v1.37
Jun 28, 2022
Features
- Panther’s new MITRE ATT&CK® Matrix, which allows you to easily map and compare detections, is now available for use with Panther’s built-in detections and custom detections.
- The MITRE ATT&CK Matrix integration Panther enables you to compare your detection coverage against this framework, helping you identify areas of opportunity.
- A visualization of the Matrix is available in the Panther Console in Detections > MITRE ATT&CK®.
- Pull Snyk Audit Logs with Panther’s new Snyk log puller.
Enhancements
- Panther audit logs now show Panther Console login events.
- In the Panther Console, column filters you set in the Data Explorer now persist throughout your user session.
- GraphQL permissions have been made public; when using the Roles API in GraphQL, any permission may now be selected.
- The following fields have been added to the CloudTrail schema:
- eventCategory
- tlsVersion
- addendum
- sessionCredentialFromConsole
- edgeDeviceDetails
- The pipe character (|), also known as a vertical bar, is now supported as a delimiter character for custom schema files..
- When adding an AWS log source in the Panther Console, clicking the Launch AWS Console button now redirects you to your current AWS region instead of Panther’s region.
- Panther’s CloudFormation deployment parameters have been updated.
Bug Fixes
- Fixed a bug that could cause log onboarding through AWS.AuroraMySQLAudit to fail when double quotation marks were present in the log.
- Fixed a bug that did not display newly-invited users in the user list until after refreshing the page. New users now appear without needing to refresh.