Is there an advantage to using filters instead of code in Panther detections?
Are there any performance advantages or processing time savings when using Filters to modify detection logic instead of Python?
Sometimes. Panther runs Filters before core detection logic, so filtering out some events can make a difference, but the difference will only be significant when the detection is a large one with lots of logic and/or lots of events to process. When a detection's Filters match the logic of the detection's Python code, you probably won't notice any improvement.