v1.28.1

• Various bugfixes for new Okta detections
• Okta queries now disabled by default to prevent issues with instances containing no Okta logs

v1.28.0

• Rule Tuning and Bug Fixes
• Helper function for upcoming threat intel features
• Large update to Okta detections
• Addition of Okta investigative queries

v1.27.1

• BUGFIX: Add missing data models to standard detections pack

v1.27.0

• Adds Asana Detections and Data Model
• Adds 1Password Detections and Data Model
• Adds Atlassian Detections and Data Model
• Deprecate Log4J IP based Detection
• Bug Fixes

v1.26.0

• Add Zoom Data Model
• Created Detections for Log4j CVE
• Bug Fixes

Customers who only wish to get the updates related to the Log4j CVE should download only panther-log4j-iocs.zip

v1.25.0

• Update Account Age Helper #293
• Log new AWS Account creation (non-user account) #342
• Misc Bugfixes

v1.22.2: update the pack definition (#341)

• Improvements to cloudtrail rules (#293)
• Improvements to account age helper (#339)
• Misc bugfixes (#340, #341)

v1.22.1: Alert on Implicit Denies and No Secure Transport (#334)

• Bugfix missing helpers in standard ruleset pack
• Update Snowflake Pack Queries to use p_occurs_since macro
• Update AWS S3 Secure Transport policy to alert on implicit denies

v1.22.0: fix logtype name (#335)

A new release of panther-analysis to match the latest release of panther-enterprise.

• Zendesk.Audit Detections! (#282)
• New and improved rules (#331, #318, #315,
• Migrate several detections from GSuite.Reports to GSuite.ActivityEvent (#316, #319, #326, #327)
• Migrate to pipenv (#330)
• Bug fixes (#335)

v1.21.0

• new github detections! (#289)
• new scheduled rules and queries for monitoring snowflake! (#257)
• new geolocation helper (#275)
• add mocks to detections with external api calls (#272, #287)
• misc bug fixes and improvements (#271, #273, #276, #291, #299, #304)