New and Noteworthy

• You can now rotate your Panther API token via the Panther Console or the Panther API, enabling you to more easily enhance your security practices.

  • Rotating your token regularly can help protect it from being compromised.

  • Once rotated, the previous token is no longer valid.

Schema Changes

• Added SAML SSO fields to GitHub.Audit to support a GitHub private beta which augments existing audit log events with the SAML identity associated with the organization.

• Updated Amazon.EKS.Audit to ensure nested fields capture all event types.

Enhancements

• Made the following enhancements to rule filters:

  • You can now use a comma as a delimiter when entering a string value. This allows you to add a single string that includes a comma or enter several values delimited by a comma.

  • Added suggested search to the operator field in addition to the dropdown menu.

• When viewing an S3 bucket's raw data in the Panther Console as you onboard a custom log source and configure a schema, you can now click to view JSON in the Raw Events section.

Bug Fixes

• Fixed a bug where schema testing from sample data did not produce the same output for timestamp fields when compared to the log processor.