v1.115
LATEST RELEASE
calendar
Sep 19, 2025
New and Noteworthy
Configure whether you’d like to receive alert assignment emails, as well as your individual timezone setting, in the Profile Settings page in the Panther Console.
Populate data in your custom Lookup Tables from a Google Cloud Storage (GCS) bucket.
Ingest data through the new Panther-managed log source integrations: Microsoft Intune, Microsoft Defender XDR, Docusign, and Axonius.
Configure your Scheduled Searches to send an email report each time they run, optionally including a CSV with the search results.
Use the
p_any_cves
andp_any_mitre_attack_techniques
indicator fields, which enable faster searching across log types.Enrich incoming logs with additional context through the MISP Warning Lists Enrichment Provider.
Open support tickets and browse the Knowledge Base directly in the Panther Console with the Pylon messenger.
Enhancements
Enable two-way comment syncing between your Slack Bot alert destination and the alert in the Panther Console. If you’d like to update an existing Slack Bot destination for two-way comment syncing, you must update your Slack app manifest.
Leverage the following enhancements to Panther AI:
Provide organization-specific context and direction to Panther AI with the Customer Profile field.
You can now select certain alerts to summarize with Panther AI, as well as manage AI summaries, from the alert list page.
The new
listLogSourcesTool
analyzes Panther's data integrations, providing detailed health monitoring and configuration insights.
Improve the security posture of your Snowflake Audit Logs integration in Panther with the ability to specify a custom database/schema and seamlessly rotate your RSA key.
Field discovery is enabled for the following Panther-managed log schemas:
GitHub.Webhook
,GitHub.Audit
,Crowdstrike.EventStreams
,GCP.AuditLog
,GCP.HttpLoadBalancer
, andLacework.Events
. Additional schemas will be enabled on a rolling basis.Leverage case-insensitive condition support in filter chips in Inline Filters and Simple Detections.
Use
allowContains
anddenyContains
in your custom schemas to validate that string values contain or do not contain specific substrings.Ingest XML-formatted logs enclosed in a root element.
Now Generally Available
Panther Developer Workflows
Since the last Panther release, the
panther-analysis
repository has published versions 3.82.0–3.85.0, which include a number of changes, such as:New rules for Bedrock Model Invocation Logs
NX supply chain compromise detections for GitHub Audit and Webhook logs
The Panther Analysis Tool (PAT) has released version 1.1.0, which includes:
Schema updates to support Scheduled Search email reports
Bug Fixes
Changed type of
id
field of GitLab.Audit to bestring
instead ofbigint
Jira comment syncing now functions properly for comments submitted through the Panther API
Fixed a bug that prevented bulk downloads when users had numerous Lookup Tables or Saved Searches
Fixed bug that would result in truncation of big numbers in rule matches results
Fixed an issue that would result in persistent 5xx errors when using the Panther Terraform provider to manage more than 10 HTTP sources
Fixed issue that would hide the error message for Workday and Anomali health check failures
Fixed issue that would result in Crowdstrike FDR CSPM policy events generating classification failures
Fixed issue that would result in several health check failures for Atlassian integrations that were otherwise working normally
Ready for less noise
and more control?
See Panther in action. Book a demo today.