Panther Labs, provider of a cloud-scale security analytics platform trusted by many of the world's leading brands, and GreyNoise Intelligence, a cyber security company that analyzes internet-scanning traffic to separate threats from background noise, have partnered to provide integrated threat intelligence to all Panther customers through new out-of-the-box data enrichment.
With this innovation, security teams can stay focused on critical alerts and reduce alert fatigue by ruling out internet background noise in their detection and alerting logic.
It is increasingly difficult for security teams to separate signal from noise, due to the exponential increase in security-relevant data generated by cloud infrastructure and the alarming pace with which attackers can evolve their tools, techniques and processes. In fact, in a recent survey of security engineers on the state of SIEM, excessive alerts and false positives were ranked as the first and second most significant challenges they face with SIEM platforms. This is concerning given that the SIEM platform is often the foundational tool used by security teams to identify and triage alerts.
"Modern security teams need a fast, flexible and scalable platform for threat detection capable of analyzing terabytes of data per day, with built-in threat intelligence to rule out activity from trusted sources and immediately flag activity from known bad actors," said Jack Naglieri, CEO and founder, Panther Labs. "With Panther and GreyNoise, security teams can cut through background noise, improve alert fidelity, speed up analyst workflows and ensure prioritization of the most critical alerts. By making detection and response faster and more accurate, security teams can better protect their organizations from disruptive cyberattacks."
All Panther customers now have access to GreyNoise data enrichment within the Panther security intelligence platform. This new integration enables security teams to craft detections using contextual data from GreyNoise to evaluate network behavior, and trigger or suppress alerts accordingly. Additionally, context from GreyNoise can be appended to alerts to provide actionable details to speed incident response.
Two levels of threat intelligence data are available through this integration:
- Threat intelligence from the Basic GreyNoise package is available to all Panther customers, at no additional cost.
- Panther customers who wish to do more advanced filtering and threat hunting can upgrade to an Advanced GreyNoise package.
"With GreyNoise and Panther, our team can stay focused on identifying and preventing attacks and minimize time spent on irrelevant alerts," said Swarup Pattnaik, Director of Detection Engineering & Incident Response, AirTable.
Almost 50% of security engineers surveyed in Panther's "Life as a Security Engineer" research report are feeling very burned out at work. Alert fatigue is certainly an important contributing factor to these feelings of burnout.
Adopting a modern toolset like the Panther platform, with threat intelligence from GreyNoise, can deliver substantial reductions in false positives while helping security teams feel more confident in their ability to protect their organizations.
To learn more about how to reduce alert fatigue with Panther and GreyNoise, join the live webinar on April 6, 2022, at 11 a.m. PT by registering here: https://panther.com/resources/webinars/how-to-reduce-alert-fatigue-with-panther-and-greynoise/.
About Panther Labs
Panther Labs powers security monitoring for many of the world's premier brands. We provide a fast, flexible and scalable platform for threat detection and incident response, capable of analyzing terabytes of data per day in real time. By adopting a serverless architecture and detection-as-code, Panther frees security teams from the slow performance, heavy operational overhead, and high cost of traditional SIEM. Panther was founded by a team of veteran security practitioners and is trusted by customers like Dropbox, Zapier, Snowflake, and more.
About GreyNoise Intelligence
GreyNoise empowers the security teams of enterprises and global governments to act with speed and confidence by providing real-time, verifiable perimeter-based threat intelligence. This allows security teams to reduce noise in security operations, perform in-depth threat hunting campaigns, and focus on the most critical threats to their network. Our patented sensor technology enables us to collect and analyze unique threat data at-scale that no one else can. We provide the most actionable threat intelligence against mass internet scanning and exploitation, so that no attack works twice.For more information, please visit https://www.greynoise.io/, and follow us on Twitter and LinkedIn.
