Panther

Cloud-native SIEM built on Snowflake — detection-as-code with Python rules and pipeline-grade scale.

Enterprise

Pricing Tier

Medium

Learning Curve

1–3 months for rollout

Implementation

medium, large, enterprise

Best For

Visit website ↗🔖 Save to Stack Ask AI about Panther

✓ Use when

Cloud-native security teams that want SIEM functionality without Splunk pricing and who treat detections as software.

✗ Avoid when

Teams without existing data warehouse infrastructure or security engineers who prefer GUI-driven rule editors.

What is Panther?

Panther is a cloud-native SIEM that stores security logs in your own Snowflake, Athena, or Databricks warehouse rather than a proprietary store. Detections are Python functions, version-controlled in Git, so security engineers adopt software-engineering workflows. Popular with cloud-forward companies (Figma, Dropbox, Asana) who found Splunk and Datadog pricing unworkable.

Key features

✓Detection-as-code with Python

✓Bring-your-own Snowflake/Databricks/Athena

✓Prebuilt detections and data models

✓Alert destinations and investigations

✓Security Data Lake architecture

Integrations

SnowflakeAWSOktaCrowdStrike

💰 Real-world pricing

What people actually pay

No price data yet — be the first to share

No price data yet for Panther. Help the community — share what you pay (anonymized).

User Reviews

Be the first to review this tool