Panther Analysis v3.31 has been released, so the CI/CD users should update to this new version at their earliest convenience. For the users using the Panther Console, please navigate to Build -> Packs in your Panther Console and upgrade your Packs to v3.31.
If a CI/CD user continues to experience problems uploading the current version of panther-analysis, deleting the following rule should resolve any errors: netskope_admin_user_change.yml. This rule has already been removed in panther-analysis, but it might still exist depending on how customers merged changes from upstream.
If you need additional assistance or encounter any issues, please contact Panther Support directly.
Posted Dec 19, 2023 - 03:19 PST
Monitoring
A new version of Panther Analysis(v3.31), which includes a fix for the issue with detection packs, will be available within the next 24 hours. Once released, customers can update to that new version at their convenience.
CI/CD users may continue to experience problems uploading the current version of panther-analysis, in which case deleting the following rule should resolve any errors: netskope_admin_user_change.yml. This was already removed in panther-analysis, but may have remained depending on how customers merged from upstream.
We will continue to monitor the problem as v3.31 is released. In the meantime, if you experience any trouble, please get in touch with Panther Support directly.
Posted Dec 14, 2023 - 13:12 PST
Identified
A fix has been identified for a new version (3.31), and customers who are comfortable waiting can hold for that availability. Otherwise, downgrading to version 3.27 can solve this issue for customers who need a resolution more immediately. Console users will need to do this on a per-pack basis, and PAT users can revert to a commit on 3.27 (or earlier) and reupload their detections.
Console users should not update packs at this time, and PAT users should avoid using Panther Analysis 3.28, 3.29, or 3.30.
We will update this incident when more information is available.
Posted Dec 14, 2023 - 09:39 PST
Investigating
Panther has identified an issue with detection packs, which can prevent customers from running tests properly or uploading detections. Customers may also see intermittent errors related to missing modules.
This issue impacts any customer who has updated packs to the latest pack version. For any customers who have not yet updated, we recommend waiting to do so until this issue is resolved. The currently impacted versions are 3.30, 3.29, and 3.28.
We will update this incident as our investigation and remediation process continues.
Posted Dec 14, 2023 - 09:09 PST
This incident affected: Detections (Rules and Policies).