Live security talk: From Panther customer to Product VP.

close

v1.46

calendar

Jan 10, 2023

Features
Schema Changes
  • Custom schemas can now support multiple timestamp formats, including custom formats.

  • Added two new schemas for Lacework logs:

    • Lacework.AlertDetails

    • Lacework.CloudCompliance

  • The groupId field is no longer required and is now optional in the following schemas:

    • Snyk.GroupAudit

    • Snyk.OrgAudit

Enhancements
  • In the Panther Console, under Settings > General > Developer Workflow, added a new option to disallow enabling Detection Packs from the Console.

  • This helps prevent update conflicts between the Console and CI/CD for customers who use the Panther Analysis Tool (PAT). The option is off by default.

  • Added a new SQL macro, p_occurs_around, to facilitate querying around a certain time.

  • Added a link to the Scheduled Rule details page which opens that Scheduled Query in the Data Explorer.

  • Updated the UI of the Log Sources onboarding page to improve its usability, which includes separating the former AWS tile into 10 individual AWS services.

  • Panther’s CloudFormation deployment parameters have been updated.

Panther Developer Workflows
Open Betas
  • Panther SDK, a new way to create, manage, and reuse Python across your detections, is now available in open beta.

    • Unlike the typical detections workflow provided through panther-analysis, your content will be managed separately from Panther's. This allows you to stay up-to-date without running into future merge conflicts.

Bug Fixes
  • Fixed a bug that caused an excessive number of loading transitions on the Data Replay page.

  • Fixed a bug that caused the UI to display incorrectly on the Data Replay page.

  • Fixed a bug that caused the UI to display incorrectly on the Log Sources onboarding success page.