Oct 26, 2023
New and Noteworthy
- Added 7 new Okta detections based on recent high profile attacks by threat actors. The new detections are available in the Panther Console and the panther-analysis GitHub repository.
- If you use CI/CD to manage your Panther content, please note that the default branch names for panther-analysis and panther_analysis_tool are now main instead of master.
In open beta and available to all customers:
- Quickly create and modify custom detections by using the Simple Detection builder in the Panther Console.
- The builder lets you manage detections without writing code, but retains the benefits of detections-as-code, including expressiveness, testability, CI/CD integration, and reusability. Watch this video to learn more about the Simple Detection builder.
- Simple Detections includes an overhaul of the Detection Filters feature to align with our low-code detection building workflow.
- Onboard AWS Security Hub data with our new log source integration.
- Added a schema for Jamf Compliance Reporter for use with our built-in Jamf Pro log source integration.
Now Generally Available
- Easily ingest Notion logs with our new built-in log source integration.
- We’ve also released several new Notion detections. You can find them in the Panther Console in the detections list or Notion detection pack, or in the panther-analysis GitHub repo.
- Use our unified Search experience to search across all of your data—including log events, rule matches, and more—without writing SQL.
- Updated the Tailscale.Network schema to support IPv6.