Outpost Security RBA Podcast

We have a bone to pick with the current understanding of being Resilient as it applies to enterprise security. “Resiliency” tries to be a encapsulate how well your organization can defend against unexpected attacks from any where at any time. Some want to point you at the latest tech to add to your stack or list to check against. We have found other indicators that have more impact on your organizations resiliency that any of those. 
Join the RBA Community
Are you RBA Ready? Schedule an RBA Readiness Review to define where you’re at and next steps into RBA. 
Web View of the Splunk published detection content: research.splunk.com
Will and Stuart co-founded Outpost Security so that security teams could implement RBA faster and gain new perspectives in securing the frontiers of enterprise. 

This episode is all about Murphy’s Law of Combat and how it pertains to DEFENSIVE cybersecurity. This episode is one of Stuart’s favorite topics and we had a lot of fun selecting a few of the laws to discuss and apply to the work we do. Settle into your seat and let’s secure the frontiers of ES.
Join the RBA Community
Are you RBA Ready? Schedule an RBA Readiness Review to define where you’re at and next steps into RBA. 
Web View of the Splunk published detection content: research.splunk.com
Will and Stuart co-founded Outpost Security so that security teams could implement RBA faster and gain new perspectives in securing the frontiers of enterprise. 

[Summary]
Join the RBA CommunityAre you RBA Ready? Schedule an RBA Readiness Review to define where you’re at and next steps into RBA. 
Web View of the Splunk published detection content: research.splunk.com
Will and Stuart co-founded Outpost Security so that security teams could implement RBA faster and gain new perspectives in securing the frontiers of enterprise. 
 

Hot off the heals of Splunk’s .Conf 2023 we are joined by Haylee Mills, Security Strategist from Splunk and community proclaimed “Queen of RBA” to recap the event and the latest RBA conversations.
Join the RBA CommunityAre you RBA Ready? Schedule an RBA Readiness Review to define where you’re at and next steps into RBA. 
Web View of the Splunk published detection content: research.splunk.com
Will and Stuart co-founded Outpost Security so that security teams could implement RBA faster and gain new perspectives in securing the frontiers of enterprise. 
 

Successful implementation of Risk Based Alerting in Splunk can be very challenging. Implementing any SIEM is challenging for that matter.  We’ve seen a lot of teams struggle and distilled the problems we’ve observed into three key areas; (bullets if we can)
Getting data normalized across all feeds
Trying to build exhaustive detection programs before releasing them, or
Grasping to get a full picture of an alert event in order to make informed decisions
In this episode we discuss why teams get stuck here and introduce our newly launched RBA Zero-to-One app for Splunk(TM) ES; designed specifically to overcome these problems, generate additional benefits to your team dynamics, and lay a foundation for tackling a broader range of issues specific to your environment.
Learn more about Outpost RBA Zero-to-One
Join the RBA CommunityAre you RBA Ready? Schedule an RBA Readiness Review to define where you’re at and next steps into RBA. 
Web View of the Splunk published detection content: research.splunk.com
Will and Stuart co-founded Outpost Security so that security teams could implement RBA faster and gain new perspectives in securing the frontiers of enterprise. 

For their first interview of the podcast, Will and Stuart talk with Jimi Mills, the CSO of Texas Instruments. Jimi shares about career in security, the ever changing landscape, the value of collaborative culture, and how they all met over late night security chats at Splunk .conf. This conversation provides a glimpse into the future for security leaders who have started their journey into the frontiers of RBA. The ups and downs and the hope it can bring to your SOC. 
Join the RBA CommunityAre you RBA Ready? Schedule an RBA Readiness Review to define where you’re at and next steps into RBA. 
Web View of the Splunk published detection content: research.splunk.com
Will and Stuart co-founded Outpost Security so that security teams could implement RBA faster and gain new perspectives in securing the frontiers of enterprise. 
 
 
 

In this episode Will and Stuart discuss the term “Maturity” and how it has been used to shame your security operation. Instead of measuring maturity, how can we talk about ACTUAL capability, being honest with yourselves so you can meet the needs of your organization.
Join the RBA CommunityAre you RBA Ready? Schedule an RBA Readiness Review to define where you’re at and next steps into RBA. 
Web View of the Splunk published detection content: research.splunk.comWill and Stuart co-founded Outpost Security so that security teams could implement RBA faster and gain new perspectives in securing the frontiers of enterprise. 
 
 
 

Welcome to the Outpost RBA Podcast; Securing the Frontiers of Enterprise. Will and Stuart host their first Call-in-style show to answer listener questions:Prioritizing in Philly asks, “Does anyone have any tips for prioritization of content…?”
Migration in Memphis asks, “We have 100+ traditional detections and would like to migrate them to RBA. How should we attack this…?”
MITRE in Minneapolis asks, “Where should we look for sources of detections tagged to MITRE techniques in order to get 100% coverage?”Send in your question or an audio recording of your question to the show to be answered on a future episode. Join the RBA CommunityAre you RBA Ready? Schedule an RBA Readiness Review to define where you’re at and next steps into RBA. 
Web View of the Splunk published detection content: research.splunk.comWill and Stuart co-founded Outpost Security so that security teams could implement RBA faster and gain new perspectives in securing the frontiers of enterprise.