Seth Grover
@guero.org
Husband. Girldad. Xenial. Church of Jesus Christ of Latter-day Saints. Software dev in cyber R&D at INL. Geek/homelabber. Sporadic guitarist/songwriter. Lover of sci-fi, horror and weird fiction. Outdoorsman: archery, shooting, hunting, fishing, hiking
Pinned
Seth Grover
@guero.org
· Nov 18
Personal: Married to my high school sweetheart. Father of 4 girls. Our pack also includes one sweet yellow lab named Peach and a tuxedo cat named Jarnathan Thaddeus Toad. Active member of the Church of Jesus Christ of Latter-day Saints. También hablo español.
#Malcolm (malcolm.fyi) v25.09 features 🧠 threat intel improvements, new ⚙️ config options, 🆙 component updates, 🐛 fixes, more! Details @ github.com/idaholab/Malcolm/releases. Malcolm is a powerful tool suite for NSM 🕵🏻♂️. #Zeek #Arkime #NetBox #Suricata #NetworkTrafficAnalysis #networksecuritymonitoring
Malcolm
A powerful, easily deployable network traffic analysis tool suite for network security monitoring
malcolm.fyi
September 24, 2025 at 10:53 PM
#Malcolm (malcolm.fyi) v25.09 features 🧠 threat intel improvements, new ⚙️ config options, 🆙 component updates, 🐛 fixes, more! Details @ github.com/idaholab/Malcolm/releases. Malcolm is a powerful tool suite for NSM 🕵🏻♂️. #Zeek #Arkime #NetBox #Suricata #NetworkTrafficAnalysis #networksecuritymonitoring
Check out our #Malcolm blog post on the #AWS Public Sector Blog: aws.amazon.com/blogs/public...! It's the first of two blog posts on deploying Malcolm on AWS (malcolm.fyi/docs/aws.html). Once you've read it, check out the discussion on GitHub at github.com/cisagov/Malc....
Building a network traffic analysis system: Deploying Malcolm on Amazon EC2 | Amazon Web Services
In this post, we provide step-by-step guidance for deploying Malcolm—an open source network traffic analysis suite—natively on Amazon Elastic Compute Cloud (Amazon EC2), using the on-demand compute, e...
aws.amazon.com
August 12, 2025 at 7:38 PM
Check out our #Malcolm blog post on the #AWS Public Sector Blog: aws.amazon.com/blogs/public...! It's the first of two blog posts on deploying Malcolm on AWS (malcolm.fyi/docs/aws.html). Once you've read it, check out the discussion on GitHub at github.com/cisagov/Malc....
My team develops #Zeek network analyzers (github.com/cisagov/icsnpp) for #OT protocols. If you know this area, you know one of the hardest things is getting sample data. If you have traffic available for any of the more niche protocols on that list & are willing to share #PCAP, please reach out.
GitHub - cisagov/ICSNPP: Industrial Control Systems Network Protocol Parsers
Industrial Control Systems Network Protocol Parsers - cisagov/ICSNPP
github.com
July 30, 2025 at 9:22 PM
My team develops #Zeek network analyzers (github.com/cisagov/icsnpp) for #OT protocols. If you know this area, you know one of the hardest things is getting sample data. If you have traffic available for any of the more niche protocols on that list & are willing to share #PCAP, please reach out.
Hey, y'all, if you use #Zeek (zeek.org), would you please take 10 minutes to fill out the Zeek Project Survey 2025 at zeek.org/survey? Let the Zeek team know how you feel about the project and help shape its direction moving forward. #PCAP #NetworkTrafficAnalysis #networksecuritymonitoring
Zeek Project Survey 2025
Thank you for sharing your experience with Zeek! This brief survey will take no more than 10 minutes to complete and will help us improve the tools, support, and community that make Zeek great.
In thi...
zeek.org
June 30, 2025 at 2:56 PM
Hey, y'all, if you use #Zeek (zeek.org), would you please take 10 minutes to fill out the Zeek Project Survey 2025 at zeek.org/survey? Let the Zeek team know how you feel about the project and help shape its direction moving forward. #PCAP #NetworkTrafficAnalysis #networksecuritymonitoring
#Malcolm (malcolm.fyi) v25.06.0 features 🔐 #rbac, other ✨ improvements, 🆙 component version updates, 🐛 bug fixes, & more. Details @ github.com/idaholab/Malcolm/releases. Malcolm is a powerful tool suite for NSM 🕵🏻♂️. #Zeek #Arkime #NetBox #Suricata #NetworkTrafficAnalysis #networksecuritymonitoring
June 23, 2025 at 4:42 PM
#Malcolm (malcolm.fyi) v25.06.0 features 🔐 #rbac, other ✨ improvements, 🆙 component version updates, 🐛 bug fixes, & more. Details @ github.com/idaholab/Malcolm/releases. Malcolm is a powerful tool suite for NSM 🕵🏻♂️. #Zeek #Arkime #NetBox #Suricata #NetworkTrafficAnalysis #networksecuritymonitoring
#Malcolm (malcolm.fyi) v25.04.1 contains a bevy of ✨ improvements, 🆙 component version updates, 🐛 bug fixes, and other great stuff. 👁 github.com/idaholab/Mal... for details! Malcolm is a powerful tool suite for NSM 🕵🏻♂️. #Zeek #Arkime #NetBox #Suricata #NetworkTrafficAnalysis #networksecuritymonitoring
Malcolm
A powerful, easily deployable network traffic analysis tool suite for network security monitoring
malcolm.fyi
May 6, 2025 at 7:53 PM
#Malcolm (malcolm.fyi) v25.04.1 contains a bevy of ✨ improvements, 🆙 component version updates, 🐛 bug fixes, and other great stuff. 👁 github.com/idaholab/Mal... for details! Malcolm is a powerful tool suite for NSM 🕵🏻♂️. #Zeek #Arkime #NetBox #Suricata #NetworkTrafficAnalysis #networksecuritymonitoring
#Malcolm (malcolm.fyi) v25.03.0 brings 🔐 auth via #Keycloak and with it #SSO, identity providers, and more! See the release notes github.com/cisagov/Malc... for more info! Malcolm is a powerful tool suite for NSM. #Zeek #Arkime #NetBox #Suricata #NetworkTrafficAnalysis #networksecuritymonitoring
March 19, 2025 at 2:27 PM
#Malcolm (malcolm.fyi) v25.03.0 brings 🔐 auth via #Keycloak and with it #SSO, identity providers, and more! See the release notes github.com/cisagov/Malc... for more info! Malcolm is a powerful tool suite for NSM. #Zeek #Arkime #NetBox #Suricata #NetworkTrafficAnalysis #networksecuritymonitoring
Malcolm v25.02.0 is out! See the release notes for details!
malcolm.fyi
github.com/cisagov/Malc...
#Malcolm #HedgehogLinux #Zeek #Arkime #NetBox #OpenSearch #Elasticsearch #Suricata #PCAP #NetworkTrafficAnalysis #networksecuritymonitoring #OT #ICS #icssecurity #CyberSecurity #Cyber #Infosec
malcolm.fyi
github.com/cisagov/Malc...
#Malcolm #HedgehogLinux #Zeek #Arkime #NetBox #OpenSearch #Elasticsearch #Suricata #PCAP #NetworkTrafficAnalysis #networksecuritymonitoring #OT #ICS #icssecurity #CyberSecurity #Cyber #Infosec
Malcolm
A powerful, easily deployable network traffic analysis tool suite for network security monitoring
malcolm.fyi
February 27, 2025 at 10:37 PM
Malcolm v25.02.0 is out! See the release notes for details!
malcolm.fyi
github.com/cisagov/Malc...
#Malcolm #HedgehogLinux #Zeek #Arkime #NetBox #OpenSearch #Elasticsearch #Suricata #PCAP #NetworkTrafficAnalysis #networksecuritymonitoring #OT #ICS #icssecurity #CyberSecurity #Cyber #Infosec
malcolm.fyi
github.com/cisagov/Malc...
#Malcolm #HedgehogLinux #Zeek #Arkime #NetBox #OpenSearch #Elasticsearch #Suricata #PCAP #NetworkTrafficAnalysis #networksecuritymonitoring #OT #ICS #icssecurity #CyberSecurity #Cyber #Infosec
Reposted by Seth Grover
seen in newark, new jersey
🔥
🔥
February 23, 2025 at 6:21 PM
seen in newark, new jersey
🔥
🔥
1/4 I don't like to compartmentalize my life, so if you're following me you're going to see some of its various facets. This one's about religion: if that's not your thing I respect that, and hope you can scroll on without hard feelings.
February 21, 2025 at 11:40 PM
1/4 I don't like to compartmentalize my life, so if you're following me you're going to see some of its various facets. This one's about religion: if that's not your thing I respect that, and hope you can scroll on without hard feelings.
I'm doing a #parents night at a local elementary school about helping #kids stay safe online. Here's my handout with my proposed talking points. Any advice/suggestions/something I'm missing? #parenting #onlinesafety #esafety #socialmedia
February 19, 2025 at 12:26 AM
I'm doing a #parents night at a local elementary school about helping #kids stay safe online. Here's my handout with my proposed talking points. Any advice/suggestions/something I'm missing? #parenting #onlinesafety #esafety #socialmedia
We're joining with #Netbox Labs on Feb 25 @ 11 AM EST for "Managing #NetworkSecurity Threats In #CriticalInfrastructure With NetBox & #Zeek in #Malcolm."
You can watch this overview (youtu.be/c__mZAGXmk0) if you want a bit of context before the webinar.
Register at netboxlabs.com/events/webin....
You can watch this overview (youtu.be/c__mZAGXmk0) if you want a bit of context before the webinar.
Register at netboxlabs.com/events/webin....
Webinar: Managing Network Security Threats In Critical Infrastructure With NetBox & Zeek in Malcolm - NetBox Labs
Join CISA, INL, Corelight, and NetBox Labs for a webinar on Malcolm—an open-source tool using Zeek and NetBox to enhance OT network security. Live demo included.
netboxlabs.com
February 18, 2025 at 8:02 PM
We're joining with #Netbox Labs on Feb 25 @ 11 AM EST for "Managing #NetworkSecurity Threats In #CriticalInfrastructure With NetBox & #Zeek in #Malcolm."
You can watch this overview (youtu.be/c__mZAGXmk0) if you want a bit of context before the webinar.
Register at netboxlabs.com/events/webin....
You can watch this overview (youtu.be/c__mZAGXmk0) if you want a bit of context before the webinar.
Register at netboxlabs.com/events/webin....
Reposted by Seth Grover
A group of uncleared, unvetted, civilians have gained access to all of my federal records including military personnel, retirement and disability. They are reportedly feeding them into AI. I want them arrested and charged with federal crimes.
Right fucking now!
How is this even a discussion?
Right fucking now!
How is this even a discussion?
February 3, 2025 at 2:48 PM
A group of uncleared, unvetted, civilians have gained access to all of my federal records including military personnel, retirement and disability. They are reportedly feeding them into AI. I want them arrested and charged with federal crimes.
Right fucking now!
How is this even a discussion?
Right fucking now!
How is this even a discussion?
Malcolm v25.01.0 is out! See the release notes for details!
malcolm.fyi
github.com/cisagov/Malc...
#Malcolm #HedgehogLinux #Zeek #Arkime #NetBox #OpenSearch #Elasticsearch #Suricata #PCAP #NetworkTrafficAnalysis #networksecuritymonitoring #OT #ICS #icssecurity #CyberSecurity #Cyber #Infosec
malcolm.fyi
github.com/cisagov/Malc...
#Malcolm #HedgehogLinux #Zeek #Arkime #NetBox #OpenSearch #Elasticsearch #Suricata #PCAP #NetworkTrafficAnalysis #networksecuritymonitoring #OT #ICS #icssecurity #CyberSecurity #Cyber #Infosec
Malcolm
A powerful, easily deployable network traffic analysis tool suite for network security monitoring
malcolm.fyi
January 17, 2025 at 10:13 PM
Malcolm v25.01.0 is out! See the release notes for details!
malcolm.fyi
github.com/cisagov/Malc...
#Malcolm #HedgehogLinux #Zeek #Arkime #NetBox #OpenSearch #Elasticsearch #Suricata #PCAP #NetworkTrafficAnalysis #networksecuritymonitoring #OT #ICS #icssecurity #CyberSecurity #Cyber #Infosec
malcolm.fyi
github.com/cisagov/Malc...
#Malcolm #HedgehogLinux #Zeek #Arkime #NetBox #OpenSearch #Elasticsearch #Suricata #PCAP #NetworkTrafficAnalysis #networksecuritymonitoring #OT #ICS #icssecurity #CyberSecurity #Cyber #Infosec
Malcolm (malcolm.fyi) v24.12.0 is out (github.com/cisagov/Malc...), with ✨enhancements, ✅component updates, and 🐛bug fixes. See the release notes for details. #Malcolm #HedgehogLinux #Zeek #Arkime #NetBox #Suricata #PCAP #NetworkTrafficAnalysis #networksecuritymonitoring #OT #ICS #CyberSecurity
December 19, 2024 at 4:18 PM
Malcolm (malcolm.fyi) v24.12.0 is out (github.com/cisagov/Malc...), with ✨enhancements, ✅component updates, and 🐛bug fixes. See the release notes for details. #Malcolm #HedgehogLinux #Zeek #Arkime #NetBox #Suricata #PCAP #NetworkTrafficAnalysis #networksecuritymonitoring #OT #ICS #CyberSecurity
Reposted by Seth Grover
December 16, 2024 at 12:15 AM
Merry Christmas and Happy Holidays from ours to yours.
#MerryChristmas #HappyHolidays #ChristmasCard #ThreeWolfMoon #Family #Christmas #pets
#MerryChristmas #HappyHolidays #ChristmasCard #ThreeWolfMoon #Family #Christmas #pets
December 11, 2024 at 9:13 PM
Merry Christmas and Happy Holidays from ours to yours.
#MerryChristmas #HappyHolidays #ChristmasCard #ThreeWolfMoon #Family #Christmas #pets
#MerryChristmas #HappyHolidays #ChristmasCard #ThreeWolfMoon #Family #Christmas #pets
Reposted by Seth Grover
Join us today (Wed, 11th of December) at 10am Pacific time for our next webinar.
@guero.org
will talk about Zeek File Extraction and Automating Malware Analysis.
Sign up at us06web.zoom.us/webinar/regi...
@guero.org
will talk about Zeek File Extraction and Automating Malware Analysis.
Sign up at us06web.zoom.us/webinar/regi...
Welcome! You are invited to join a webinar: Zeek Webinar - Zeek File Extraction and Automating Malware Analysis. After registering, you will receive a confirmation email about joining the webinar.
Speaker: Seth Grover, Idaho National Lab representing DHS CISA
Zeek’s file analysis framework allows files transferred in observed network traffic to be extracted to disk, but what next? This present...
us06web.zoom.us
December 11, 2024 at 7:59 AM
Join us today (Wed, 11th of December) at 10am Pacific time for our next webinar.
@guero.org
will talk about Zeek File Extraction and Automating Malware Analysis.
Sign up at us06web.zoom.us/webinar/regi...
@guero.org
will talk about Zeek File Extraction and Automating Malware Analysis.
Sign up at us06web.zoom.us/webinar/regi...
Our old (11) #dog Peach and our young (< 2) #cat Toad are such good partners. In the winter, Peach gets to sleep in the shop under a heat lamp on the couch, and Toad is a faithful companion every night. It warms my heart. #catsanddogs #pets
December 7, 2024 at 5:32 PM
Our old (11) #dog Peach and our young (< 2) #cat Toad are such good partners. In the winter, Peach gets to sleep in the shop under a heat lamp on the couch, and Toad is a faithful companion every night. It warms my heart. #catsanddogs #pets
Reposted by Seth Grover
Join us next Wednesday at 10am Pacific time for our next webinar.
@guero.org will talk about Zeek File Extraction and Automating Malware Analysis.
Sign up at us06web.zoom.us/webinar/regi... or at zeek.org/events/webin...
@guero.org will talk about Zeek File Extraction and Automating Malware Analysis.
Sign up at us06web.zoom.us/webinar/regi... or at zeek.org/events/webin...
Welcome! You are invited to join a webinar: Zeek Webinar - Zeek File Extraction and Automating Malware Analysis. After registering, you will receive a confirmation email about joining the webinar.
Speaker: Seth Grover, Idaho National Lab representing DHS CISA
Zeek’s file analysis framework allows files transferred in observed network traffic to be extracted to disk, but what next? This present...
us06web.zoom.us
December 6, 2024 at 7:10 PM
Join us next Wednesday at 10am Pacific time for our next webinar.
@guero.org will talk about Zeek File Extraction and Automating Malware Analysis.
Sign up at us06web.zoom.us/webinar/regi... or at zeek.org/events/webin...
@guero.org will talk about Zeek File Extraction and Automating Malware Analysis.
Sign up at us06web.zoom.us/webinar/regi... or at zeek.org/events/webin...
So I'm a 42/yo man who is going to be going to #therapy for the first time next week. I've been on meds (effexor xr 150mg) for a number of years for #depression and #anxiety but lately it's just not cutting it vis-a-vis prevailing feelings of worthlessness and dread. /1
November 22, 2024 at 4:07 PM
So I'm a 42/yo man who is going to be going to #therapy for the first time next week. I've been on meds (effexor xr 150mg) for a number of years for #depression and #anxiety but lately it's just not cutting it vis-a-vis prevailing feelings of worthlessness and dread. /1
Reposted by Seth Grover
The next Zeek Webinar just started. The topic is Parsnip: Lowering the Barrier of Entry for Parser Development, with Melanie Pierce from Idahp National Laboratory.
Join us at www.youtube.com/watch?v=9Y0l...
Join us at www.youtube.com/watch?v=9Y0l...
Zeek Webinar - Parsnip: Lowering the Barrier of Entry for Parser Development
YouTube video by Zeek
www.youtube.com
November 20, 2024 at 6:09 PM
The next Zeek Webinar just started. The topic is Parsnip: Lowering the Barrier of Entry for Parser Development, with Melanie Pierce from Idahp National Laboratory.
Join us at www.youtube.com/watch?v=9Y0l...
Join us at www.youtube.com/watch?v=9Y0l...
Reposted by Seth Grover
We will host another Zeek webinar, Parsnip: Lowering the Barrier of Entry for Parser Development, by Melanie Pierce, on Wednesday 20 November at 1 pm ET. Register for free here:
us06web.zoom.us/webinar/regi...
us06web.zoom.us/webinar/regi...
November 18, 2024 at 6:07 PM
We will host another Zeek webinar, Parsnip: Lowering the Barrier of Entry for Parser Development, by Melanie Pierce, on Wednesday 20 November at 1 pm ET. Register for free here:
us06web.zoom.us/webinar/regi...
us06web.zoom.us/webinar/regi...
Reposted by Seth Grover
My friend Melanie Pierce is presenting a Zeek webinar tomorrow at 10am PST on Parsnip a project she's a lead on here at #inl. If you're interested in #zeek and #parser development, please hop on!
November 19, 2024 at 9:04 PM
My friend Melanie Pierce is presenting a Zeek webinar tomorrow at 10am PST on Parsnip a project she's a lead on here at #inl. If you're interested in #zeek and #parser development, please hop on!
I just released v24.11.0 of #Malcolm (malcolm.fyi), a powerful, easily deployable network traffic analysis tool suite for #NSM. See github.com/cisagov/Malc... for details.
#opensource #HedgehogLinux #Zeek #Arkime #Suricata #PCAP #CyberSecurity #Cyber #Infosec #INL #DHS #CISA #CISAgov
#opensource #HedgehogLinux #Zeek #Arkime #Suricata #PCAP #CyberSecurity #Cyber #Infosec #INL #DHS #CISA #CISAgov
November 18, 2024 at 7:29 PM
I just released v24.11.0 of #Malcolm (malcolm.fyi), a powerful, easily deployable network traffic analysis tool suite for #NSM. See github.com/cisagov/Malc... for details.
#opensource #HedgehogLinux #Zeek #Arkime #Suricata #PCAP #CyberSecurity #Cyber #Infosec #INL #DHS #CISA #CISAgov
#opensource #HedgehogLinux #Zeek #Arkime #Suricata #PCAP #CyberSecurity #Cyber #Infosec #INL #DHS #CISA #CISAgov