QUESTION

I use CI/CD processes to update the detections used in my Panther Console. Will using rule filters cause issues with how we create and edit rules within our developer workflows? For example, will my CI/CD processes erase the filters?

ANSWER

Yes, CI/CD processes will affect your rule filters. For example:

If you are uploading with PAT, we suggest setting the InlineFilters on your detection files. Please refer to Panther's documentation on modifying detections with inline filters for more information.