Hacker News new | past | comments | ask | show | jobs | submit login

I doubt that’s true. There are plenty of people who would like to improve their cloud security but find the tooling very inaccessible. Particularly in small teams which the blog says is a target market.

He’s not wrong, and because of all the snake oil in the security industry, it’s kind of important to point this out and set realistic expectations for investing in these kinds of products. This won’t improve your security. An incident response team will (well, maybe). It’s a tool for incident response teams. It is a money pit to anyone else - even if it’s “free”.

Looking through Panther, I think many of the cloud security tools are useful for the standard cloud engineer. Many of the features I've seen small companies build by hand - usually poorly. And if the autoremediation works as advertised, this tool would drastically simplify some common pain-points (i.e. we all know the practices to avoid, but hooking up the infrastructure to detect and fix it is a time-consuming PITA).

Even if you're too small to have an incident response team, if you work on the cloud, you need to prevent these common security issues. I can't imagine using a tool built for the purpose is more of a money pit than writing it yourself as many cloud engineers end up doing.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact