[Intelmq-dev] IntelMQ 3.0, leaving CERT.at and the future of IntelMQ

L. Aaron Kaplan kaplan at cert.at
Sun Nov 15 00:15:23 CET 2020


Dear incident handling automation tools list,
dear IntelMQ folks,

First of all, after extensive feedback from many of you, we do have a high level requirements document
for IntelMQ 3.0. It's here: https://github.com/certtools/intelmq/blob/version-3.0-ideas/docs/architecture-3.0.md

This shall serve as a high level blueprint for IntelMQ 3.0 developments. Sebastian is working on prioritising individual
items for CERT.at and then we will create individual GitHub issues and people (mostly at CERT.at) will be hacking away at it.
Looking forward to this release.

I'll be guiding this release however, I won't be working at CERT.at anymore starting on the 15th of Nov.


Which brings me to an important conclusion:

I thought long about it what we should do when core people leave CERT.at (as in my case, or... maybe Sebastian will leave one day
or get run over by the famous bus which always seems to run over every team member according to manager's expectations ;-) )
In any case, the most solid approach seems to remember what IntelMQ actually is - a **community project**.
It started as one, it is one , it will be one.

In the last years, CERT.at did a lot of the heavy lifting and also a lot of the decisions on IntelMQ's future.
However, with a couple of hundred (600?) installations worldwide, it would be wise to create an **advisory board/architecture board**
for the future developments. I would envision a small-ish group of 4-8 people who take the responsibility of guiding the project for the next ~5 years.

This means:
  - staying on top of current developments
  - coordinating with the other group members
  - coming up with a strategy and procedures (for example, compare with PEP, maybe a lightweight PEP approach is enough)
 etc.
  - ultimately, guiding the project

It's work, for sure. You should have some passion for the project of course.

I sent out a couple of invite requests to individuals but also would be interested to hear from you, if you would like to participate in such
an effort.

Hence, IntelMQ will become its own entity. And that's good, healthy and ensures a maximum benefit for many users.

If you would like to be on that board, please send me an email.
I'll guide it initially and get everything started.

All the best,
Aaron Kaplan

(private email address for the future: aaron at lo-res.org)


PS: we already have one or two companies offering development support for IntelMQ, I would like that they can thrive in this project as well - on a friendly basis. In the long run, this will make the project stronger.


--
// L. Aaron Kaplan <kaplan at cert.at> - T: +43 1 5056416 78
// CERT Austria - https://www.cert.at/
// Eine Initiative der nic.at GmbH - http://www.nic.at/
// Firmenbuchnummer 172568b, LG Salzburg






-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.cert.at/pipermail/intelmq-dev/attachments/20201115/d56548f0/attachment.sig>


More information about the Intelmq-dev mailing list