Oct 18, 2022
New and Noteworthy
- GCP Pub/Sub is now available as a data transport for ingesting custom data into Panther.
- This feature is currently in open beta and is available to all customers.
- Added the ability to quickly enable relevant Panther Detection Packs for a log source during the log source setup process.
- Added a new Panther-managed Lookup Table for Tor exit nodes.
Now Generally Available
- Panther’s Microsoft Graph log puller is now available to all customers and is no longer in closed beta.
- The following enhancements have been made to Composable Detections using the Config SDK, which is currently in closed beta and available to a select group of customers:
- Customers with the AWS IAM role setup for PAT can now upload detections in the Config SDK format.
- Unit testing for detections in the Config. SDK format now run via the panther_analysis_tool config test command.
- Extremely large numbers displayed in the Panther Console (such as on the Overview page) will now be abbreviated. For example, 3712378 will now display as “3.7M.”
- Panther’s CloudFormation deployment parameters have been updated.
Panther Developer Workflows
- panther-analysis has been updated to version 1.37, which includes the following changes:
- Updates to panther_iocs.
- Additional AWS detections.
- Read more about the new release here.
- Fixed a bug that caused an erroneous validation error to appear when using the Assigned User alerts filter.
- For customers in the Alert Management closed beta: fixed a bug that appeared when assigning an alert to a deleted user.
- Fixed a bug that was generating false system error alerts for the Atlassian log puller.
- Fixed a bug that would cause schema testing to time out, it now pauses after 15 minutes.
- Fixed a bug that caused log source configuration to fail when an S3 prefix contained a special character.
- Fixed a bug that prevented Pantherlog CLI from working with CloudWatch Logs samples.
- Fixed a bug that prevented metrics-api from correctly collecting metrics that have not been updated in over two weeks.