[Oisf-users] Happy New Year!

Matthew Jonkman jonkman at jonkmans.com
Sat Jan 1 19:36:22 UTC 2011

I would like to take a moment to wish everyone a great new year, and reflect for a moment on where we have been and where we are going. 

As a community this year we continued to improve on what we have built and what we offer to each other through the emerging threats open rules. We have survived several ddos attacks, broken and sig covered uncounted numbers of bots and CnC channels, and tracked the worst of the worst bad guys and networks. We have done all of this because we are a collaborative group sharing the valuable intel each of us has developed with everyone that cares to use it.

The ET Pro team rewrote the entire corpus of signatures of network-detectable threats developed over the last ten years, and we did this in only about six months. We launched a new company and a new service infrastructure and built qa and performance testing for us and the open rulesets. We hired some of the best out of the ET community to do this for a living, and we will be hiring more very soon! We've built research partnerships with the best in the business like Nitro Security, and more will be announced soon. And we have made a significant improvement in the open rules to benefit both rulesets.

We as a community have prevented, detected, and identified hundreds of thousands, if not millions, of infections and compromises. We are doing good things. Thanks for being here, we need everyone!

Suricata through the OISF has proven to be effective. It is changing how we can detect things and redefining what stock hardware can do at speed. Phase two development is just starting and will be a huge leap forward. We have the foundation, now it's time to reach even higher.

Not a bad year by any standard!

This coming year we are going to keep pushing. We have new sandnetting and CnC detection methods going into place and new ip reputation and dns reputation services coming for suricata and the SIEMs out there. 

It was a great 2010, but the past year just set the stage for what we as the ET community, ET Pro, and the OISF will get done in 2011!! This is all because of you- the ET community, the great volunteers and contractors at the OISF, the great folks at DHS making OiSF possible, and the great team here at ET Pro. 

I can't wait to see how this turns out!

Matthew Jonkman
Emerging Threats
Open Information Security Foundation (OISF)
Phone 765-429-0398
Fax 312-264-0205

More information about the Oisf-users mailing list