Sign up to save your podcasts
Or
Share Ep107: Cloud-Scale Security Monitoring – How Panther and AI are Revolutionizing Cybersecurity
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Ep107: Cloud-Scale Security Monitoring – How Panther and AI are Revolutionizing Cybersecurity
Chief Architect Russell Leighton discusses how Panther's cloud platform revolutionizes security operations by treating detections as Python code and AI enabled alert vetting turning responses from hours into minutes.
Topics Include:
- Panther is a cloud security monitoring tool (cloud SIEM)
- Works at massive scale, more cost-effective than legacy systems
- Key differentiator: "detections as code" written in Python
- Brings software engineering best practices to security operations
- Enables unit testing and version control for security detections
- Recently adopted generative AI to improve security workflows
- SOC burnout is renowned due to tedious ticket processing
- AI has intelligence of security engineer, works much faster
- Example: Alert shows "Russ Leighton removed branch protection"
- Old way: Manual log analysis, checking user profiles manually
- Takes hours of squinting at detailed log data
- New AI way: Automatic vetting happens in minutes
- AI checks user profile in Okta or IDP
- Determines engineer status, assesses typical behavior patterns
- Provides risk assessment based on historical alert data
- Low risk for engineers, high risk for unusual users
- Example: HR person accessing production code is escalated
- Customer quote: Takes vetting "from hours to seconds"
- Panther customers get dedicated AWS accounts for security
- Company can't see customer data, only self-reported metrics
- AI provides summaries, risk assessments, timelines, visualizations
- Also suggests remediations like human security engineer would
- Initial concerns about putting AI in production environment
- Customer feedback exceeded expectations with feature requests
- AWS Bedrock integration addresses customer security concerns
- Uses Anthropic Claude as base LLM through Bedrock
- Customers can enable additional Bedrock guardrails independently
- AI transparency prevents hallucination concerns through explanations
- Claude's extended thinking mode shows reasoning process
- AI visualizes thinking with flowcharts explaining decision process
Participants:
- Russell Leighton – Chief Architect, Panther
Further Links:
- Website: Panther.com
- AWS Marketplace
See how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/
View all episodes
By Amazon Web Services
5
1010 ratings
Chief Architect Russell Leighton discusses how Panther's cloud platform revolutionizes security operations by treating detections as Python code and AI enabled alert vetting turning responses from hours into minutes.
Topics Include:
- Panther is a cloud security monitoring tool (cloud SIEM)
- Works at massive scale, more cost-effective than legacy systems
- Key differentiator: "detections as code" written in Python
- Brings software engineering best practices to security operations
- Enables unit testing and version control for security detections
- Recently adopted generative AI to improve security workflows
- SOC burnout is renowned due to tedious ticket processing
- AI has intelligence of security engineer, works much faster
- Example: Alert shows "Russ Leighton removed branch protection"
- Old way: Manual log analysis, checking user profiles manually
- Takes hours of squinting at detailed log data
- New AI way: Automatic vetting happens in minutes
- AI checks user profile in Okta or IDP
- Determines engineer status, assesses typical behavior patterns
- Provides risk assessment based on historical alert data
- Low risk for engineers, high risk for unusual users
- Example: HR person accessing production code is escalated
- Customer quote: Takes vetting "from hours to seconds"
- Panther customers get dedicated AWS accounts for security
- Company can't see customer data, only self-reported metrics
- AI provides summaries, risk assessments, timelines, visualizations
- Also suggests remediations like human security engineer would
- Initial concerns about putting AI in production environment
- Customer feedback exceeded expectations with feature requests
- AWS Bedrock integration addresses customer security concerns
- Uses Anthropic Claude as base LLM through Bedrock
- Customers can enable additional Bedrock guardrails independently
- AI transparency prevents hallucination concerns through explanations
- Claude's extended thinking mode shows reasoning process
- AI visualizes thinking with flowcharts explaining decision process
Participants:
- Russell Leighton – Chief Architect, Panther
Further Links:
- Website: Panther.com
- AWS Marketplace
See how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/
More shows like AWS for Software Companies Podcast
View all
WSJ Tech News Briefing
1,646 Listeners
WSJ What’s News
4,335 Listeners
The Changelog: Software Development, Open Source
283 Listeners
a16z Podcast
1,030 Listeners
Software Engineering Daily
623 Listeners
Pivot
9,109 Listeners
AWS Podcast
202 Listeners
Founders
1,870 Listeners
Y Combinator Startup Podcast
216 Listeners
Morning Brew Daily
2,957 Listeners
The Stack Overflow Podcast
63 Listeners
All-In with Chamath, Jason, Sacks & Friedberg
9,045 Listeners
Big Technology Podcast
421 Listeners
Hard Fork
5,426 Listeners
Prof G Markets
1,041 Listeners