v1.18

Jun 8, 2021

New and Noteworthy

  • View and clone Panther-managed schemas in the UI for simpler schema management
  • Pivot from IP addresses, ARNs, and other indicators in alerts to investigate hits across data sources

Features

  • Data that fails to normalize due to a parsing error is now searchable in the data lake
  • Mock external API calls when unit testing detections to build effective detections (docs)

Enhancements

  • Scheduled queries and saved queries are now supported in Detection Packs
  • A table with "flat" GSuite data is created to more easily query and write detections against GSuite logs
  • CrowdStrike event tables are available to more easily query and write detections against CrowdStrike logs
  • Snowflake configuration steps have been updated for self-hosted customers upgrading to 1.18

Bug Fixes

  • Password reset flow is broken: this fixes a blank screen that appears after resetting a password
  • UI loses query ID: this fixes the query ID being dropped when toggling between Query History to Data Explorer