos (Rahul K...
Realtime Data Pipeline with Spark Streaming and Cassandra with Mesos (Rahul K...Realtime Data Pipeline with Spark Streaming and Cassandra with Mesos (Rahul K...
Realtime Data Pipeline with Spark Streaming and Cassandra with Mesos (Rahul K...
 
Cloud applications
Cloud applicationsCloud applications
Cloud applications
 
Declarative & workflow based infrastructure with Terraform
Declarative & workflow based infrastructure with TerraformDeclarative & workflow based infrastructure with Terraform
Declarative & workflow based infrastructure with Terraform
 
Get Your Head in the Cloud: A Practical Model for Enterprise Cloud Security
Get Your Head in the Cloud: A Practical Model for Enterprise Cloud SecurityGet Your Head in the Cloud: A Practical Model for Enterprise Cloud Security
Get Your Head in the Cloud: A Practical Model for Enterprise Cloud Security
 

More from Panther Labs

How to Implement Snowflake Security Best Practices with Panther
How to Implement Snowflake Security Best Practices with PantherHow to Implement Snowflake Security Best Practices with Panther
How to Implement Snowflake Security Best Practices with PantherPanther Labs
 
Customer Story: Scaling Security With Detections-as-Code
Customer Story: Scaling Security With Detections-as-CodeCustomer Story: Scaling Security With Detections-as-Code
Customer Story: Scaling Security With Detections-as-CodePanther Labs
 
Taking Action on Your Security Alerts with Panther and Tines
Taking Action on Your Security Alerts with Panther and Tines Taking Action on Your Security Alerts with Panther and Tines
Taking Action on Your Security Alerts with Panther and Tines Panther Labs
 
Threat Hunting at Scale
Threat Hunting at ScaleThreat Hunting at Scale
Threat Hunting at ScalePanther Labs
 
Writing Custom Python Detection with Panther (Part 1)
Writing Custom Python Detection with Panther (Part 1)Writing Custom Python Detection with Panther (Part 1)
Writing Custom Python Detection with Panther (Part 1)Panther Labs
 
Cloud Security 101 (Webinar Deck)
Cloud Security 101 (Webinar Deck)Cloud Security 101 (Webinar Deck)
Cloud Security 101 (Webinar Deck)Panther Labs
 
Detecting S3 Breaches with Panther
Detecting S3 Breaches with PantherDetecting S3 Breaches with Panther
Detecting S3 Breaches with PantherPanther Labs
 

More from Panther Labs (7)

How to Implement Snowflake Security Best Practices with Panther
How to Implement Snowflake Security Best Practices with PantherHow to Implement Snowflake Security Best Practices with Panther
How to Implement Snowflake Security Best Practices with Panther
 
Customer Story: Scaling Security With Detections-as-Code
Customer Story: Scaling Security With Detections-as-CodeCustomer Story: Scaling Security With Detections-as-Code
Customer Story: Scaling Security With Detections-as-Code
 
Taking Action on Your Security Alerts with Panther and Tines
Taking Action on Your Security Alerts with Panther and Tines Taking Action on Your Security Alerts with Panther and Tines
Taking Action on Your Security Alerts with Panther and Tines
 
Threat Hunting at Scale
Threat Hunting at ScaleThreat Hunting at Scale
Threat Hunting at Scale
 
Writing Custom Python Detection with Panther (Part 1)
Writing Custom Python Detection with Panther (Part 1)Writing Custom Python Detection with Panther (Part 1)
Writing Custom Python Detection with Panther (Part 1)
 
Cloud Security 101 (Webinar Deck)
Cloud Security 101 (Webinar Deck)Cloud Security 101 (Webinar Deck)
Cloud Security 101 (Webinar Deck)
 
Detecting S3 Breaches with Panther
Detecting S3 Breaches with PantherDetecting S3 Breaches with Panther
Detecting S3 Breaches with Panther
 

Recently uploaded

Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 

Recently uploaded (20)

Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 

Replacing Legacy SIEM with Panther and Snowflake

  • 2. © Panther Labs CostHiring Cloud ScaleTools SECURITY TEAM’S BIGGEST CHALLENGES
  • 3. © Panther Labs Incident Management Orchestrate Real-TimeMonitoring Parse Normalize Detect Data Sources (Cloud & On-Prem) Security Data Lake HuntInvestigate Visualize Alerts END-TO-END VISIBILITY
  • 4. © Panther Labs Real-time Detections Cloud-Native for Extreme Scale Detections as Code Turnkey Security Data Lake PANTHER PRIMITIVES
  • 5. © Panther Labs Baseline detections with CIS. Attacker tactics and techniques. Detection Packs for: CloudTrail S3 Guard Duty CloudFormation +more Cisco Umbrella Okta Box Osquery GCP +more 200+ BUILT-IN DETECTIONS
  • 6. © Panther Labs MODERN SYNTAX rex field=_raw"@(?<ip_address>d+.d+.d+.d+)" | where !cidrmatch("10.2.0.0/16", ip_address) OR !cidrmatch("10.1.0.0/16", ip_address) ● Proprietary ● Rigid ● Unpredictable ● Expressive ● Flexible ● Test-driven
  • 7. © Panther Labs CLOUD SAAS CLOUD-PREM FLEXIBLE DEPLOYMENT Single-tenant hosted, zero administration Self-hosted for complete privacy
  • 8. © Panther Labs “Panther has proved incredibly easy for a small security team to roll out to a multi- account enterprise environment, and we’re confident we have an easily scalable and maintainable roadmap for the future.” Scribd HAPPY CUSTOMERS
  • 9. © Panther Labs ● Cost-efficient long-term storage for all of your data ● Zero maintenance overhead ● A normalized data lake to power threat investigations Snowflake & Panther give you best-of-breed solutions for threat detection and response at cloud-scale. BETTER TOGETHER
  • 10. © Panther Labs "LET’S TALK" Email sales@runpanther.io to schedule a 14-day free trial.
  • 11. © Panther Labs ADDITIONAL RESOURCES How Panther turns Snowflake into a SIEM Read the Blog Replace your Legacy SIEM w/ Panther & Snowflake Watch the Webinar