Overview
- F5
- NGINX Open Source
Description
Statistics
- 1 Post
- 3 Interactions
Fediverse
Malcolm v26.05.1 is out?!? What, already? Déjà vu? We bumped up to the timetable on this release as a critical vulnerability found in NGINX made it expedient for us to do so.
Malcolm v26.05.1 focuses heavily on security updates, most notably upgrading OpenResty to address a critical NGINX remote code execution heap buffer overflow vulnerability. It also adds new Suricata OT detections for D-Link HNAP abuse, improves alerting webhook support, introduces the File Tree dashboard, and includes Suricata parsing/mapping fixes and documentation updates. Several other components received version bumps as well.
If you are upgrading from an existing Malcolm installation, run ./scripts/status for Malcolm to migrate some settings prior to running ./scripts/configure, ./scripts/start, or other Malcolm control scripts.
https://github.com/idaholab/Malcolm/compare/v26.05.0...v26.05.1
- ✨ Features and enhancements
- Improvements to alerting loopback webhook API endpoint (#971) (see also this discussion)
- Add Suricata OT rules for D-Link HNAP abuse detection (#969) (Suricata detection for GHSA-m69q-2cfc-q63c / CVE-2026-8260; thanks @sercanokur)
- Added the File Tree visualization dashboard which presents a hierarchical breakdown of files observed in network traffic, particularly with regards to archived files such as ZIP files or tarballs, allowing parent/child relationships between nested files to be explored. (thanks @sbhiens25)
- ✅ Component version updates
- Filebeat to v9.4.1
- Fluent Bit to v5.0.5
- GitPython to v3.1.50 to address high vulnerabilities CVE-2026-44244, CVE-2026-44243, and CVE-2026-42284
- Logstash to v9.4.1
- NetBox to v4.5.x (#955)
- This is a major NetBox release, up from v4.4.10. It's recommended that you back up your NetBox database before upgrading.
- these NetBox plugins were also updated:
- netbox-initializers to v4.5.1
- netbox-topology-views to v4.5.1
- Device-Type-Library-Import switched to marcinpsk/Device-Type-Library-Import fork
- thanks to @boscard in this discussion for some tips on running NetBox docker on a base path.
- OpenResty to v1.29.2.4, which, in addition to other fixes and changes, addresses the following CVEs
- critical: RCE heap buffer overflow vulnerability in NGINX CVE-2026-42945 (#976)
- high: Buffer overflow in ngx_http_dav_module CVE-2026-27654
- high: Buffer overflow in the ngx_http_mp4_module CVE-2026-27784
- high: Buffer overflow in the ngx_http_mp4_module CVE-2026-32647
- high: NULL pointer dereference while using CRAM-MD5 or APOP CVE-2026-27651
- medium: Injection in auth_http and XCLIENT CVE-2026-28753
- medium: OCSP result bypass in stream CVE-2026-28755
- high: SSL upstream injection CVE-2026-1642
- urllib3 to v2.7.0 to address high vulnerabilities CVE-2026-44431 and CVE-2026-44432
- 🐛 Bug fixes
- Reference Counting (Use-After-Free) Bug for PyList_SetItem in
filescan's python-statfs (#960 #962) - Added a few missing Suricata fields (
suricata.tc_progress,suricata.ts_progress,suricata.tunnel.pcap_cnt,suricata.tunnel.pkt_src) to the index mapping template - When
suricata.app_proto_tsand/orsuricata.app_proto_tcreported that protocol parsing had failed (due to malformed input data), invalid data could be stored in HTTP, DNS, and/or TLS fields. This is now detected and those invalid values are dropped, and some combination ofproto_parse_failed,client_stream_failed, orserver_stream_failedare added totags. - Suricata's HTTP version was not being normalized to
network.protocol_version.
- Reference Counting (Use-After-Free) Bug for PyList_SetItem in
- 🧹 Code and project maintenance
- Added Malcolm Dashboard Reference to documentation
- Completely rewrote Upgrading Malcolm in documentation
- Updated links to protocols page in documentation for new Arkime protocol support (thanks @awick)
Malcolm is a powerful, easily deployable network 🖧 traffic analysis tool suite for network security monitoring 🕵🏻♀️.
Malcolm operates as a cluster of containers 📦, isolated sandboxes which each serve a dedicated function of the system. This makes Malcolm deployable with frameworks like Docker 🐋, Podman 🦭, and Kubernetes ⎈. Check out the Quick Start guide for examples on how to get up and running.
Alternatively, dedicated official ISO installer images 💿 for Malcolm and Hedgehog Linux 🦔 can be downloaded from Malcolm's releases page on GitHub. Due to limits on individual files in GitHub releases, these ISO files have been split 🪓 into 2GB chunks and can be reassembled with scripts provided for both Bash 🐧 (release_cleaver.sh) and PowerShell 🪟 (release_cleaver.ps1). See Downloading Malcolm - Installer ISOs for instructions.
As always, join us on the Malcolm discussions board 💬 to engage with the community, or pop some corn 🍿 and watch a video 📼.
#Malcolm #HedgehogLinux #Zeek #Arkime #Strelka #NetBox #OpenSearch #Elasticsearch #Suricata #PCAP #NetworkTrafficAnalysis #networksecuritymonitoring #OT #ICS #icssecurity #CyberSecurity #Cyber #Infosec #INL
Overview
- F5
- NGINX Open Source
Description
Statistics
- 1 Post
- 3 Interactions
Fediverse
Malcolm v26.05.1 is out?!? What, already? Déjà vu? We bumped up to the timetable on this release as a critical vulnerability found in NGINX made it expedient for us to do so.
Malcolm v26.05.1 focuses heavily on security updates, most notably upgrading OpenResty to address a critical NGINX remote code execution heap buffer overflow vulnerability. It also adds new Suricata OT detections for D-Link HNAP abuse, improves alerting webhook support, introduces the File Tree dashboard, and includes Suricata parsing/mapping fixes and documentation updates. Several other components received version bumps as well.
If you are upgrading from an existing Malcolm installation, run ./scripts/status for Malcolm to migrate some settings prior to running ./scripts/configure, ./scripts/start, or other Malcolm control scripts.
https://github.com/idaholab/Malcolm/compare/v26.05.0...v26.05.1
- ✨ Features and enhancements
- Improvements to alerting loopback webhook API endpoint (#971) (see also this discussion)
- Add Suricata OT rules for D-Link HNAP abuse detection (#969) (Suricata detection for GHSA-m69q-2cfc-q63c / CVE-2026-8260; thanks @sercanokur)
- Added the File Tree visualization dashboard which presents a hierarchical breakdown of files observed in network traffic, particularly with regards to archived files such as ZIP files or tarballs, allowing parent/child relationships between nested files to be explored. (thanks @sbhiens25)
- ✅ Component version updates
- Filebeat to v9.4.1
- Fluent Bit to v5.0.5
- GitPython to v3.1.50 to address high vulnerabilities CVE-2026-44244, CVE-2026-44243, and CVE-2026-42284
- Logstash to v9.4.1
- NetBox to v4.5.x (#955)
- This is a major NetBox release, up from v4.4.10. It's recommended that you back up your NetBox database before upgrading.
- these NetBox plugins were also updated:
- netbox-initializers to v4.5.1
- netbox-topology-views to v4.5.1
- Device-Type-Library-Import switched to marcinpsk/Device-Type-Library-Import fork
- thanks to @boscard in this discussion for some tips on running NetBox docker on a base path.
- OpenResty to v1.29.2.4, which, in addition to other fixes and changes, addresses the following CVEs
- critical: RCE heap buffer overflow vulnerability in NGINX CVE-2026-42945 (#976)
- high: Buffer overflow in ngx_http_dav_module CVE-2026-27654
- high: Buffer overflow in the ngx_http_mp4_module CVE-2026-27784
- high: Buffer overflow in the ngx_http_mp4_module CVE-2026-32647
- high: NULL pointer dereference while using CRAM-MD5 or APOP CVE-2026-27651
- medium: Injection in auth_http and XCLIENT CVE-2026-28753
- medium: OCSP result bypass in stream CVE-2026-28755
- high: SSL upstream injection CVE-2026-1642
- urllib3 to v2.7.0 to address high vulnerabilities CVE-2026-44431 and CVE-2026-44432
- 🐛 Bug fixes
- Reference Counting (Use-After-Free) Bug for PyList_SetItem in
filescan's python-statfs (#960 #962) - Added a few missing Suricata fields (
suricata.tc_progress,suricata.ts_progress,suricata.tunnel.pcap_cnt,suricata.tunnel.pkt_src) to the index mapping template - When
suricata.app_proto_tsand/orsuricata.app_proto_tcreported that protocol parsing had failed (due to malformed input data), invalid data could be stored in HTTP, DNS, and/or TLS fields. This is now detected and those invalid values are dropped, and some combination ofproto_parse_failed,client_stream_failed, orserver_stream_failedare added totags. - Suricata's HTTP version was not being normalized to
network.protocol_version.
- Reference Counting (Use-After-Free) Bug for PyList_SetItem in
- 🧹 Code and project maintenance
- Added Malcolm Dashboard Reference to documentation
- Completely rewrote Upgrading Malcolm in documentation
- Updated links to protocols page in documentation for new Arkime protocol support (thanks @awick)
Malcolm is a powerful, easily deployable network 🖧 traffic analysis tool suite for network security monitoring 🕵🏻♀️.
Malcolm operates as a cluster of containers 📦, isolated sandboxes which each serve a dedicated function of the system. This makes Malcolm deployable with frameworks like Docker 🐋, Podman 🦭, and Kubernetes ⎈. Check out the Quick Start guide for examples on how to get up and running.
Alternatively, dedicated official ISO installer images 💿 for Malcolm and Hedgehog Linux 🦔 can be downloaded from Malcolm's releases page on GitHub. Due to limits on individual files in GitHub releases, these ISO files have been split 🪓 into 2GB chunks and can be reassembled with scripts provided for both Bash 🐧 (release_cleaver.sh) and PowerShell 🪟 (release_cleaver.ps1). See Downloading Malcolm - Installer ISOs for instructions.
As always, join us on the Malcolm discussions board 💬 to engage with the community, or pop some corn 🍿 and watch a video 📼.
#Malcolm #HedgehogLinux #Zeek #Arkime #Strelka #NetBox #OpenSearch #Elasticsearch #Suricata #PCAP #NetworkTrafficAnalysis #networksecuritymonitoring #OT #ICS #icssecurity #CyberSecurity #Cyber #Infosec #INL
Overview
- gitpython-developers
- GitPython
Description
Statistics
- 1 Post
- 3 Interactions
Fediverse
Malcolm v26.05.1 is out?!? What, already? Déjà vu? We bumped up to the timetable on this release as a critical vulnerability found in NGINX made it expedient for us to do so.
Malcolm v26.05.1 focuses heavily on security updates, most notably upgrading OpenResty to address a critical NGINX remote code execution heap buffer overflow vulnerability. It also adds new Suricata OT detections for D-Link HNAP abuse, improves alerting webhook support, introduces the File Tree dashboard, and includes Suricata parsing/mapping fixes and documentation updates. Several other components received version bumps as well.
If you are upgrading from an existing Malcolm installation, run ./scripts/status for Malcolm to migrate some settings prior to running ./scripts/configure, ./scripts/start, or other Malcolm control scripts.
https://github.com/idaholab/Malcolm/compare/v26.05.0...v26.05.1
- ✨ Features and enhancements
- Improvements to alerting loopback webhook API endpoint (#971) (see also this discussion)
- Add Suricata OT rules for D-Link HNAP abuse detection (#969) (Suricata detection for GHSA-m69q-2cfc-q63c / CVE-2026-8260; thanks @sercanokur)
- Added the File Tree visualization dashboard which presents a hierarchical breakdown of files observed in network traffic, particularly with regards to archived files such as ZIP files or tarballs, allowing parent/child relationships between nested files to be explored. (thanks @sbhiens25)
- ✅ Component version updates
- Filebeat to v9.4.1
- Fluent Bit to v5.0.5
- GitPython to v3.1.50 to address high vulnerabilities CVE-2026-44244, CVE-2026-44243, and CVE-2026-42284
- Logstash to v9.4.1
- NetBox to v4.5.x (#955)
- This is a major NetBox release, up from v4.4.10. It's recommended that you back up your NetBox database before upgrading.
- these NetBox plugins were also updated:
- netbox-initializers to v4.5.1
- netbox-topology-views to v4.5.1
- Device-Type-Library-Import switched to marcinpsk/Device-Type-Library-Import fork
- thanks to @boscard in this discussion for some tips on running NetBox docker on a base path.
- OpenResty to v1.29.2.4, which, in addition to other fixes and changes, addresses the following CVEs
- critical: RCE heap buffer overflow vulnerability in NGINX CVE-2026-42945 (#976)
- high: Buffer overflow in ngx_http_dav_module CVE-2026-27654
- high: Buffer overflow in the ngx_http_mp4_module CVE-2026-27784
- high: Buffer overflow in the ngx_http_mp4_module CVE-2026-32647
- high: NULL pointer dereference while using CRAM-MD5 or APOP CVE-2026-27651
- medium: Injection in auth_http and XCLIENT CVE-2026-28753
- medium: OCSP result bypass in stream CVE-2026-28755
- high: SSL upstream injection CVE-2026-1642
- urllib3 to v2.7.0 to address high vulnerabilities CVE-2026-44431 and CVE-2026-44432
- 🐛 Bug fixes
- Reference Counting (Use-After-Free) Bug for PyList_SetItem in
filescan's python-statfs (#960 #962) - Added a few missing Suricata fields (
suricata.tc_progress,suricata.ts_progress,suricata.tunnel.pcap_cnt,suricata.tunnel.pkt_src) to the index mapping template - When
suricata.app_proto_tsand/orsuricata.app_proto_tcreported that protocol parsing had failed (due to malformed input data), invalid data could be stored in HTTP, DNS, and/or TLS fields. This is now detected and those invalid values are dropped, and some combination ofproto_parse_failed,client_stream_failed, orserver_stream_failedare added totags. - Suricata's HTTP version was not being normalized to
network.protocol_version.
- Reference Counting (Use-After-Free) Bug for PyList_SetItem in
- 🧹 Code and project maintenance
- Added Malcolm Dashboard Reference to documentation
- Completely rewrote Upgrading Malcolm in documentation
- Updated links to protocols page in documentation for new Arkime protocol support (thanks @awick)
Malcolm is a powerful, easily deployable network 🖧 traffic analysis tool suite for network security monitoring 🕵🏻♀️.
Malcolm operates as a cluster of containers 📦, isolated sandboxes which each serve a dedicated function of the system. This makes Malcolm deployable with frameworks like Docker 🐋, Podman 🦭, and Kubernetes ⎈. Check out the Quick Start guide for examples on how to get up and running.
Alternatively, dedicated official ISO installer images 💿 for Malcolm and Hedgehog Linux 🦔 can be downloaded from Malcolm's releases page on GitHub. Due to limits on individual files in GitHub releases, these ISO files have been split 🪓 into 2GB chunks and can be reassembled with scripts provided for both Bash 🐧 (release_cleaver.sh) and PowerShell 🪟 (release_cleaver.ps1). See Downloading Malcolm - Installer ISOs for instructions.
As always, join us on the Malcolm discussions board 💬 to engage with the community, or pop some corn 🍿 and watch a video 📼.
#Malcolm #HedgehogLinux #Zeek #Arkime #Strelka #NetBox #OpenSearch #Elasticsearch #Suricata #PCAP #NetworkTrafficAnalysis #networksecuritymonitoring #OT #ICS #icssecurity #CyberSecurity #Cyber #Infosec #INL
Overview
- F5
- NGINX Open Source
Description
Statistics
- 1 Post
- 3 Interactions
Fediverse
Malcolm v26.05.1 is out?!? What, already? Déjà vu? We bumped up to the timetable on this release as a critical vulnerability found in NGINX made it expedient for us to do so.
Malcolm v26.05.1 focuses heavily on security updates, most notably upgrading OpenResty to address a critical NGINX remote code execution heap buffer overflow vulnerability. It also adds new Suricata OT detections for D-Link HNAP abuse, improves alerting webhook support, introduces the File Tree dashboard, and includes Suricata parsing/mapping fixes and documentation updates. Several other components received version bumps as well.
If you are upgrading from an existing Malcolm installation, run ./scripts/status for Malcolm to migrate some settings prior to running ./scripts/configure, ./scripts/start, or other Malcolm control scripts.
https://github.com/idaholab/Malcolm/compare/v26.05.0...v26.05.1
- ✨ Features and enhancements
- Improvements to alerting loopback webhook API endpoint (#971) (see also this discussion)
- Add Suricata OT rules for D-Link HNAP abuse detection (#969) (Suricata detection for GHSA-m69q-2cfc-q63c / CVE-2026-8260; thanks @sercanokur)
- Added the File Tree visualization dashboard which presents a hierarchical breakdown of files observed in network traffic, particularly with regards to archived files such as ZIP files or tarballs, allowing parent/child relationships between nested files to be explored. (thanks @sbhiens25)
- ✅ Component version updates
- Filebeat to v9.4.1
- Fluent Bit to v5.0.5
- GitPython to v3.1.50 to address high vulnerabilities CVE-2026-44244, CVE-2026-44243, and CVE-2026-42284
- Logstash to v9.4.1
- NetBox to v4.5.x (#955)
- This is a major NetBox release, up from v4.4.10. It's recommended that you back up your NetBox database before upgrading.
- these NetBox plugins were also updated:
- netbox-initializers to v4.5.1
- netbox-topology-views to v4.5.1
- Device-Type-Library-Import switched to marcinpsk/Device-Type-Library-Import fork
- thanks to @boscard in this discussion for some tips on running NetBox docker on a base path.
- OpenResty to v1.29.2.4, which, in addition to other fixes and changes, addresses the following CVEs
- critical: RCE heap buffer overflow vulnerability in NGINX CVE-2026-42945 (#976)
- high: Buffer overflow in ngx_http_dav_module CVE-2026-27654
- high: Buffer overflow in the ngx_http_mp4_module CVE-2026-27784
- high: Buffer overflow in the ngx_http_mp4_module CVE-2026-32647
- high: NULL pointer dereference while using CRAM-MD5 or APOP CVE-2026-27651
- medium: Injection in auth_http and XCLIENT CVE-2026-28753
- medium: OCSP result bypass in stream CVE-2026-28755
- high: SSL upstream injection CVE-2026-1642
- urllib3 to v2.7.0 to address high vulnerabilities CVE-2026-44431 and CVE-2026-44432
- 🐛 Bug fixes
- Reference Counting (Use-After-Free) Bug for PyList_SetItem in
filescan's python-statfs (#960 #962) - Added a few missing Suricata fields (
suricata.tc_progress,suricata.ts_progress,suricata.tunnel.pcap_cnt,suricata.tunnel.pkt_src) to the index mapping template - When
suricata.app_proto_tsand/orsuricata.app_proto_tcreported that protocol parsing had failed (due to malformed input data), invalid data could be stored in HTTP, DNS, and/or TLS fields. This is now detected and those invalid values are dropped, and some combination ofproto_parse_failed,client_stream_failed, orserver_stream_failedare added totags. - Suricata's HTTP version was not being normalized to
network.protocol_version.
- Reference Counting (Use-After-Free) Bug for PyList_SetItem in
- 🧹 Code and project maintenance
- Added Malcolm Dashboard Reference to documentation
- Completely rewrote Upgrading Malcolm in documentation
- Updated links to protocols page in documentation for new Arkime protocol support (thanks @awick)
Malcolm is a powerful, easily deployable network 🖧 traffic analysis tool suite for network security monitoring 🕵🏻♀️.
Malcolm operates as a cluster of containers 📦, isolated sandboxes which each serve a dedicated function of the system. This makes Malcolm deployable with frameworks like Docker 🐋, Podman 🦭, and Kubernetes ⎈. Check out the Quick Start guide for examples on how to get up and running.
Alternatively, dedicated official ISO installer images 💿 for Malcolm and Hedgehog Linux 🦔 can be downloaded from Malcolm's releases page on GitHub. Due to limits on individual files in GitHub releases, these ISO files have been split 🪓 into 2GB chunks and can be reassembled with scripts provided for both Bash 🐧 (release_cleaver.sh) and PowerShell 🪟 (release_cleaver.ps1). See Downloading Malcolm - Installer ISOs for instructions.
As always, join us on the Malcolm discussions board 💬 to engage with the community, or pop some corn 🍿 and watch a video 📼.
#Malcolm #HedgehogLinux #Zeek #Arkime #Strelka #NetBox #OpenSearch #Elasticsearch #Suricata #PCAP #NetworkTrafficAnalysis #networksecuritymonitoring #OT #ICS #icssecurity #CyberSecurity #Cyber #Infosec #INL
Overview
- gitpython-developers
- GitPython
Description
Statistics
- 1 Post
- 3 Interactions
Fediverse
Malcolm v26.05.1 is out?!? What, already? Déjà vu? We bumped up to the timetable on this release as a critical vulnerability found in NGINX made it expedient for us to do so.
Malcolm v26.05.1 focuses heavily on security updates, most notably upgrading OpenResty to address a critical NGINX remote code execution heap buffer overflow vulnerability. It also adds new Suricata OT detections for D-Link HNAP abuse, improves alerting webhook support, introduces the File Tree dashboard, and includes Suricata parsing/mapping fixes and documentation updates. Several other components received version bumps as well.
If you are upgrading from an existing Malcolm installation, run ./scripts/status for Malcolm to migrate some settings prior to running ./scripts/configure, ./scripts/start, or other Malcolm control scripts.
https://github.com/idaholab/Malcolm/compare/v26.05.0...v26.05.1
- ✨ Features and enhancements
- Improvements to alerting loopback webhook API endpoint (#971) (see also this discussion)
- Add Suricata OT rules for D-Link HNAP abuse detection (#969) (Suricata detection for GHSA-m69q-2cfc-q63c / CVE-2026-8260; thanks @sercanokur)
- Added the File Tree visualization dashboard which presents a hierarchical breakdown of files observed in network traffic, particularly with regards to archived files such as ZIP files or tarballs, allowing parent/child relationships between nested files to be explored. (thanks @sbhiens25)
- ✅ Component version updates
- Filebeat to v9.4.1
- Fluent Bit to v5.0.5
- GitPython to v3.1.50 to address high vulnerabilities CVE-2026-44244, CVE-2026-44243, and CVE-2026-42284
- Logstash to v9.4.1
- NetBox to v4.5.x (#955)
- This is a major NetBox release, up from v4.4.10. It's recommended that you back up your NetBox database before upgrading.
- these NetBox plugins were also updated:
- netbox-initializers to v4.5.1
- netbox-topology-views to v4.5.1
- Device-Type-Library-Import switched to marcinpsk/Device-Type-Library-Import fork
- thanks to @boscard in this discussion for some tips on running NetBox docker on a base path.
- OpenResty to v1.29.2.4, which, in addition to other fixes and changes, addresses the following CVEs
- critical: RCE heap buffer overflow vulnerability in NGINX CVE-2026-42945 (#976)
- high: Buffer overflow in ngx_http_dav_module CVE-2026-27654
- high: Buffer overflow in the ngx_http_mp4_module CVE-2026-27784
- high: Buffer overflow in the ngx_http_mp4_module CVE-2026-32647
- high: NULL pointer dereference while using CRAM-MD5 or APOP CVE-2026-27651
- medium: Injection in auth_http and XCLIENT CVE-2026-28753
- medium: OCSP result bypass in stream CVE-2026-28755
- high: SSL upstream injection CVE-2026-1642
- urllib3 to v2.7.0 to address high vulnerabilities CVE-2026-44431 and CVE-2026-44432
- 🐛 Bug fixes
- Reference Counting (Use-After-Free) Bug for PyList_SetItem in
filescan's python-statfs (#960 #962) - Added a few missing Suricata fields (
suricata.tc_progress,suricata.ts_progress,suricata.tunnel.pcap_cnt,suricata.tunnel.pkt_src) to the index mapping template - When
suricata.app_proto_tsand/orsuricata.app_proto_tcreported that protocol parsing had failed (due to malformed input data), invalid data could be stored in HTTP, DNS, and/or TLS fields. This is now detected and those invalid values are dropped, and some combination ofproto_parse_failed,client_stream_failed, orserver_stream_failedare added totags. - Suricata's HTTP version was not being normalized to
network.protocol_version.
- Reference Counting (Use-After-Free) Bug for PyList_SetItem in
- 🧹 Code and project maintenance
- Added Malcolm Dashboard Reference to documentation
- Completely rewrote Upgrading Malcolm in documentation
- Updated links to protocols page in documentation for new Arkime protocol support (thanks @awick)
Malcolm is a powerful, easily deployable network 🖧 traffic analysis tool suite for network security monitoring 🕵🏻♀️.
Malcolm operates as a cluster of containers 📦, isolated sandboxes which each serve a dedicated function of the system. This makes Malcolm deployable with frameworks like Docker 🐋, Podman 🦭, and Kubernetes ⎈. Check out the Quick Start guide for examples on how to get up and running.
Alternatively, dedicated official ISO installer images 💿 for Malcolm and Hedgehog Linux 🦔 can be downloaded from Malcolm's releases page on GitHub. Due to limits on individual files in GitHub releases, these ISO files have been split 🪓 into 2GB chunks and can be reassembled with scripts provided for both Bash 🐧 (release_cleaver.sh) and PowerShell 🪟 (release_cleaver.ps1). See Downloading Malcolm - Installer ISOs for instructions.
As always, join us on the Malcolm discussions board 💬 to engage with the community, or pop some corn 🍿 and watch a video 📼.
#Malcolm #HedgehogLinux #Zeek #Arkime #Strelka #NetBox #OpenSearch #Elasticsearch #Suricata #PCAP #NetworkTrafficAnalysis #networksecuritymonitoring #OT #ICS #icssecurity #CyberSecurity #Cyber #Infosec #INL