Sign up to save your podcasts
Or
Share Ep107: Cloud-Scale Security Monitoring – How Panther and AI are Revolutionizing Cybersecurity
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Ep107: Cloud-Scale Security Monitoring – How Panther and AI are Revolutionizing Cybersecurity
Chief Architect Russell Leighton discusses how Panther's cloud platform revolutionizes security operations by treating detections as Python code and AI enabled alert vetting turning responses from hours into minutes.
Topics Include:
- Panther is a cloud security monitoring tool (cloud SIEM)
- Works at massive scale, more cost-effective than legacy systems
- Key differentiator: "detections as code" written in Python
- Brings software engineering best practices to security operations
- Enables unit testing and version control for security detections
- Recently adopted generative AI to improve security workflows
- SOC burnout is renowned due to tedious ticket processing
- AI has intelligence of security engineer, works much faster
- Example: Alert shows "Russ Leighton removed branch protection"
- Old way: Manual log analysis, checking user profiles manually
- Takes hours of squinting at detailed log data
- New AI way: Automatic vetting happens in minutes
- AI checks user profile in Okta or IDP
- Determines engineer status, assesses typical behavior patterns
- Provides risk assessment based on historical alert data
- Low risk for engineers, high risk for unusual users
- Example: HR person accessing production code is escalated
- Customer quote: Takes vetting "from hours to seconds"
- Panther customers get dedicated AWS accounts for security
- Company can't see customer data, only self-reported metrics
- AI provides summaries, risk assessments, timelines, visualizations
- Also suggests remediations like human security engineer would
- Initial concerns about putting AI in production environment
- Customer feedback exceeded expectations with feature requests
- AWS Bedrock integration addresses customer security concerns
- Uses Anthropic Claude as base LLM through Bedrock
- Customers can enable additional Bedrock guardrails independently
- AI transparency prevents hallucination concerns through explanations
- Claude's extended thinking mode shows reasoning process
- AI visualizes thinking with flowcharts explaining decision process
Participants:
- Russell Leighton – Chief Architect, Panther
Further Links:
- Website: Panther.com
- AWS Marketplace
See how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/
View all episodes
By AWS - Amazon Web Services
5
1010 ratings
Chief Architect Russell Leighton discusses how Panther's cloud platform revolutionizes security operations by treating detections as Python code and AI enabled alert vetting turning responses from hours into minutes.
Topics Include:
- Panther is a cloud security monitoring tool (cloud SIEM)
- Works at massive scale, more cost-effective than legacy systems
- Key differentiator: "detections as code" written in Python
- Brings software engineering best practices to security operations
- Enables unit testing and version control for security detections
- Recently adopted generative AI to improve security workflows
- SOC burnout is renowned due to tedious ticket processing
- AI has intelligence of security engineer, works much faster
- Example: Alert shows "Russ Leighton removed branch protection"
- Old way: Manual log analysis, checking user profiles manually
- Takes hours of squinting at detailed log data
- New AI way: Automatic vetting happens in minutes
- AI checks user profile in Okta or IDP
- Determines engineer status, assesses typical behavior patterns
- Provides risk assessment based on historical alert data
- Low risk for engineers, high risk for unusual users
- Example: HR person accessing production code is escalated
- Customer quote: Takes vetting "from hours to seconds"
- Panther customers get dedicated AWS accounts for security
- Company can't see customer data, only self-reported metrics
- AI provides summaries, risk assessments, timelines, visualizations
- Also suggests remediations like human security engineer would
- Initial concerns about putting AI in production environment
- Customer feedback exceeded expectations with feature requests
- AWS Bedrock integration addresses customer security concerns
- Uses Anthropic Claude as base LLM through Bedrock
- Customers can enable additional Bedrock guardrails independently
- AI transparency prevents hallucination concerns through explanations
- Claude's extended thinking mode shows reasoning process
- AI visualizes thinking with flowcharts explaining decision process
Participants:
- Russell Leighton – Chief Architect, Panther
Further Links:
- Website: Panther.com
- AWS Marketplace
See how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/
More shows like AWS for Software Companies Podcast
View all
WSJ Tech News Briefing
1,640 Listeners
Security Now (Audio)
2,001 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
639 Listeners
The Strategy Skills Podcast: Strategy | Leadership | Critical Thinking | Problem-Solving
104 Listeners
AWS Podcast
205 Listeners
NVIDIA AI Podcast
340 Listeners
Practical AI
208 Listeners
Morning Brew Daily
2,994 Listeners
All-In with Chamath, Jason, Sacks & Friedberg
9,790 Listeners
Cyber Security Headlines
133 Listeners
The AI Daily Brief: Artificial Intelligence News and Analysis
550 Listeners
HBR On Leadership
162 Listeners