Panther acquires Datable to power the next generation of AI-driven security. Learn More
close
Panther acquires Datable to power the next generation of AI-driven security. Learn More
close
Panther acquires Datable to power the next generation of AI-driven security. Learn More
close
v1.62
Feb 6, 2025
Quickly construct, save, tag, and edit queries to search your data lake with the Query Builder in the Panther Console.
Now Generally Available
Quickly construct, save, tag, and edit queries to search your data lake with the Query Builder in the Panther Console.
Use the Query Builder, catered to users without extensive SQL knowledge, to easily search your security data.
Query Builder is an effective alternative to using Data Explorer to perform common searches.
Expanded editing capabilities for custom schemas and added the ability to archive unused schemas in the Panther Console. Use the archive feature to reduce schema clutter and prevent unintentionally selecting unused schemas.
Onboard SentinelOne Cloud Funnel 2.0 logs with the SentinelOne log puller. Use this integration to monitor XDR and EDR data.
In Open Beta
Added support for GitHub Enterprise Cloud audit log streaming.
Onboard Bitwarden logs with the Bitwarden log puller. Use this integration to monitor events that occur in Bitwarden Teams or Enterprise organizations.
Onboard SentinelOne API activity logs with the SentinelOne log puller. Use this integration to monitor SentinelOne activities.
Schema Changes
A new indicator field,
p_any_actor_ids, is now available for all schemas. It provides a Panther-managed field containing actor identifiers.
Enhancements
In the Panther Console, the following enhancements have been made to Alert Details:
Custom enrichment is now aligned vertically for better readability.
Improved the handling of nested enrichment data.
Bulk and individual downloads now wrap name and ID YAML fields in double quotes to better accommodate special characters in those fields.
panther-analysis YAML files have been updated to match this new format.
The schema inference process now infers emails and MD5, SHA-1, and SHA-256 hashes.
Panther Developer Workflows
Version 0.20.0 of panther_analysis_tool has been released, featuring the following updates:
Added a test to validate whether table names in queries match the pattern
<string>.public.<string>orsnowflake.account_usage.<string>. This validation can be disabled by supplying the--ignore-table-namesargument.Added a warning message that alerts when the running version of PAT is out of date and an update is available.
Bug Fixes
Added validations for fields stored in
p_any_domainsto avoid storing”.”values.Fixed a bug that caused the
s3snstool to block indefinitely in case of an error.Resolved various issues with Data Replay on the Edit Detections page.
v1.62
Feb 6, 2025
Quickly construct, save, tag, and edit queries to search your data lake with the Query Builder in the Panther Console.
Now Generally Available
Quickly construct, save, tag, and edit queries to search your data lake with the Query Builder in the Panther Console.
Use the Query Builder, catered to users without extensive SQL knowledge, to easily search your security data.
Query Builder is an effective alternative to using Data Explorer to perform common searches.
Expanded editing capabilities for custom schemas and added the ability to archive unused schemas in the Panther Console. Use the archive feature to reduce schema clutter and prevent unintentionally selecting unused schemas.
Onboard SentinelOne Cloud Funnel 2.0 logs with the SentinelOne log puller. Use this integration to monitor XDR and EDR data.
In Open Beta
Added support for GitHub Enterprise Cloud audit log streaming.
Onboard Bitwarden logs with the Bitwarden log puller. Use this integration to monitor events that occur in Bitwarden Teams or Enterprise organizations.
Onboard SentinelOne API activity logs with the SentinelOne log puller. Use this integration to monitor SentinelOne activities.
Schema Changes
A new indicator field,
p_any_actor_ids, is now available for all schemas. It provides a Panther-managed field containing actor identifiers.
Enhancements
In the Panther Console, the following enhancements have been made to Alert Details:
Custom enrichment is now aligned vertically for better readability.
Improved the handling of nested enrichment data.
Bulk and individual downloads now wrap name and ID YAML fields in double quotes to better accommodate special characters in those fields.
panther-analysis YAML files have been updated to match this new format.
The schema inference process now infers emails and MD5, SHA-1, and SHA-256 hashes.
Panther Developer Workflows
Version 0.20.0 of panther_analysis_tool has been released, featuring the following updates:
Added a test to validate whether table names in queries match the pattern
<string>.public.<string>orsnowflake.account_usage.<string>. This validation can be disabled by supplying the--ignore-table-namesargument.Added a warning message that alerts when the running version of PAT is out of date and an update is available.
Bug Fixes
Added validations for fields stored in
p_any_domainsto avoid storing”.”values.Fixed a bug that caused the
s3snstool to block indefinitely in case of an error.Resolved various issues with Data Replay on the Edit Detections page.
Ready for less noise
and more control?
See Panther in action. Book a demo today.
Get product updates, webinars, and news
By submitting this form, you acknowledge and agree that Panther will process your personal information in accordance with the Privacy Policy.
Get product updates, webinars, and news
By submitting this form, you acknowledge and agree that Panther will process your personal information in accordance with the Privacy Policy.
Product
Resources
Support
Company
Get product updates, webinars, and news
By submitting this form, you acknowledge and agree that Panther will process your personal information in accordance with the Privacy Policy.