New and Noteworthy

• Updated the Panther Console UI with improved contextual information to help users understand where they are at a glance. The following changes have been made:

  • Moved breadcrumbs and documentation links to the upper-left corner.

  • Added top-level page descriptions.

Enhancements

• In the Panther Console, improved the loading and search performance of the Log Sources page by removing the alarm configuration status text. This information can still be found by opening a log source’s details page.

• SaaS log pullers (e.g., Slack) now make fewer API calls when fetching events, improving their efficiency.

• External URLs for Asana, Jira, and Slack Bot alert destinations can now be queried through the Panther API.

Panther Developer Workflows

• Updated panther-analysis to version 1.42.0, which includes the following changes:

  • Updated the annotations of two detections that detect MITRE ATT&CK® technique T1108.

  • Added AWS CloudTrail rules.

  • Read more about the new release here.

• Updated Panther Analysis Tool (PAT) to version 0.17.2, which includes the following changes:

  • Added the Amazon.EKS.Audit and Amazon.EKS.Authenticator log types.

  • Read more about the new release here.

Closed Betas

• For Slack Bot closed beta participants: Slack Bot support is now available to customers with the Enterprise Grid Slack plan.

  • If you would like to participate in this closed beta, please contact your Panther representative.

Bug Fixes

• Fixed a bug that failed to print nested error messages when a Panther Analysis Tool (PAT) upload failed.

• Fixed a bug that caused the breadcrumb of a draft of a custom schema to link to an error page. The breadcrumb now correctly links to the parent page.