Jun 28, 2022


  • Panther’s new MITRE ATT&CK® Matrix, which allows you to easily map and compare detections, is now available for use with Panther’s built-in detections and custom detections.
    • The MITRE ATT&CK Matrix integration Panther enables you to compare your detection coverage against this framework, helping you identify areas of opportunity.
    • A visualization of the Matrix is available in the Panther Console in Detections > MITRE ATT&CK®.
  • Pull Snyk Audit Logs with Panther’s new Snyk log puller.


  • Panther audit logs now show Panther Console login events.
  • In the Panther Console, column filters you set in the Data Explorer now persist throughout your user session.
  • GraphQL permissions have been made public; when using the Roles API in GraphQL, any permission may now be selected. 
  • The following fields have been added to the CloudTrail schema:
    • eventCategory
    • tlsVersion
    • addendum
    • sessionCredentialFromConsole
    • edgeDeviceDetails
  • The pipe character (|), also known as a vertical bar, is now supported as a delimiter character for custom schema files..
  • When adding an AWS log source in the Panther Console, clicking the Launch AWS Console button now redirects you to your current AWS region instead of Panther’s region.
  • Panther’s CloudFormation deployment parameters have been updated.

Bug Fixes

  • Fixed a bug that could cause log onboarding through AWS.AuroraMySQLAudit to fail when double quotation marks were present in the log.
  • Fixed a bug that did not display newly-invited users in the user list until after refreshing the page. New users now appear without needing to refresh.

Previous Releases

v1.36 Jun 14, 2022
In beta: you can now generate schemas from AWS S3 buckets within the Panther Console.
v1.35 May 31, 2022
You can now filter by column without writing SQL when working within the Results table located in the Data Explorer in the Panther Console.
v1.34 Apr 26, 2022
Panther now generates audit logs for Panther administrator activity. Panther audit logs provide a read-only history of activity within your Panther deployment.