v1.33.1

• Slack and Cloudflare detections are now available in packs
• Added alert context to AWS detections that did not previously have them
• Modified the Cloudflare L7 DDoS to not alert on blocked events
• Removed managed schemas

v1.33.0

• New Slack detections and data models
• Added workaround for Identity Providers AWS Console Login without MFA
• Added exclusion for Panther IAM roles in the AWS S3 Activity - Greynoise detection
• New detection for AWS IAM Role - External Permission
• Fixed GSuite summary attributes
• Improved alert titles for GSuite Rule Triggers
• Added template for CIDR lookup

v1.32.0

• Added new CloudFlare detections
• Added Confluence 0-Day IOCs
• Removed workaround for global helper importing order
• Updated Greynoise reference links
• Update to MITRE ATT&CK mappings to align with the MITRE heatmap feature

v1.31.0

• Add Panther Audit Log Detections
• Update AWS Pack with missing Helper
• Add GCP Helpers
• GreyNoise Enhancements

v1.30.0

• Map all prebuilt detections to MITRE ATT&CK
• Update to use Python 3.9
• Various bug fixes

v1.29.1

• Add missing helper to Greynoise pack def

v1.29.0

• Add Support for Packs
• Add GreyNoise Integration for Panther 1.32

v1.28.1

• Various bugfixes for new Okta detections
• Okta queries now disabled by default to prevent issues with instances containing no Okta logs

v1.28.0

• Rule Tuning and Bug Fixes
• Helper function for upcoming threat intel features
• Large update to Okta detections
• Addition of Okta investigative queries

v1.27.1

• BUGFIX: Add missing data models to standard detections pack