Panther Labs, provider of a cloud-scale security analytics platform trusted by many of the world's leading brands, and GreyNoise Intelligence, a cyber security company that analyzes internet-scanning traffic to separate threats from background noise, have partnered to provide integrated threat intelligence to all Panther customers through new out-of-the-box data enrichment.
With this innovation, security teams can stay focused on critical alerts and reduce alert fatigue by ruling out internet background noise in their detection and alerting logic.
It is increasingly difficult for security teams to separate signal from noise, due to the exponential increase in security-relevant data generated by cloud infrastructure and the alarming pace with which attackers can evolve their tools, techniques and processes. In fact, in a recent survey of security engineers on the state of SIEM, excessive alerts and false positives were ranked as the first and second most significant challenges they face with SIEM platforms. This is concerning given that the SIEM platform is often the foundational tool used by security teams to identify and triage alerts.
"Modern security teams need a fast, flexible and scalable platform for threat detection capable of analyzing terabytes of data per day, with built-in threat intelligence to rule out activity from trusted sources and immediately flag activity from known bad actors," said Jack Naglieri, CEO and founder, Panther Labs. "With Panther and GreyNoise, security teams can cut through background noise, improve alert fidelity, speed up analyst workflows and ensure prioritization of the most critical alerts. By making detection and response faster and more accurate, security teams can better protect their organizations from disruptive cyberattacks."
All Panther customers now have access to GreyNoise data enrichment within the Panther security intelligence platform. This new integration enables security teams to craft detections using contextual data from GreyNoise to evaluate network behavior, and trigger or suppress alerts accordingly. Additionally, context from GreyNoise can be appended to alerts to provide actionable details to speed incident response.
Two levels of threat intelligence data are available through this integration:
"With GreyNoise and Panther, our team can stay focused on identifying and preventing attacks and minimize time spent on irrelevant alerts," said Swarup Pattnaik, Director of Detection Engineering & Incident Response, AirTable.
Almost 50% of security engineers surveyed in Panther's "Life as a Security Engineer" research report are feeling very burned out at work. Alert fatigue is certainly an important contributing factor to these feelings of burnout.
Adopting a modern toolset like the Panther platform, with threat intelligence from GreyNoise, can deliver substantial reductions in false positives while helping security teams feel more confident in their ability to protect their organizations.
To learn more about how to reduce alert fatigue with Panther and GreyNoise, join the live webinar on April 6, 2022, at 11 a.m. PT by registering here: https://panther.com/resources/webinars/how-to-reduce-alert-fatigue-with-panther-and-greynoise/.
About Panther Labs
Panther Labs powers security monitoring for many of the world's premier brands. We provide a fast, flexible and scalable platform for threat detection and incident response, capable of analyzing terabytes of data per day in real time. By adopting a serverless architecture and detection-as-code, Panther frees security teams from the slow performance, heavy operational overhead, and high cost of traditional SIEM. Panther was founded by a team of veteran security practitioners and is trusted by customers like Dropbox, Zapier, Snowflake, and more.
About GreyNoise Intelligence
GreyNoise is THE source for understanding internet noise. We collect, analyze and label data on IPs that saturate security tools with noise. This unique perspective helps analysts waste less time on irrelevant or harmless activity, and spend more time focused on targeted and emerging threats. GreyNoise is trusted by Global 2000 enterprises, government organizations, top security vendors and tens of thousands of threat researchers. For more information, please visit https://www.greynoise.io/, and follow us on Twitter and LinkedIn.