v1.27

27 Jan, 2022

New and Noteworthy

  • Lookup Tables allow you to add important context to your detections and alerts for improved investigation workflows. Use Lookup Tables to enhance alerts with metadata and context, such as identity/asset information, vulnerability context, and network maps. (docs)
  • Pull your audit logs from Atlassian with our new native Atlassian Log Puller integration. (docs)

Features

  • New alert functionality for when Panther fails to successfully scan cloud security resources. (docs)
  • Data sent to Panther via log ingestion will now be backed up in a Panther-managed S3 bucket for improved data resiliency. (docs)

Enhancements

  • Custom detection pack sources experience has been moved to the "Packs" page under "Analysis" tab for improved navigation. (docs)
  • Panther will now generate a GetObject system error alert if an S3 bucket is onboarded with an incorrect stream type.
  • Improved and simplified the setup process for onboarding AWS CloudWatch Logs as a data transport.
  • All steps in log source onboarding experience are now active to simplify editing a log source after initial setup.
  • Panther will now generate a GetObject system error alert if a GZIP file becomes corrupted.

Bug Fixes

  • Fixed an issue that caused the rules engine to fail to report rule errors for scheduled queries.