v1.32

Apr 5, 2022

New and Noteworthy

  • GreyNoise is now available as an enrichment source in Panther.
    • Use Panther detection capabilities with GreyNoise threat intelligence data to reduce false-positive alerts by:
      • Ruling out internet background noise from external event sources to ensure you’re focused on the most critical events first.
      • Identifying potential opportunistic attacks that may have been allowed into your perimeter.
      • Identifying emerging threats based on GreyNoise context data and tagging.
    • To enable Analyst roles to view and manage GreyNoise packages in the Panther Console, they will need to be assigned the View Lookups and Manage Lookups permissions.
    • The Basic GreyNoise package is included for all Panther customers at no additional cost. The Advanced package, which includes expanded intelligence from GreyNoise for advanced filtering and threat hunting, requires a paid subscription to be activated. Learn more in our documentation or by watching the demo video below.

Features

  • Added the ability to use Terraform templates when setting up Google Cloud Storage (GCS) data transport and AWS cloud accounts in the Panther Console.

Enhancements

  • When updating the S3 configuration on a Lookup Table in the Panther Console, an informational warning is now displayed indicating that users must also update IAM permissions and provide a new role ARN.
  • Alert severities for Alert Destinations in the Panther Console are now visually distinct and incorporate iconography rather than just color.
  • Panther’s CloudFormation deployment parameters have been updated.

Bug Fixes

  • Fixed a bug that reported an incorrect number of “modified” queries when uploading a zip containing queries in the Bulk Uploader in the Panther Console.
`

Previous Releases

v1.31 Mar 22, 2022
 
v1.30 Mar 7, 2022
Added the ability to use Terraform templates when setting up Amazon S3 and CloudWatch Logs in the Panther Console.
 
v1.29 Feb 17, 2022