Filtrer par genre
Securing the Frontiers of Enterprise by integrating technologies, applying tactics, and training teams. We deep dive Risk Based Alerting (RBA) and other defensive security topics so that CISOs, SOC managers and Security teams can rise above the cloud of alerts in your SIEM and gain new perspectives in the frontiers of enterprise security. Hosted by Outpost Security co-founders Will Robus and Stuart McIntosh, the co-author and architect of Risk Based Alerting.
- 27 - Outpost Turns 5!
Reflecting and riffing on 5 years of Outpost Security. We discuss some lessons learned, patterns detected, hopes projected, and more. There’s a little bit of something for everyone and we’re happy to be here making an every increasing impact on the security industry and RBA community. Show Notes Join the RBA Community Are you RBA Ready? Schedule an ES Assessment to define where you’re at and next steps into RBA. Web View of the Splunk published detection content: research.splunk.com Will and Stuart co-founded Outpost Security so that security teams could implement RBA faster and gain new perspectives in securing the frontiers of enterprise.
Sat, 28 Sep 2024 - 08min - 26 - Driving Change With Effective POCs
Proofs-of-Concepts (POCs) can often be viewed as a low-risk throw away exercise to test a new strategy or system, but you never really know if the move is going to payoff long-term. So what if you’re looking to replace your entire SIM or make a big shift in strategy? Beyond the significant investment of time and a huge amount of risk, how would you even design a POC to justify the shift? However, we’ve been able to run POCs with clients that have shown significant value, before they spend the first dollar (As quick as 2 weeks). We’re not only finding the cracks, but demonstrating the efficacy of their strategy down the road. Join us for this episode where we give you permission to expect more from your POCs and share what we are seeing work with our clients. Show Notes Join the RBA Community Are you RBA Ready? Schedule an ES Assessment to define where you’re at and next steps into RBA. Web View of the Splunk published detection content: research.splunk.com Will and Stuart co-founded Outpost Security so that security teams could implement RBA faster and gain new perspectives in securing the frontiers of enterprise.
Fri, 16 Aug 2024 - 56min - 25 - Excellence in IR
This episode we focus on the Security Analysts in the house! Leveling up security operations requires involving multiple teams at many different levels. But the analyst role is unique and we felt that it needed to be unpacked and given some time in the spot light. We hope you enjoy the episode! Show Notes Join the RBA Community Are you RBA Ready? Schedule an ES Assessment to define where you’re at and next steps into RBA. Web View of the Splunk published detection content: research.splunk.com Will and Stuart co-founded Outpost Security so that security teams could implement RBA faster and gain new perspectives in securing the frontiers of enterprise.
Thu, 01 Aug 2024 - 47min - 24 - Getting Budget
In this episode we talk about pitching your idea or solution to leadership in order to find support and funding. THIS IS NO EASY TASK and can be intimidating. But it’s necessary if you want any influence over how your security program gets built out. Join us as we discuss how to be more successful in this part of the work. Show Notes Join the RBA Community Are you RBA Ready? Schedule an ES Assessment to define where you’re at and next steps into RBA. Web View of the Splunk published detection content: research.splunk.com Will and Stuart co-founded Outpost Security so that security teams could implement RBA faster and gain new perspectives in securing the frontiers of enterprise.
Thu, 02 May 2024 - 1h 00min - 23 - Flow State
Let's dive into the flow state! We spend a lot of time talking about the academic and technical side of cyber security and we needed a break. There's a method to how we've been able to build our apps and grow Outpost and we wanted to talk about that this episode. Maybe it will help you tackle the obstacles and projects in front of you. Enjoy the episode! Show Notes Join the RBA Community Are you RBA Ready? Schedule an ES Assessment to define where you’re at and next steps into RBA. Web View of the Splunk published detection content: research.splunk.com Will and Stuart co-founded Outpost Security so that security teams could implement RBA faster and gain new perspectives in securing the frontiers of enterprise.
Thu, 18 Apr 2024 - 1h 08min - 22 - Cybersecurity Actuarially
Join us to explore practical theories around the business of risk and how to prioritize where you can have the largest impact. When you are faced with multiple attack vectors, how do you triage the situation and decide where to start. We're going to talk through some case studies and form a plan of action. Enjoy the episode! Show Notes Join the RBA Community Are you RBA Ready? Schedule an ES Assessment to define where you’re at and next steps into RBA. Web View of the Splunk published detection content: research.splunk.com Will and Stuart co-founded Outpost Security so that security teams could implement RBA faster and gain new perspectives in securing the frontiers of enterprise.
Thu, 28 Mar 2024 - 1h 01min - 21 - Automatic Security
We share our grand vision for the future of Cyber Security - AUTOMATIC SECURITY! But don't get it confused with AUTOMATED security. Tune in to find out the distinction. It's a big vision and our conversation touches on a lot of areas of cyber security. Enjoy the episode! Show Notes Join the RBA Community Are you RBA Ready? Schedule an ES Assessment to define where you’re at and next steps into RBA. Web View of the Splunk published detection content: research.splunk.com Will and Stuart co-founded Outpost Security so that security teams could implement RBA faster and gain new perspectives in securing the frontiers of enterprise.
Thu, 14 Mar 2024 - 59min - 20 - Security Dichotomies
We're riffing off a talk Stuart gave with Jason Lang about the elements within Cyber Security that sit in tension with each other in order to make the whole better. And if you don't know when and where they exist, they can become tar pits that cause us to get stuck. Enjoy the episode! Join the RBA Community Are you RBA Ready? Schedule an ES Assessment to define where you’re at and next steps into RBA. Web View of the Splunk published detection content: research.splunk.com Will and Stuart co-founded Outpost Security so that security teams could implement RBA faster and gain new perspectives in securing the frontiers of enterprise.
Thu, 29 Feb 2024 - 1h 00min - 19 - The Power of Small Teams
We are all concerned about being under-resourced, not having enough people, having too much to do and not enough bandwidth. But we want to look on the bright side in 2024! So listen and let us dispel the idea that bigger is always better. Let’s celebrate the Power of Small Teams!! Join the RBA Community Are you RBA Ready? Schedule an ES Assessment to define where you’re at and next steps into RBA. Web View of the Splunk published detection content: research.splunk.com Will and Stuart co-founded Outpost Security so that security teams could implement RBA faster and gain new perspectives in securing the frontiers of enterprise.
Thu, 15 Feb 2024 - 43min - 18 - Blocking and Tackling
What are some key fundamentals that have risen to the top as best practices, creating high output from an effectiveness and value perspective? Join us in our discussion as we work through our punch list and share our own experiences. Join the RBA Community Are you RBA Ready? Schedule an ES Assessment to define where you’re at and next steps into RBA. Web View of the Splunk published detection content: research.splunk.com Will and Stuart co-founded Outpost Security so that security teams could implement RBA faster and gain new perspectives in securing the frontiers of enterprise.
Thu, 01 Feb 2024 - 54min - 17 - New Year, Same Challenges
2024 will present many of the same challenges that we saw in 2023, 2022, and so on. There will definitely be some new conversations to discuss and debate, like whether or not AI be our greatest weapon, or greatest threat? But we try and keep this conversation focused on the big picture (rather than potential distractions) to secure the frontiers of enterprise. Join the RBA Community Are you RBA Ready? Schedule an RBA Readiness Review to define where you’re at and next steps into RBA. Web View of the Splunk published detection content: research.splunk.com Will and Stuart co-founded Outpost Security so that security teams could implement RBA faster and gain new perspectives in securing the frontiers of enterprise.
Thu, 18 Jan 2024 - 54min - 16 - [Part 2] Building Process in Cyber Security
This episodes concludes our discussion on one of our favorite and trusted frameworks from the book Switch: How to Change Things When Change Is Hard by Chip and Dan Heath. We don’t usually split up topics into two episodes but we thought we’d try it and hope that this wrap up is satisfying and useful for you in your security practice. Join the RBA Community Are you RBA Ready? Schedule an RBA Readiness Review to define where you’re at and next steps into RBA. Web View of the Splunk published detection content: research.splunk.com Will and Stuart co-founded Outpost Security so that security teams could implement RBA faster and gain new perspectives in securing the frontiers of enterprise.
Thu, 04 Jan 2024 - 39min - 15 - [Part 1] Building Process in Cybersecurity
We wanted to explore a tactical approach to execution in cybersecurity using one of our favorite and trusted frameworks from the book Switch: How to Change Things When Change Is Hard by Chip and Dan Heath. It’s been influential in how we’ve developed our best practices based on first principles. We hope you enjoy the discussion and can take away something of value that you can apply in your security work. Join the RBA Community Are you RBA Ready? Schedule an RBA Readiness Review to define where you’re at and next steps into RBA. Web View of the Splunk published detection content: research.splunk.com Will and Stuart co-founded Outpost Security so that security teams could implement RBA faster and gain new perspectives in securing the frontiers of enterprise.
Thu, 07 Dec 2023 - 53min - 14 - Aligning Competing Priorities
Not only do some security teams have diverging priorities, often times we find that analysts and engineers have goals that are opposed and in conflict with one another. How can your SOC move forward when your teams are moving in complete different directions. In this episode we are going to talk about how your team can find common ground and identify unifying objectives. Join the RBA Community Are you RBA Ready? Schedule an RBA Readiness Review to define where you’re at and next steps into RBA. Web View of the Splunk published detection content: research.splunk.com Will and Stuart co-founded Outpost Security so that security teams could implement RBA faster and gain new perspectives in securing the frontiers of enterprise.
Wed, 22 Nov 2023 - 53min - 13 - I Didn’t Know Splunk Could Do That
This statement follows us wherever we go, whether it’s during an assessment or an implementation. Seasoned security professionals and Splunk users are surprised at some of the features available in Splunk ES. In this episode we are sharing some of these elusive capabilities with you so that you can get the most out of this best in class SIEM. Join the RBA Community Are you RBA Ready? Schedule an RBA Readiness Review to define where you’re at and next steps into RBA. Web View of the Splunk published detection content: research.splunk.com Will and Stuart co-founded Outpost Security so that security teams could implement RBA faster and gain new perspectives in securing the frontiers of enterprise.
Thu, 09 Nov 2023 - 47min - 12 - Gratitude
Stuart wanted to take a bit of time talking about Gratitude, finding the unique aspects of this work that help us, as security professionals, stay in the grind, stay in the fight and keep chasing better solutions and outcomes. And Will, newer (4 years) to the security battle, shares his perspective having chose this path after years in other parts of tech. We hope this episode energizes you to stay strong and curious about enterprise security. Join the RBA Community Are you RBA Ready? Schedule an RBA Readiness Review to define where you’re at and next steps into RBA. Web View of the Splunk published detection content: research.splunk.com Will and Stuart co-founded Outpost Security so that security teams could implement RBA faster and gain new perspectives in securing the frontiers of enterprise.
Thu, 28 Sep 2023 - 51min - 11 - Resilience
We have a bone to pick with the current understanding of being Resilient as it applies to enterprise security. “Resiliency” tries to be a encapsulate how well your organization can defend against unexpected attacks from any where at any time. Some want to point you at the latest tech to add to your stack or list to check against. We have found other indicators that have more impact on your organizations resiliency that any of those. Join the RBA Community Are you RBA Ready? Schedule an RBA Readiness Review to define where you’re at and next steps into RBA. Web View of the Splunk published detection content: research.splunk.com Will and Stuart co-founded Outpost Security so that security teams could implement RBA faster and gain new perspectives in securing the frontiers of enterprise.
Thu, 14 Sep 2023 - 51min - 10 - Murphy’s Law of Combat
This episode is all about Murphy’s Law of Combat and how it pertains to DEFENSIVE cybersecurity. This episode is one of Stuart’s favorite topics and we had a lot of fun selecting a few of the laws to discuss and apply to the work we do. Settle into your seat and let’s secure the frontiers of ES. Join the RBA Community Are you RBA Ready? Schedule an RBA Readiness Review to define where you’re at and next steps into RBA. Web View of the Splunk published detection content: research.splunk.com Will and Stuart co-founded Outpost Security so that security teams could implement RBA faster and gain new perspectives in securing the frontiers of enterprise.
Thu, 31 Aug 2023 - 48min - 9 - Security Blueline (Q&A) with “Dr Stu” 2
[Summary] Join the RBA CommunityAre you RBA Ready? Schedule an RBA Readiness Review to define where you’re at and next steps into RBA. Web View of the Splunk published detection content: research.splunk.com Will and Stuart co-founded Outpost Security so that security teams could implement RBA faster and gain new perspectives in securing the frontiers of enterprise.
Thu, 17 Aug 2023 - 46min - 8 - Interview with Haylee Mills, Splunk Security Strategist
Hot off the heals of Splunk’s .Conf 2023 we are joined by Haylee Mills, Security Strategist from Splunk and community proclaimed “Queen of RBA” to recap the event and the latest RBA conversations. Join the RBA CommunityAre you RBA Ready? Schedule an RBA Readiness Review to define where you’re at and next steps into RBA. Web View of the Splunk published detection content: research.splunk.com Will and Stuart co-founded Outpost Security so that security teams could implement RBA faster and gain new perspectives in securing the frontiers of enterprise.
Thu, 03 Aug 2023 - 47min - 7 - Eliminating Points of Failure with Zero-to-One
Successful implementation of Risk Based Alerting in Splunk can be very challenging. Implementing any SIEM is challenging for that matter. We’ve seen a lot of teams struggle and distilled the problems we’ve observed into three key areas; (bullets if we can) Getting data normalized across all feeds Trying to build exhaustive detection programs before releasing them, or Grasping to get a full picture of an alert event in order to make informed decisions In this episode we discuss why teams get stuck here and introduce our newly launched RBA Zero-to-One app for Splunk(TM) ES; designed specifically to overcome these problems, generate additional benefits to your team dynamics, and lay a foundation for tackling a broader range of issues specific to your environment. Learn more about Outpost RBA Zero-to-One Join the RBA CommunityAre you RBA Ready? Schedule an RBA Readiness Review to define where you’re at and next steps into RBA. Web View of the Splunk published detection content: research.splunk.com Will and Stuart co-founded Outpost Security so that security teams could implement RBA faster and gain new perspectives in securing the frontiers of enterprise.
Thu, 13 Jul 2023 - 1h 03min - 6 - Interview with CSO Jimi Mills of Texas Instruments
For their first interview of the podcast, Will and Stuart talk with Jimi Mills, the CSO of Texas Instruments. Jimi shares about career in security, the ever changing landscape, the value of collaborative culture, and how they all met over late night security chats at Splunk .conf. This conversation provides a glimpse into the future for security leaders who have started their journey into the frontiers of RBA. The ups and downs and the hope it can bring to your SOC. Join the RBA CommunityAre you RBA Ready? Schedule an RBA Readiness Review to define where you’re at and next steps into RBA. Web View of the Splunk published detection content: research.splunk.com Will and Stuart co-founded Outpost Security so that security teams could implement RBA faster and gain new perspectives in securing the frontiers of enterprise.
Thu, 29 Jun 2023 - 1h 02min - 5 - Mature Actually
In this episode Will and Stuart discuss the term “Maturity” and how it has been used to shame your security operation. Instead of measuring maturity, how can we talk about ACTUAL capability, being honest with yourselves so you can meet the needs of your organization. Join the RBA CommunityAre you RBA Ready? Schedule an RBA Readiness Review to define where you’re at and next steps into RBA. Web View of the Splunk published detection content: research.splunk.comWill and Stuart co-founded Outpost Security so that security teams could implement RBA faster and gain new perspectives in securing the frontiers of enterprise.
Thu, 15 Jun 2023 - 40min - 4 - Security Blueline (Q&A) with “Dr Stu”
Welcome to the Outpost RBA Podcast; Securing the Frontiers of Enterprise. Will and Stuart host their first Call-in-style show to answer listener questions:Prioritizing in Philly asks, “Does anyone have any tips for prioritization of content…?” Migration in Memphis asks, “We have 100+ traditional detections and would like to migrate them to RBA. How should we attack this…?” MITRE in Minneapolis asks, “Where should we look for sources of detections tagged to MITRE techniques in order to get 100% coverage?”Send in your question or an audio recording of your question to the show to be answered on a future episode. Join the RBA CommunityAre you RBA Ready? Schedule an RBA Readiness Review to define where you’re at and next steps into RBA. Web View of the Splunk published detection content: research.splunk.comWill and Stuart co-founded Outpost Security so that security teams could implement RBA faster and gain new perspectives in securing the frontiers of enterprise.
Thu, 01 Jun 2023 - 51min - 3 - Security Symphony
Will introduces the metaphor of SYMPHONY to talk about moving from the dissonant noise of your SIEM into a resonant, ordered, performance of security.
Sat, 29 Apr 2023 - 32min - 2 - Why is RBA Revolutionary
In this episode we clear up some common misconceptions security teams have about RBA and equip you to start championing it in your organization.
Sat, 29 Apr 2023 - 39min - 1 - What does “Securing the Frontiers of Enterprise” mean?
In this first episode we talk about the Origins of RBA; How Stuart McIntosh and his team defined the solution they wanted for their SOC and in the end built it themselves - thus RBA was born. Stuart and Will also tell stories about their experiences implementing RBA; Employees using date fields to store credit cards, the compounding of tech debt, process debt, data debt, and more!
Fri, 28 Apr 2023 - 40min
Podcasts similaires à Outpost Security RBA Podcast
- Global News Podcast BBC World Service
- Kriminálka Český rozhlas
- El Partidazo de COPE COPE
- Herrera en COPE COPE
- The Dan Bongino Show Cumulus Podcast Network | Dan Bongino
- Es la Mañana de Federico esRadio
- La Noche de Dieter esRadio
- Hondelatte Raconte - Christophe Hondelatte Europe 1
- Affaires sensibles France Inter
- La rosa de los vientos OndaCero
- Más de uno OndaCero
- La Zanzara Radio 24
- Espacio en blanco Radio Nacional
- Les Grosses Têtes RTL
- L'Heure Du Crime RTL
- El Larguero SER Podcast
- Nadie Sabe Nada SER Podcast
- SER Historia SER Podcast
- Todo Concostrina SER Podcast
- 安住紳一郎の日曜天国 TBS RADIO
- The Tucker Carlson Show Tucker Carlson Network
- 辛坊治郎 ズーム そこまで言うか! ニッポン放送
- 飯田浩司のOK! Cozy up! Podcast ニッポン放送
- 武田鉄矢・今朝の三枚おろし 文化放送PodcastQR