Home

Panther is a powerful, flexible, and cloud-native platform for securing your Cloud Infrastructure. It works by scanning your environment, observing changes in real-time, and alerting if a misconfiguration or suspicious activity is detected.

Panther enables teams to define the ideal resource state in code as Python Policies and Rules, and optionally configure to auto-remediation to fix your cloud infrastructure.

Panther can be used deployed as a SaaS or deployed within your own AWS Cloud.

Example Policy

Each entity within an AWS account is defined as a Resource. Each Resource has a set of attributes that can be referenced in a Policy. Policies can be defined either in the web UI or in a set of Python and YAML or JSON files.

The example below analyzes AWS.S3.Bucket resources to determine if a Public ACL was applied to it.

example_policy.py
example_polcy_spec.yml
example_policy.py
GRANTEES = {
'http://acs.amazonaws.com/groups/global/AuthenticatedUsers',
'http://acs.amazonaws.com/groups/global/AllUsers'
}
PERMISSIONS = {'READ'}
def policy(resource):
for grant in resource['Grants']:
if grant['Grantee']['URI'] in GRANTEES and grant['Permission'] in PERMISSIONS:
return False # Non-Compliant
return True # Compliant
example_polcy_spec.yml
Filename: example_policy.py
DisplayName: Example Policy to ensure S3 buckets are not world readable.
PolicyID: Example.Policy.01
Enabled: true
ResourceTypes:
- AWS.S3.Bucket
Tags:
- AWS
- S3
- SOC 2
Runbook: Confirm with the user who made the bucket public or add to the ignore list.
Reference: https://docs.aws.amazon.com/AmazonS3/latest/user-guide/set-permissions.html
Tests:
-
Name: Compliant bucket
ResourceType: AWS.S3.Bucket
ExpectedResult: true
Resource:
Key: Values
For: Our Resource
Based: On the Schema

Benefits

  • Modern, fully managed, and cloud-native platform built on top of Serverless.

  • Powerful Web UI to create/update/tune policies, browse resources, visualize the state of your cloud, and more.

  • Scalable to support any number of AWS accounts to obtain unified visibility and control.

  • Quick to detect changes and send alerts as resources change and fail policy checks.

Use Cases

  • Detect Vulnerable Cloud Components to ensure security best practice and identify misconfigured Cloud resources.

  • Stay Compliant by enforcing security controls from industry standards such as CIS, PCI DSS, and more.

  • Use Panther's Open Source Auto-Remediation Lambda function to safely and quickly fix non-compliant resources.

Quick Start