v1.101

Feb 29, 2024

New and Noteworthy

The following features are in open beta and are available to all Panther customers.

  • Use normalized event filtering to filter out events after they have been parsed by a log schema.
  • Use our two new REST API endpoints for data models and queries to programmatically manage more of your detection content.

Now Generally Available

Enhancements

  • Data replay now supports inline filters.
  • Our existing Lacework log source integration has been split into two options in the log source setup page in the Panther Console: Lacework Export and Lacework Alert Channel Webhook.
    • These options more clearly represent previously-existing configuration options when setting up a Lacework log source.

Bug Fixes

  • Fixed a bug with re-delivering alerts where only rule alerts would get re-delivered (and not, for example, system health alerts) when a user manually clicked the “re-deliver alert” button.
  • Fixed an issue with detection rule match list filters in the Console that prevented them from functioning as intended.
  • Alert IDs will now be deduplicated when a user requests the same alert ID multiple times in a public API request, instead of returning an error.
  • The Simple Detection Console builder now supports boolean False and empty string comparisons.
  • Fixed a bug with Simple Detection KeyPaths where uppercase keys after an array index were impossible to match against.
  • Fixed a bug that treated rule errors as rule matches when attempting to re-deliver alerts. 
`

Previous Releases

v1.100 Feb 21, 2024
Our built-in Carbon Black, Netskope, and Tenable log sources are out of their open beta phase and are now generally available.
 
v1.99 Feb 14, 2024
Added the ability to configure dynamic severity, alert context, and groupby functions for Simple Detections in the Panther Console.
 
v1.98 Feb 7, 2024
Ingest Amazon Security Lake logs using our new built-in integration.