Each page in this section describes the purpose and reasoning for the AWS related policies distributed by Panther. They also include guidance on how to remediate policy failures, along with recommended steps and security best practices.
To view all Policies in the Panther UI, click the
Policies button on the sidebar. Policies can be filtered and sorted based on:
Initially, a Policy's
status will be
Insufficient data until an event matching the given log type is analyzed. Once it's analyzed, Alerts will dispatch via the configured Output for the policy's severity and will show up in the Policy Dashboard.
To display an overview of all
Failing Policies, click the Panther Icon in the top left to open the Dashboard. The Dashboard allows Policies to be sorted by Severity on the top right, to allow for easier drill-downs into failing Policies.