[IntelMQ-users] intelmq 3.3.0 release
L. Aaron Kaplan
aaron at lo-res.org
Fri Mar 1 20:10:01 CET 2024
Dear intelmq users, developers and IR automation people,
we are very happy to announce (finally announce!) IntelMQ 3.3.0
See: https://github.com/certtools/intelmq
Important changes
===================
The most relevant changes are:
1. Documentation
------------------
great new documentation (mkdocs) at https://docs.intelmq.org/
(Thanks a lot to Filip/ @gethvi! Amazing work)
Documentation has been updated and restructured into User, Administrator and Developer Guide.
The documentation is easier to navigate, slicker and just way more readable now.
We know that the user-experience with a framework such as IntelMQ is very important. Good documentation helps a lot here. Please do check it out and give us feedback!
2. dynamic shadowserver reports and -parser
-------------------------------------------
Lots of thanks to Shadowserver / @elsif2 for his continuous and dedicated contributions to make IntelMQ much better with shadowserver feeds.
Motivation for this:
Shadowserver adds new scans on a nearly weekly basis. IntelMQ's release cycle and the need for a stable release could not keep up with this high intensity of shadowserver parser changes. We therefore (thanks to @eslif2) move the shadowserver reports collector and parser to a new, dynamic system. It can:
• fetch the shadowserver schema from shadowserver (https://interchange.shadowserver.org/intelmq/v1/schema)
• dynamically collect new reports (see also https://docs.intelmq.org/latest/user/bots/?h=shadow#shadowserver-reports-api)
• parse the new reports
You can find all about the new shadowserver reports in IntelMQ here: https://docs.intelmq.org/latest/user/bots/#shadowserver-reports-api and
https://docs.intelmq.org/latest/user/bots/#shadowserver
3. More
------------
And of course, lots of changes in the background and the core. Big thanks to Kamil and Sebix!
You can find the full details here:
https://github.com/certtools/intelmq/blob/develop/NEWS.md (short version)
and here:
https://github.com/certtools/intelmq/blob/develop/CHANGELOG.md
4. Future of IntelMQ and release cycles
----------------------------------------
We know that the last one, two years, IntelMQ releases were a bit sporadic.
We plan to change this and make it more deterministic.
We therefore commit to 2 releases per year + two release candidates (intermediate, BETA) releases:
Release 1: in quarter 1: March.
Release 2: release-candidate in Q2 (end of June).
Release 3: Sept
Release 4: release-candidate release in Q4 (Dec).
Also, in order to secure the future sustainability of IntelMQ, we will join the "ossbase" Open Source Security Software alliance. The idea here is to join a bigger foundation (similarly structured to the Apache Foundation) which will be created together with CIRCL.lu. Thanks Alexandre for continuing to push this idea.
Being a part of ossbase will allow us to support IntelMQ in the future years while keeping the project independent, alive, kicking and a great community project. And that's what relevant.
Stay tuned for updates here.
5. Thank you
--------------
And finally and again: a big THANK YOU for all the committers, contributors, bug reporters, etc.!!!
Without this community, we would not exist.
You are mentioned here:
https://github.com/certtools/intelmq/blob/develop/AUTHORS
https://github.com/certtools/intelmq/blob/develop/CHANGELOG.md
https://github.com/certtools/intelmq/issues
More information about the IntelMQ-users
mailing list