Jack Naglieri is an information security expert with 10+ years of experience leading detection and response initiatives at large consumer-facing companies. In addition to his role as CEO at Panther, Jack co-created and was the core developer of StreamAlert, an open source data analysis framework widely adopted by the security community.
Jack on his experience leading Airbnb's open-source security project, StreamAlert, preparing him to successively build and launch Panther.
(Jack talks about different open source security tools) - 0:48
Origins of StreamAlert (Serverless data analysis framework, built and open sourced at Airbnb) - 1:52
Why did I quit my job (How do we go from a fun open source project to a business with employees, customers and responsibilities? Early guidance: books like The Lean Startup and Zero To One, Marc Andresseen’s and Paul Graham’s blogs) - 3:51
Product planning (Basic questions: what are we going to build? Who is using the tool? What are their pain points? What are the key use-cases?) - 5:42
Forking vs Starting Fresh (Jack on the hard choice they had to make, pros and cons on both sides. Why did they choose starting fresh? Total project control, setting a new direction, new design with less debt.) - 11:07
Go Open Source (How Jack got inspired by Eric Schmidt to go open source. Jack talks about how open source helped them engage their user base - security engineers. How open source bring trust and elevates code quality. ) - 12:45
Run Panther (Jack explains how Panther works. Panther is built for cloud focused security firms - where it fits in their pipeline? How it does real-time monitoring and how it builds operational awareness and visibility? How Panther helps with visualizations, investigation and hunting? ) - 16:00
Why OSS? (Three key areas: scalable, powerful and open.) - 18:22
Why Enterprise? (Dedicated team of engineers, advanced features and hosting support, enterprise support for bigger security teams, continuous growth and refinement) - 19:47
Balancing Commercials and OSS (What technical decisions Panther had to make? How did they create a framework for feature segmentation? How did they decide on licensing (AGPLv3)?) - 21:54
Community! (How Panther engages with their community, security reporting, public Slack channel.) - 26:11
Pushing Forward (Jack talks about the future of Panther and the future of Commercial Open Source) - 27:22
Share your questions and comments below!