Outpost RBA App

outpost RBA App - Current Version

Outpost RBA for Splunk® Enterprise Security - Version: 4.7.0. (Splunkbase)

Splunk App Inspect Certification Date: 2022.03.21

Release Date: 2022.03.21

Previous Version: 4.5.0

Added Features:

Documentation Engine

Per risk rule documentation portal
Allows analysts to review context of a rule/detection
Allows auditors to review purpose and updates of rules/detections

Executive Overview

Updated overview towards leadership
Initial release leveraging Dashboard Studio

RBA Roles for users

Introduction of user roles into the application for different use cases
Base roles
- rba_admin - are able to do any work within the application
- rba_analyst - focused on the use of rba for triaging security threats
- rba_observer - focused on the observing how rba and associated work is transpiring

Bug Fixes:

Updated Incident Review Metrics
Lookups adjusted to better handle upgrades
Migrated to Enterprise Security version of MITRE ATT&CK data

Outpost RBA

Empowering your team to take back your cyber defense

Contact us about pricing and implementation