New and Noteworthy

• View and clone Panther-managed schemas in the UI for simpler schema management

• Pivot from IP addresses, ARNs, and other indicators in alerts to investigate hits across data sources

Features

• Data that fails to normalize due to a parsing error is now searchable in the data lake

• Mock external API calls when unit testing detections to build effective detections (docs)

Enhancements

• Scheduled queries and saved queries are now supported in Detection Packs

• A table with "flat" GSuite data is created to more easily query and write detections against GSuite logs

• CrowdStrike event tables are available to more easily query and write detections against CrowdStrike logs

• Snowflake configuration steps have been updated for self-hosted customers upgrading to 1.18

Bug Fixes

• Password reset flow is broken: this fixes a blank screen that appears after resetting a password

• UI loses query ID: this fixes the query ID being dropped when toggling between Query History to Data Explorer