[Bro] Bro News #7

Wed Sep 21 14:58:33 PDT 2016

Bro News #7
Welcome to the Bro newsletter #7. This time we cover the following topics:

Bro Events.

Bro Commits: Bro v2.5 beta is here. Get your newest Bro with new
features and improvements.

Bro Internals: Give Bro a future, join the Future Fund.

Bro Events

BroCon 2016
BroCon 2016 was hosted by TACC in Austin, Texas. About 20 hours of talks
within two and a half days, we had talks from Bro team members about the
newest developments, low level practical talks to improve every day work
life, and also high level research talks. The new SMB analyzer seems to
have had the most impact on the user community. You can read all about here.
We hear you: Our post-conference attendee survey had over 90% who liked
the topics, and over 95% that they liked the way those topics were
presented. Overall, we appreciate all of the feedback that we received,
and while we were blown away by the overwhelmingly positive response,
perhaps even more important to us are the opportunities for making
BroCon even better. We'll keep all of the feedback in mind as we start
the process of preparing for BroCon 2017. We had a few comments
regarding the lack of talks discussing incident response. If those types
of talks interest you, please consider attending Bro4Pros 2017, as that
event tends to have more talks about "life in the trenches."

NSF Cybersecurity Summit 2016
Bro held a one day workshop at the NSF Cybersecurity Summit 2016.

Bro Commits: Bro 2.5 beta is here!

Bro 2.5 beta has been released. Here is a brief summary of some of the
new features and improvements:

Bro now includes the NetControl framework. This framework allows easy
interaction with hard- and software switches, firewalls, etc.
Support for the SMB protocol (SMB1 and SMB2), including GSSAPI and NTLM.
Support for the remote framebuffer protocol (RFB), that is used by VNC
servers for remote graphical display.
The Intelligence framework was refactored and extended. It now supports,
for example subnet indicators and item deletion/expiration.
Binary packages of the beta are also available. See NEWS for preliminary
release notes and CHANGES for the exhaustive commit list. Feedback is
encouraged and should be sent to the Bro mailing list. As previously
stated, we do not recommend using a beta release for production use.

Bro Internals: Give Bro a future, join the Future Fund.

Bro's future depends on all of you. The Bro community is a wonderful mix
of different personalities and skill sets. Many of them will answer all
Bro related questions in our IRC channel #bro on Freenode, and for a
while now also in our Bro channel on Gitter. Others contribute to the
development of Bro. We want to thank everyone who contributes to Bro in
any way. We also would like to send out a call to join the Bro Future
Fund, so we can continue all the work that cannot be done by volunteers
only. If you appreciate Bro in your daily work and think your company or
organization truly benefits from it consider a donation to help us keep
up the work.
In that spirit, Corelight (formerly known as Broala) announced a
donation of $100,000 at BroCon 2016. Thank you Corelight!

- The Bro Team