Feb 21, 2024

Now Generally Available


  • Panther’s schema inference tool will now only switch from an object to a json property if the incoming json has 200 or more fields. 
  • Field Discovery is now available for all parser types including fastmatch and regex.
  • Added support for Azure Government Cloud.

Panther Developer Workflows

  • panther-analysis version 3.42.0 was released, containing the following notable changes:
    • Separated Simple Detections into a new simple_rules directory in the top-level rules directory.
    • All Simple Detections now have a _simple suffix.

Bug Fixes

  • Slack bot now maintains special characters “<”, “>”, and “&” in message fields after update, notably in alert title and runbook.
  • Added support for long alert indicators.
  • Fixed an issue that caused endless get events pagination.
  • Newlines in Simple Detection tests no longer cause the test to fail.
  • Fixed a bug where users were unable to remove all log types from a destination once a single log type had been set.
  • Cloned rules with duplicate IDs of an existing rule no longer crash on save.
  • Fixed a bug in the clone and inherit rule forms that caused your cursor to move to the end of the text box after every button press.
  • Fixed an issue with Panther users displaying as Panther (Deactivated) in the Panther Console.
  • Fixed an issue that prevented long alert activity history text from wrapping correctly.

Previous Releases

v1.99 Feb 14, 2024
Added the ability to configure dynamic severity, alert context, and groupby functions for Simple Detections in the Panther Console.
v1.98 Feb 7, 2024
Ingest Amazon Security Lake logs using our new built-in integration.
v1.97 Jan 31, 2024
Quickly investigate your data using the new OR filters, filter groups, and IoC searching functionalities in the Panther Search tool.