Analysis

A security analytics platform built for cloud-focused security teams

panther-analysis

Panther is a security analytics platform built for cloud-focused security teams.

Panther enables teams to define detections as code and programmatically upload them to your Panther deployment.

Quick Start

# Clone the repository
git clone [email protected]:panther-labs/panther-analysis.git
cd panther-analysis

# Configure your Python environment
make install
make venv
source venv/bin/activate

# Install dependencies and run your first test!
make deps
panther_analysis_tool test --path aws_cloudtrail_rules/

Getting Started

The examples below demonstrate the local Panther workflow:

# Run detection tests

panther_analysis_tool test [-h] [--path PATH]

                                [--filter KEY=VALUE [KEY=VALUE ...]]

                                [--debug]


# Test with a specific path

panther_analysis_tool test --path cisco_umbrella_dns_rules


# Test by severity

panther_analysis_tool test --filter Severity=Critical


# Test by log type

panther_analysis_tool test --filter LogTypes=AWS.GuardDuty


# Create a zip file of detections


 


 




 


To finish reading, please visit source site