About Panthero
Defence that has been
attacked, fixed, and proven
Panthero is the defensive half of the Panthero + Keelr autonomous offensive-defensive loop. Built in Europe, for teams that want their security posture verified, not just claimed.
Our mission
Close the loop between offence and defence
Security vendors sell either defence or offence. Defensive vendors cannot credibly run offence. Offensive vendors stop at findings and hand the fix back to the customer. The gap between "we found something" and "it is actually fixed and cannot be exploited any more" is where real breaches live.
Panthero and Keelr exist to close that gap. Keelr attacks. Panthero defends. Every fix gets re-attacked by Keelr to prove it holds. The whole cycle runs autonomously to staging; a human gates the push to production. This is what Attack-Proven Defence means.
Our vision
Two sibling platforms, one closed loop
Two products, two domains, two brands. One single loop. Keelr at keelr.co runs the offensive half. Panthero at panthe.ro runs the defensive half. Customers can buy either standalone, or bundle them into The Loop for Attack-Proven Defence.
The wedge is structural, not feature-based. Defensive incumbents cannot run offence without acquiring an offensive vendor. Offensive incumbents cannot own remediation without becoming a managed service. Only a platform built as a loop from day one can credibly sell continuous adversarial validation. That is us.
Keelr attacks, Panthero defends.
- Continuous adversarial simulation (Keelr)
- Defensive intelligence + active defence (Panthero)
- Behavioural scoring across both halves
- Agent-driven remediation + compensating defence
- Re-attack validation of every fix
- Human gate on production promotion
Our journey
Three decades in the making
Panthero did not appear overnight. It is the product of decades of hands-on work defending real infrastructure from real attackers - and building the offensive tooling to prove the defence works.
1996
It started with BASH
The first scripts were written to protect Linux servers and websites - automated firewall builders, log scrapers, and custom vulnerability scanners. Hand- crafted defence (and the offensive tooling to test it) for the open internet of the 1990s.
2013
The first ML model
Years before Panthero existed, the first machine- learning model was built to score traffic by behaviour - not just by origin. The idea that survives in every line of Panthero today started here.
2018
Panthero launches
panthe.ro is registered. The first production ML model goes live the same year. The platform that connects decades of defensive tools and intelligence into one unified product is born.
2026
The loop closes
Panthero + Keelr relaunch as the autonomous offensive- defensive loop. Keelr attacks, Panthero defends, the loop never stops. Continuous adversarial validation, EU-sovereign by design - the original vision, shipped.
Today, Panthero defends infrastructure for teams who refuse to compromise on security - and Keelr proves it works by attacking it. Every blocked request makes the platform sharper. Every customer we defend makes the next one safer.
Where we operate
Built in Europe. Sovereign by design.
EU regions
Infrastructure operated across multiple regions in Europe. Multi-region by design - latency, redundancy, and data residency that European security teams expect by default.
NIS2 + DORA aligned
Continuous adversarial validation maps to NIS2's technical-and-organisational-measures requirements and DORA's threat-led penetration testing obligations. The evidence trail your auditor needs, generated as a by-product of normal operation.
Security-first engineering
Every line of code starts with a security review. HMAC authentication, zero implicit trust, and strict policy enforcement are not features we sell - they are requirements we hold ourselves to.
Founder & CTO
Marius Boitor
The journey started in 1996. I began with BASH scripts protecting Linux servers, and from there built custom automated vulnerability scanners for the websites and infrastructure I was responsible for. Offensive and defensive tooling grew together, because you cannot prove a defence works without attacking it.
Panthero launched in 2018 as the defensive platform. Keelr launches as its offensive sibling in 2026. Together they are the autonomous loop the original idea was always aiming at - and today they defend infrastructure for teams that take security seriously.
Let's talk security
Have questions about the platform, the loop, or how Panthero fits your infrastructure? We'd love to hear from you.