v1.88
Nov 6, 2023
Note and Noteworthy
- Added support for GCP, Google Workspace, Azure, and Microsoft 365 audit logs to the Panther Core Fields (UDM).
- panther-analysis versions 3.20.0 and 3.21.0 were released, featuring new detections for Tines and Okta and various improvements and fixes.
- Added the following fields to the GitHub.Audit schema:
- token_scopes
- after
- before
- pull_request_url
- pull_request_title
- pull_request_id
- reasons
- overridden_codes
- authorized_actors
- authorized_actor_names
- actions_cache_id
- actions_cache_key
- actions_cache_scope
- actions_cache_version
- alert_number
- allow_deletions_enforcement_level
- allow_force_pushes_enforcement_level
- enforcement_level
- ghsa_id
- lock_allows_fetch_and_merge
- lock_branch_enforcement_level
- required_deployments_enforcement_level
- required_review_thread_resolution_enforcement_level
- merge_method
- merge_queue_enforcement_level
- new_repo_base_role
- new_repo_permission
- oauth_application
- oauth_application_id
- old_permission
- old_permissions
- old_repo_base_role
- old_repo_permission
- role_permissions
- ruleset_bypass_actors
- ruleset_bypass_actors_added
- ruleset_bypass_actors_deleted
- ruleset_bypass_actors_updated
- ruleset_conditions
- ruleset_conditions_added
- ruleset_conditions_deleted
- ruleset_conditions_updated
- ruleset_enforcement
- ruleset_id
- ruleset_name
- ruleset_old_enforcement
- ruleset_old_name
- ruleset_rules
- ruleset_rules_updated
- ruleset_source_type
- source_version
- strict_required_status_checks_policy
- target_version
- check_run_id