Jul 27, 2023

In Open Beta

Features in open beta are available to all customers. To share any bug reports or feature requests, please contact your Panther representative.

  • Onboard auditd logs with our new log source integration.
  • Use the new mask transformation to conceal sensitive information within your logs.
    • Redact or obfuscate (using MD5, SHA-1, SHA-256, or SHA-512 hashes) data in the masked fields.
    • Note: Masking a field means you cannot later use Panther’s search tools to query for its original value.
  • You can now select databases and tables when using Indicator Search in the Panther Console. This can dramatically speed up searches when using parameters to narrow a search query.


  • In the Panther Console, added a download button to the edit detection page, which allows you to download a YAML file for that detection.
  • In the Panther Console, in the Alerts Details page, replaced the “View with Data Explorer” button with a “Search Events” button, which now opens the Query Builder with information prefilled from the alert.
    • This change only applies to users with a Snowflake backend and to alerts that have events from exactly one log type.
  • You can now create roles in the Panther Console that have no permissions.
  • The automatic field discovery feature, introduced in Panther version 1.75 in closed beta, has been renamed to field discovery.

Panther Developer Workflows

  • Version 0.24.3 of panther_analysis_tool has been released, featuring the following updates:
    • Added auditd, Azure, and Windows Event Logs schemas.
    • Various improvements.
  • Version 3.12.0 of panther-analysis has been released, featuring the following update:
    • Added support for the Azure.SignIn log type.

Bug Fixes

  • Resolved an issue where field discovery failed to work with the rename transformation.
  • Fixed a bug that caused field discovery to break when discovering a field with a reserved name.

Previous Releases

v1.75 Jul 20, 2023
Onboard Heroku and Windows event logs with our new log source integrations.
v1.74 Jul 13, 2023
Test out Panther’s streamlined detection editor in the Panther Console. Changes include a consolidated view and edit pane, a “Set Alert Fields” section for alert settings, and other enhancements.
v1.73 Jun 29, 2023
Now generally available: Use HTTP log ingestion to send log events and alerts directly to Panther with webhooks.