v1.53

Feb 7, 2023

New and Noteworthy

Improved the Overview Dashboard in the Panther Console. The new design gives you actionable insights directly from the Overview to enable your team to jump into the right workflow, like triaging alerts, engaging with alerting trends, and identifying detections to refine.
- Please share any feedback you have about the new design by clicking on the “Send Feedback” button at the top of the page in the Panther Console.
Added auto-complete and error remediation suggestions to the schema editor, simplifying schema creation and management.
Added JSON stream type support for S3 and GCS custom log sources. This includes multiple JSON log formats: new-line delimited, without a delimiter, and multi-line JSON events.

Schema Changes

Updated the AWS.S3ServerAccess schema to support accesspointarn and aclrequired fields. These fields were added per the changes announced by Amazon.

Enhancements

p_event_time will no longer be shown in the Filter section of the Query Builder.
- The existing higher-level time filter uses p_event_time when constructing queries.

Panther Developer Workflows

Version 1.54.0 of panther-analysis has been released.
- Added detections and rules for the unified Crowdstrike.FDREvent schema released in Panther version 1.52.
- Added detections for Zoom and Asana.
- Additional changes are included in the release notes on GitHub.

Bug Fixes

Updated error messaging for Data Replay when historical data is not available and event data from the past 24 hours may not be available.

Previous Releases

View All

v1.52 Jan 31, 2023

Expanded editing capabilities for custom schemas in the Panther Console. You can now rename and delete fields, as well as edit a field’s type property.

v1.51 Jan 24, 2023

Quickly construct queries to search your data lake with the new Query Builder in the Panther Console.

v1.50 Jan 10, 2023

Pull AWS Transit Gateway Flow logs with Panther’s new AWS Transit Gateway Flow log puller.