Cloud-based security analytics company Panther Labs on Thursday announced $120 million in Series B funding, taking its valuation to $1.4 billion.
Panther’s news came a day after ReliaQuest’s valuation topped $1 billion, so the security funding market has continued to heat up as the year closes.
The company plans to enhance its platform to solve the limitations of existing security information and event management (SIEM) platforms, delivering proactive security monitoring and analytics designed for cloud environments.
“Rapid cloud adoption has transformed the way businesses operate and security teams are overwhelmed by increasing data volumes and an ever-expanding attack surface,” said Jack Naglieri, founder and CEO of Panther Labs. “Legacy SIEM platforms weren’t built for the cloud and can’t deliver the speed, scale and flexibility needed by modern security teams.”
Panther’s recent State of SIEM 2021 report underscored the challenges security teams face with traditional SIEM platforms. Some 18% of security practitioners said it took more than 12 months for deployment and implementation of their SIEM, 24% said the biggest challenge with a SIEM platform was too many alerts, and 46% say cost versus capabilities do not align at their company.
The adoption of cloud-native technologies brings a deluge on security teams because they need ways to keep up with rapid development cycles, said Melinda Marks, a senior analyst at the Enterprise Strategy Group.
“SIEMs provide the logs and data for security and compliance, but the value is in the speed of analysis – how quickly it can help the security team find a needle in a haystack of data instead of having to go through and spend their cycles to analyze the data themselves,” Marks said. “The cloud environments have different, more dynamic components that need to be monitored and analyzed. So taking a modernized approach is important to help security teams scale with cloud-native development.”
Kevin Dunne, president at Pathlock, said while SIEMs have become an established market, the category has changed. He said larger companies that have heftier budgets and can afford dedicated SIEM teams and infrastructure, deploy more traditional products like Splunk. Smaller, more nimble organizations find that those products are too expensive and cumbersome and are adopting more modern solutions like Panther.
Dunne said Panther solves a few important problems that exist when smaller organizations attempt to adopt a more enterprise solution like Splunk:
- Licensing costs are often tremendous, costs are based on the number of logs processed, and that does not always scale well with company revenue (especially for B2C companies with large volumes of customers).
- The infrastructure to deploy enterprise solutions does not scale with revenue, and requires specific resources for hosting and management of the solutions.
- Adoption and customization of enterprise solutions gets cumbersome and requires companies to train dedicated personnel.
“Panther has taken a new approach to this problem by providing a cost-effective solution, which is hosted in the cloud and relies on knowledge that most DevOps personnel would already have, such as Python,” Dunne said. “While it may not be what every enterprise demands when it comes to a SIEM solution, it will certainly provide a worthy alternative for small and medium-sized business looking for a more tailored product for their environment.”
John Bambenek, principal threat hunter at Netenrich, said SIEMs do “security information” fine, but don’t even begin to address “event management.”
“If a company has qualified people, they can do that work in the SIEM manually, but what organizations need are tools and automation that does most of the work for them instead of forcing them to shovel most of their OpEx out the door and then have to hire a team to do the work the tool promised to do in the first place,” Bambenek said.
Jon Oltsik, senior principal analyst and ESG Fellow, added that Panther Lab has followed a consistent trend of taking an existing security technology, modernizing its design/development, and focusing it on cloud-native technologies.
“We’ve seen this in application security, workload security, and now we see it with SIEMs,” Oltsik said. “The issues with cloud security monitoring include scale, tracking ephemeral activities, monitoring APIs, and understanding how these behaviors relate to cyber-threats. Clearly, Panther Labs has bet it can do these things better than traditional SIEM vendors, while appealing to cloud developers and cloud security architects. Other security firms have been successful with a similar strategy so there’s certainly an opportunity for Panther Labs.”
Frank Dickson, vice president for security and trust at IDC, said hybrid and multi-cloud IT architectures create complexity that will get worse before it gets better.
“The issue of complexity increases the attack surface, creating an acute visibility and detection problem,” Dickson said. “For those looking to solve the problem and address the market need, there’s a $22 billion security analytics opportunity by 2025. The promise of a total available market of that size will continue to draw funding. The winners and losers have yet to be decided.”