Skip to content

v1.6.0: Additional gsuite rules (#78)
Compare
Choose a tag to compare
@nhakmiller nhakmiller released this 04 Aug 19:51
v1.6.0
074e23b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

With this release of panther-analysis (in tandem with Panther v1.6.0) we're excited to announce the open sourcing of our enterprise policies and rules!

These detections apply to a range of security topics such as PCI compliance, identity and access management, operations, and more. Where relevant, we’ve also mapped to the MITRE ATT&CK framework.

Here’s why we decided to open source ALL of our detections:

  • Community empowerment. We want all our users, open source and enterprise, to obtain value from Panther. By providing a wider array of policies and rules our users will not only detect more security issues, but also have more examples from which to craft their own custom detections.
  • Simplification of updates. Previously, managing the open and closed source detection packs added ongoing management and update overhead for our enterprise customers. By moving everything into one repo, we've majorly simplified this process. Now, you just fork this repo and you're good to go!
  • Code consolidation. With the introduction of the global analysis type, we often found ourselves needing to duplicate helper logic between the open source and enterprise repos. This change introduces more shared patterns for teams to utilize!

We look forward to your feedback on these new open source detections, so as always feel free to open issues and merge requests on this repo whenever you find room for improvement!

Assets 5
Loading