Using the Panther Python detections repo

PreviousCI/CD for Panther Content NextPublic fork

Last updated 1 year ago

Was this helpful?

Using the Panther Python detections repo

This page describes the methods you can use to leverage Panther-managed Python detections in the repository within your .

For general information and best practices for Panther detections, and for information on using web application-based workflows to manage your detections directly in the Panther Console, see the .

Currently, only Python Panther-managed detections are available for you to clone, modify, and upload. YAML Panther-managed detections are planned for a future release.

Methods for leveraging Panther-managed Python detections

There are two methods you can use to create a copy of Panther-managed Python detections from the panther-analysis repository:

- When you use a public fork, your detection content will be publicly visible.
- A public fork can be used to create Pull Requests to bring new detection content to the .
- If you want to keep your detection content private, we recommend using a private cloned repo. With a private cloned repo, the repository settings will control who has access to the content inside the repo.
- Note that in this configuration, you cannot use a Pull Request to bring changes upstream.

PreviousCI/CD for Panther Content NextPublic fork

Last updated 1 year ago

Was this helpful?