To all members of the Zeek community: today I’m excited to share the strategic goals I’ll be pursuing over the next year. As a reminder, I joined Corelight as Director of Community for the Zeek project a few months ago. I developed the following list after learning about the community and evaluating where it is, talking to many of you, and gathering feedback from the Zeek Leadership Team and the Corelight Founders.
Please understand, this is only a beginning. I’ll be working on other goals in the future, and would like to get your input on what you most need. But based on my prior experience supporting community efforts in the Ubuntu and Open Compute Projects, it’s often helpful to get started with infrastructure, awareness, engagement, and governance. As we work on these items, I am sure other actionable goals will move onto my plate.
If you or your organization would like to help with any of these goals or if you have questions, comments, feedback of any kind please feel free to reach out and let me know.
I look forward to collaborating with you all. Here’s to stronger communities, safer networks and many successes as we work together!
1. Increase Zeek Awareness – We need to drive greater awareness of Zeek in the cybersecurity / threat hunting / detection ecosystems, while also targeting adjacent open source technologies. To this end, we will:
- Deliver a monthly newsletter (Including Zeek news/tutorials, other security news, notable CVEs, etc.)
- Produce an editorial calendar for 2019, to include:
- Monthly content cadence (tutorials and articles)
- Information about new releases (including notes/demos)
- Document editorial process (for soliciting external contributions)
- Rewards and incentives (for contributors)
2. Increase Engagement with the Zeek Community – We need more online and in-person engagement opportunities for the Zeek community, because there are many ways to contribute and get involved. To accomplish this, we will seek to have the following:
- A predictable cadence of in-person meetups, training opportunities, and other events to meet and engage with the community.
- Engagements and partnerships with adjacent technology communities.
- Updated / reorganized documentation, tutorials as well as support channels.
- A calendar of events for the community.
- Definition for each major type of contribution (what tasks, what skills, what is success and how to reward and retain contributors).
3. Update Zeek Infrastructure – Last year the project was renamed Zeek (formerly Bro). Once a new logo is finalized, we need to rebrand, update, and reorganize the website – with the aim of creating a clean, easy to navigate and intuitive home where Zeek users and developers of all skill levels can go to gain knowledge and know-how. This will help us:
- Increase brand credibility (making the website convey the same high quality of Zeek project code)
- Gain community contributors and users (participation is a cornerstone to all successful communities)
- Encourage contributions and project innovation
4. Design Governance Structure – While we already have a Zeek Leadership Team (LT) and core committers, we don’t have a system that defines how people can move into either of those roles. This work will be broken down into two phases.
- Phase 1
- Shed more light onto the decision making process and publish notes after each LT and Zeek community meeting
- Solicit input from the Zeek community.
- Phase 2
- Define processes for how to become part of the leadership and decision making bodies.
Helpful Links and information:
Getting Involved: If you would like to be part of the Open Source Zeek Community and contribute to the success of the project please sign up for our mailing lists, join our IRC Channel, come to our events, follow the blog and/or Twitter feed. If you’re writing scripts or plugins for Zeek we would love to hear from you! Can’t figure out what your next step should be, just reach out. Together we can find a place for you to actively contribute and be a part of this growing community.
About Zeek (formerly Bro): Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. https://www.zeek.org/