v1.45

Oct 18, 2022

New and Noteworthy

GCP Pub/Sub is now available as a data transport for ingesting custom data into Panther.
- This feature is currently in open beta and is available to all customers.

Added the ability to quickly enable relevant Panther Detection Packs for a log source during the log source setup process.
Added a new Panther-managed Lookup Table for Tor exit nodes.

Panther’s Microsoft Graph log puller is now available to all customers and is no longer in closed beta.

The following enhancements have been made to Composable Detections using the Config SDK, which is currently in closed beta and available to a select group of customers:
- Customers with the AWS IAM role setup for PAT can now upload detections in the Config SDK format.
- Unit testing for detections in the Config. SDK format now run via the panther_analysis_tool config test command.
Extremely large numbers displayed in the Panther Console (such as on the Overview page) will now be abbreviated. For example, 3712378 will now display as “3.7M.”
Panther’s CloudFormation deployment parameters have been updated.

panther-analysis has been updated to version 1.37, which includes the following changes:
- Updates to panther_iocs.
- Additional AWS detections.
- Read more about the new release here.

Fixed a bug that caused an erroneous validation error to appear when using the Assigned User alerts filter.
For customers in the Alert Management closed beta: fixed a bug that appeared when assigning an alert to a deleted user.
Fixed a bug that was generating false system error alerts for the Atlassian log puller.
Fixed a bug that would cause schema testing to time out, it now pauses after 15 minutes.
Fixed a bug that caused log source configuration to fail when an S3 prefix contained a special character.
Fixed a bug that prevented Pantherlog CLI from working with CloudWatch Logs samples.
Fixed a bug that prevented metrics-api from correctly collecting metrics that have not been updated in over two weeks.