Book a Meeting

Watch our latest fireside chat with Doug Cahill: Cybersecurity Integrations: The ROI Black Hole

Synqly Expands Panther Labs Integration to Include Full SIEM Capabilities

February 23, 2026

We are pleased to announce that a new integration is live within the Synqly integration partner ecosystem. As modern security operations teams increasingly adopt cloud-native architectures, we are dedicated to ensuring our customers have access to the most advanced tools on the market. We are excited to share that OEM customers can now integrate with Panther Labs via the Synqly unified API to enable comprehensive SIEM use cases. This addition empowers security vendors to seamlessly interact with Panther’s detection-as-code platform beyond just event streaming, creating immediate value for end users who rely on Panther for incident response and threat investigation.

Panther Labs has redefined the traditional SIEM model by building a serverless, cloud-native platform designed for extreme scale and flexibility. Unlike legacy systems that struggle with the volume of modern data, Panther uses a detection-as-code approach, allowing security teams to write Python-based detections and automate their response workflows. Panther’s platform enables organizations to centralize security data in a data lake for real-time analysis, ensuring threats are identified and remediated quickly and precisely. As a supported provider in the SIEM category, Panther serves as a critical hub for security telemetry and investigation workflows, making it an essential integration for any vendor building security operations features.

Synqly customers can leverage this integration to perform vital bi-directional data functions within their own products. The connector is specifically designed for the SIEM category, enabling vendors to query alerts, events, and investigations directly from a customer’s Panther instance. By using the “Query Alerts” and “Get Investigation” capabilities, security vendors can ensure that their analysts have the most up-to-date context when responding to incidents. The integration enables vendors to update investigations and retrieve evidence, streamlining case management across tools. The integration handles the authentication and connection management, ensuring that the data pipeline remains robust and secure without requiring the vendor to manage the underlying API complexity.

The value of this connector lies in its ability to bridge the gap between product telemetry and active security operations. By integrating through the Synqly unified API, we enable our OEM customers to support Panther as both a source of intelligence and a destination for events without building a custom adapter. Customers can now deliver a streamlined experience in which their product data is automatically formatted for Panther, while simultaneously pulling critical alert data back into their own interfaces. This efficiency allows product teams to focus on generating high-quality security insights rather than maintaining infrastructure for complex API interactions.

For those interested in implementing this new capability, we have provided documentation to guide you through the setup process. You can find detailed instructions for configuring the connector and using the available endpoints in our documentation. We encourage all current and prospective customers to explore how they can enhance their product offerings by leveraging this powerful new integration.

To learn more about the specific endpoints and configuration steps, please visit the Panther SIEM Configuration Guide within the Synqly documentation.