#Malcolm (malcolm.fyi) v25.09 features 🧠 threat intel improvements, new ⚙️ config options, 🆙 component updates, 🐛 fixes, more! Details @ github.com/idaholab/Malcolm/releases. Malcolm is a powerful tool suite for NSM 🕵🏻‍♂️. #Zeek #Arkime #NetBox #Suricata #NetworkTrafficAnalysis #networksecuritymonitoring

Malcolm

Building a network traffic analysis system: Deploying Malcolm on Amazon EC2

This is the first of two blog posts on the AWS Public Sector Blog about deploying Malcolm on Amazon AWS. It covers installing Malcolm on a single EC2 instance. The next post will cover deploying Malcolm on EKS.

For those of you more interested in scaling Malcolm using Kubernetes, you can check out our "still-in-beta" Helm chart and share your feedback in the issue tracker on that repo.

#AWS #EC2 #Malcolm #Zeek #Arkime #NetBox #OpenSearch #Elasticsearch #Suricata #PCAP #NetworkTrafficAnalysis #networksecuritymonitoring #OT #ICS #icssecurity #CyberSecurity #Cyber #Infosec #INL #DHS #CISA #CISAgov

Hey, y'all, if you have anything to do with the Zeek network security monitor (as a user, script/plugin developer, researcher, whatever), would you please take 10 minutes to fill out the Zeek Project Survey 2025. This is your chance to help the Zeek team know how you feel about the project and help shape its direction moving forward.

#Zeek #PCAP #NetworkTrafficAnalysis #networksecuritymonitoring #CyberSecurity #Cyber #Infosec

Here’s another reason why you need a balanced approach to detection and response, including #networksecuritymonitoring, and cannot simply rely on the integrity of the endpoint. https://www.techspot.com/news/107883-ransomware-can-now-run-directly-cpu-researcher-warns.html

#Malcolm (malcolm.fyi) v25.03.0 brings 🔐 auth via #Keycloak and with it #SSO, identity providers, and more! See the release notes github.com/cisagov/Malc... for more info! Malcolm is a powerful tool suite for NSM. #Zeek #Arkime #NetBox #Suricata #NetworkTrafficAnalysis #networksecuritymonitoring

#DHS #CISA is big on the building community aspect of #Malcolm right now, so as part of that we'll be having our first "Malcolm Office Hours" this Thursday. The plan is to have this monthly, every third Thursday, at 12pm Eastern time for 30 minutes. Details for the office hours can be found here. We'll be figuring out what works with this as we go and adjusting the format as needed. We hope to see any of you who might be interested there!

Malcolm is a powerful, easily deployable network traffic analysis tool suite for network security monitoring.

#HedgehogLinux #Zeek #Arkime #NetBox #OpenSearch #Elasticsearch #Suricata #PCAP #NetworkTrafficAnalysis #networksecuritymonitoring #OT #ICS #icssecurity #CyberSecurity #Cyber #Infosec #INL #CISAgov

Malcolm v25.01.0 is out! See the release notes for details! malcolm.fyi github.com/cisagov/Malc... #Malcolm #HedgehogLinux #Zeek #Arkime #NetBox #OpenSearch #Elasticsearch #Suricata #PCAP #NetworkTrafficAnalysis #networksecuritymonitoring #OT #ICS #icssecurity #CyberSecurity #Cyber #Infosec

Malcolm

Malcolm (malcolm.fyi) v24.12.0 is out (github.com/cisagov/Malc...), with ✨enhancements, ✅component updates, and 🐛bug fixes. See the release notes for details. #Malcolm #HedgehogLinux #Zeek #Arkime #NetBox #Suricata #PCAP #NetworkTrafficAnalysis #networksecuritymonitoring #OT #ICS #CyberSecurity

Today, I officially turned into an #InfoSec dinosaur. 25 years ago, I entered my first job in infosec as a scientific #researcher in a research establishment.

A topic that accompanied me through the entire time was #NetworkSecurityMonitoring, beginning in the late 1990's with the Network Flight Recorder (#NFR) and early versions of #snort and #bro.