Bro Monthly #5

Welcome to the 5th Bro Monthly newsletter. This month we cover the following topics:

  • Bro Meet-ups: our category for Bro related gatherings and groups,
  • Bro Commits: Bro v2.4 is here,
  • Bro in the wild,
  • Bro internal.

Bro Meet-ups

BroCon’15 Agenda online

Still not registered for BroCon’15?
Please have a look on our updated agenda.
We are happy to announce that the inventor of Bro, Vern Paxson will give a keynote speech.

The deadline to submit your presentation is coming very soon,May 29th. We already have some exciting topics but there is for sure room for more. Send us your Bro story.

Bro Commits: Bro v2.4 is here

We are happy to announce the beta of Bro v2.4 is available for download! Here is a brief summary of new features and improvements:

  • Support for external plugins to extend core functionality.
  • Announcing the release of Broker: Bro’s new communication library.
  • Major improvements to BroControl’s reliability and error handling.
  • New analyzers: including SSH, DTLS, RDP, and MySQL.
  • File analysis supports reassembly of files not transferred/seen sequentially.
  • And, BroCut was rewritten in C to improve its speed.

Binary packages are also available.

See NEWS for preliminary release notes and CHANGES for the exhaustive commit list.

Feedback is encouraged and should be sent to the Bro mailing list. As previously stated, we do not recommend using a beta release for production use.

Bro in the wild

In this category we list Bro related finds from the web. If you want us to list your Bro story here, please contact us via

Free Bro Crash course @BsidesChicago with @CriticalStack CEO Liam Randall ( @Hectaman ). Sign up today:

— Liam Randall (@Hectaman) May 13, 2015

How to Write an Analyzer for @Bro_IDS

— Jon Schipp (@JonSchipp) May 11, 2015

Fox-IT – Quantum Insert detection for Bro-IDS #CyberDefense #cybersecurity #infosec

— Ian (@Secnewsbytes) May 5, 2015

another week, another @Bro_IDS script package— if you're not monitoring for Tor and want to start, take a look:

— Josh Liburdi (@jshlbrd) May 4, 2015

cute weekend hack: loading @Bro_IDS logs dynamically as @osquery tables

— Jen Andre (@fun_cuddles) April 27, 2015

looking for MS15-034 and run @Bro_IDS? we're sharing a script we use to find it: cc @CrowdStrike

— Josh Liburdi (@jshlbrd) April 20, 2015

And so it begins… A PE analyzer in @Bro_IDS

— Anthony (@anthonykasza) April 20, 2015

thanks to @sroberts, I wrote a blog post about my favorite hunting tool (shocker, it's @Bro_IDS):

— Josh Liburdi (@jshlbrd) April 14, 2015

Video of @OpenNSM lastnight is up! @JustinAzoff on Graphing @Bro_IDS Metrics, BHR, and Ninfo Great integration tools

— OpenNSM (@OpenNSM) April 14, 2015

New Nettitude blog: Network Security Monitoring With Bro IDS, TCPDump And MongoDB: #Infosec

— Nettitude Group (@Nettitude_com) April 1, 2015

Bro Internal

Saying goodbye to Bro's Jon Siwek, thanks for all your awesome work

— The Bro Platform (@Bro_IDS) April 30, 2015

%d bloggers like this: