Test, manage, package, and deploy all of your detections using Panther’s CLI tool
Why CLI?
As a DevOps and security engineer, you likely prefer using the command line interface (CLI) as much as possible for simple tasks like editing and organizing files.
What is Panther’s CLI Tool?
Panther automates the security operations pipeline by using code to detect suspicious behaviors and cloud misconfigurations. Panther provides two primary mechanisms to create this code: in the UI, or with a CLI tool.
With the Panther analysis CLI tool, you can test, package, and deploy all of your Cloud Security Policies and Log Analysis Rules via the command-line interface. This enables detections to be managed in code and tracked in version control systems like GitHub, GitLab, and SVN.
The Panther Analysis Tool can assist with creation, local testing, zipping, and uploading detections to Panther to support developer-oriented workflows. For many DevOps and security engineers, this is a more natural workflow that supplements the use of the Panther user interface.
How does this impact you?
In addition to working with Rules and Policies, you can also use our CLI tool to:
Access and operate Panther from machines that don’t have a GUI, e.g. an EC2 instance
Enable team collaboration for building detections
Perform operational tasks such as listing sources, rules, alerts, etc
Automate tasks like uploading Rules and Policies
Onboard new log and cloud security sources
Run Panther upgrade scripts
Get Started
The Panther analysis tool is available on pip.
Simply install with:
For running tests, use:
Find documentation to write detections with the Panther Analysis Tool:
TL;DR
Panther’s Analysis Tool helps security practitioners test, package, and deploy Policies and Rules from the CLI.
