outpost RBA App - v4.0.0
Version: 4.0.0
Splunk® App Inspect Certification Date:
Release Date: 2020.04
Previous Version: 3.x.x
Added Features:
Risk Rule Enhancements
Risk Incident Rule Enhancements
Dashboard Enhancements
Health Review
Risk Object Detail - Risk Messages & Test Modes
Alert Modeling Dashboard
Watchlist Editor
Automatic Versioning
Risk rules
Risk incident rules
Macros
Dashboards
Risk Suppression Versioning
Download, update, upload for quarterly reviewing
Alerts
Bug Fixes:
Risk rule - misconfig - not spotting risk_object_type correctly
Risk rule - misconfig - not spotting event_index without double quotes and * correctly
Risk rule - misconfig - drilldown row to correlation search
Risk rule - config - drill down to changelog - risk rule
Macro versioning - validation and errormsg seem to get dropped from being null
Outpost RBA
Empowering your team to take back your cyber defense