Panther Labs, provider of a cloud-scale security analytics platform trusted by many of the world’s leading brands, and GreyNoise Intelligence, a cyber security company that analyzes internet-scanning traffic to separate threats from background noise, have partnered to provide integrated threat intelligence to all Panther customers through new out-of-the-box data enrichment.
With this innovation, security teams can stay focused on critical alerts and reduce alert fatigue by ruling out internet background noise in their detection and alerting logic.
Marketing Technology News: MarTech Interview with Myles Kleeger, President & Chief Customer Officer at Braze
It is increasingly difficult for security teams to separate signal from noise, due to the exponential increase in security-relevant data generated by cloud infrastructure and the alarming pace with which attackers can evolve their tools, techniques and processes. In fact, in a recent survey of security engineers on the state of SIEM, excessive alerts and false positives were ranked as the first and second most significant challenges they face with SIEM platforms. This is concerning given that the SIEM platform is often the foundational tool used by security teams to identify and triage alerts.
“Modern security teams need a fast, flexible and scalable platform for threat detection capable of analyzing terabytes of data per day, with built-in threat intelligence to rule out activity from trusted sources and immediately flag activity from known bad actors,” said Jack Naglieri, CEO and founder, Panther Labs. “With Panther and GreyNoise, security teams can cut through background noise, improve alert fidelity, speed up analyst workflows and ensure prioritization of the most critical alerts. By making detection and response faster and more accurate, security teams can better protect their organizations from disruptive cyberattacks.”
All Panther customers now have access to GreyNoise data enrichment within the Panther security intelligence platform. This new integration enables security teams to craft detections using contextual data from GreyNoise to evaluate network behavior, and trigger or suppress alerts accordingly. Additionally, context from GreyNoise can be appended to alerts to provide actionable details to speed incident response.
Two levels of threat intelligence data are available through this integration:
- Threat intelligence from the Basic GreyNoise package is available to all Panther customers, at no additional cost.
- Panther customers who wish to do more advanced filtering and threat hunting can upgrade to an Advanced GreyNoise package.
“With GreyNoise and Panther, our team can stay focused on identifying and preventing attacks and minimize time spent on irrelevant alerts,” said Swarup Pattnaik, Director of Detection Engineering & Incident Response, AirTable.
Almost 50% of security engineers surveyed in Panther’s “Life as a Security Engineer” research report are feeling very burned out at work. Alert fatigue is certainly an important contributing factor to these feelings of burnout.
Adopting a modern toolset like the Panther platform, with threat intelligence from GreyNoise, can deliver substantial reductions in false positives while helping security teams feel more confident in their ability to protect their organizations.
Marketing Technology News: Ahrefs Launches New Usage-Based Pricing