May 31, 2022


  • You can now filter by column without writing SQL when working within the Results table located in the Data Explorer in the Panther Console.


  • Panther’s backend has been upgraded from Python 3.7 to Python 3.9.
  • The Source ID and an option to copy the Source ID have been added to the Basic Info section of the Log Source operations page in the Panther Console.
  • The alarm that generates alerts for missing data for audit logs is now disabled by default.
  • The organization of metadata in the Detections Details tab of the Panther Console has been refreshed. 
  • When viewing the Rule Matches tab of a Detection in the Panther Console, “Open” and “Triaged” filters are now applied by default. This is consistent with the default filters applied in the Alerts tab in the Alerts & Errors section of the Console.
  • The Overview page in the Panther Console now lists rules by rule name instead of rule ID. Additionally, the rule name can now be edited from the Overview page.
  • When listing alerts using the Panther API, a date range is now required.
  • Panther’s CloudFormation deployment parameters have been updated.

Bug Fixes

  • Fixed a bug that displayed null values in the JSON viewer.
  • Fixed a bug that caused the Panther Analysis Tool test to fail to load global helpers when importing globals in alphabetical order.


Previous Releases

v1.34 Apr 26, 2022
Panther now generates audit logs for Panther administrator activity. Panther audit logs provide a read-only history of activity within your Panther deployment.
v1.33 Apr 19, 2022
Data Replay is now available on Detection pages in the Panther Console. When writing or updating a detection, you can use Data Replay to simulate what type of alerts you are likely to receive before deploying the detection.
v1.32 Apr 5, 2022
GreyNoise is now available as an enrichment source in Panther. Use Panther detection capabilities with GreyNoise threat intelligence data to reduce false-positive alerts.