Jack Naglieri, the founder of Panther Labs, was previously a security engineer at Airbnb and Yahoo where he spent years on the front lines defending against security threats. There, his team struggled to cope with ever-growing volumes of security data, the complexities of securing public cloud environments, and detecting increasingly sophisticated attacks. To centralize data and create detections, Jack’s team evaluated all the traditional SIEM (security information and event management) products but quickly realized none would meet their requirements for flexibility, scale, and cost. This led his team to create an open-source project called StreamAlert, which then became the inspiration for Panther, a product that expands on the original vision and is designed to be much easier to use.
When I first heard Panther’s origin story, it reminded me of a similar story I heard more than a decade ago while working as an early product manager at Splunk. Back then, I frequently heard customers expressing frustration with scaling and customizing the dominant legacy SIEM products of the time (e.g. Arcsight, LogLogic). Over many years, Splunk ended up leapfrogging these legacy vendors by combining major architectural innovations (scalable indexing, schema-on-the-fly) with a fundamentally better user experience for security analysts.
“History doesn’t repeat itself but it often rhymes” — Mark Twain
After speaking with dozens of CISOs and security leaders over the last year, it’s become clear that many of the problems that companies like Airbnb, Yahoo, and AWS saw a few years ago are now impacting all companies today, especially as they migrate to the cloud. We believe Panther embodies what the next generation of security engineers and cloud-first organizations need:
- An architecture that leverages the latest serverless (e.g. AWS Lambda) and storage (e.g. S3, Snowflake) technology, eliminating the need to manage large clusters and dramatically reducing cost and operational overhead
- A product that is open-source, uses an open security data lake architecture, and has a self-serve community edition so customers can get started easily but also trust that the product will be long-term future-proof
- A design that is both developer-friendly and easy to use by leveraging well-known technologies like python to create complex detections, and SQL to perform analytics.
- A cloud-first feature set that makes it easy to gather the most relevant security data from cloud environments
At Lightspeed, we love investing in founders who have really “lived” the problem they are trying to solve, like Jack. We’ve also been impressed to see how Panther is already serving some of the most innovative security teams at companies like Gitlab, Scribd, and Cedar. Today, Panther announced a $15M Series A financing led by Lightspeed to help accelerate product development and go-to-market efforts. We are proud to be part of the journey.
Authors
