v1.35

31 May, 2022

Features

  • You can now filter by column without writing SQL when working within the Results table located in the Data Explorer in the Panther Console.

Enhancements

  • Panther’s backend has been upgraded from Python 3.7 to Python 3.9.
  • The Source ID and an option to copy the Source ID have been added to the Basic Info section of the Log Source operations page in the Panther Console.
  • The alarm that generates alerts for missing data for audit logs is now disabled by default.
  • The organization of metadata in the Detections Details tab of the Panther Console has been refreshed. 
  • When viewing the Rule Matches tab of a Detection in the Panther Console, “Open” and “Triaged” filters are now applied by default. This is consistent with the default filters applied in the Alerts tab in the Alerts & Errors section of the Console.
  • The Overview page in the Panther Console now lists rules by rule name instead of rule ID. Additionally, the rule name can now be edited from the Overview page.
  • When listing alerts using the Panther API, a date range is now required.
  • The following parameters have been added to Panther’s CloudFormation deployment parameters:
    • DatadogAPIKey
    • DatadogExtensionVersion
    • DatadogEnabled
    • EnableReports
    • AirgapSubnetOneIPRange
    • AirgapSubnetTwoIPRange
    • FeatureSandboxedExecFlows
    • EnableIntelligentTiering
    • SlowRuleMaxDuration
    • SnowflakeDDLUpdateConcurrency

Bug Fixes

  • Fixed a bug that displayed null values in the JSON viewer.
  • Fixed a bug that caused the Panther Analysis Tool test to fail to load global helpers when importing globals in alphabetical order.