Monday, May 23, 2016

Reminder: BroCon ’16 CFP ends Friday June 3rd

Interested in presenting at BroCon ’16 this year? Our call for presentations ends Friday, June 3rd.

We are looking for talks to represent the many applications of Bro. Suitable topics include, but are not limited to:
  • as a tool for solving problems;
  • interesting user stories, solutions, or research projects;
  • a postmortem analysis of a security incident, emphasizing Bro’s contribution;
  • the value Bro brings to your professional work;
  • and, using Bro for more than intrusion detection.
Criteria for evaluating proposals include whether the topic is applicable to multiple types of organizations, gives people ideas to take home and use, can be understood by a broad audience, or is novel to many in the audience. Scrolling through our YouTube Channel may provide some insight into the types of presentations we wish to feature. Plan on limiting your talk to 30-35 minutes with an additional 10 minutes for questions/comments.

Send abstracts (max 500 words) to:
Subject: BroCon 2016 Call for Presentations
Submission due date: Friday, June 3rd
Target date for announcing speakers: Friday July 1st

Proposals are selected by the Bro Leadership Team:
  • Seth Hall, International Computer Science Institute
  • Keith Lehigh, Indiana University
  • Vern Paxson, University of California at Berkeley / International Computer Science Institute
  • Michal Purzynski, Mozilla Foundation
  • Aashish Sharma, Lawrence Berkeley Lab
  • Adam Slagell, National Center for Supercomputing Applications
  • Robin Sommer, International Computer Science Institute

Tuesday, May 17, 2016

Talk to us! - The Bro team's communication channels

Talk to us! - The Bro team's communication channels

Bro is now more than 20 years old. The community has grown in size and diversity. In response we made some changes to the ways the Bro community can communicate with us.


We are currently testing Gitter, a chat system designed for developers. Please join the Bro channel. You can browse to it at, download the native apps, or connect via IRC. Currently, we have a Bro room and Broker room. We're looking forward to seeing you there! The test will go on for a couple more weeks. Please give feedback in Gitter or to about this.


Our IRC channel #bro on Freenode is the well established chat where many people of the community as well as some Bro developers will answer questions.

The Bro Mailing Lists

We also will continue to maintain our mailing lists. The most important ones are,, and is our general user mailing list. If you prefer mail over chat, this should be your first address whenever you get stuck using Bro or want to understand something. Experienced Bro users and members of Bro's developer team answer on this list. is a low traffic mailing list used to announce Bro events, code releases, and other important news. is the mailing list you should subscribe to if you want to follow or participate in discussions on Bro's future from a developer perspective. On this list we discuss design and feature decisions, and also how to resolve problems and bugs. We recently moved automated mails from our ticket system away from this list to reduce the noise. The immediate effect was an increase in productive discussions.


Our Twitter channel is @Bro_IDS. This is our channel for quick and short news, too small for bro-announce or a blog post.

Bro Community and other ways to reach us

More options to listen or talk to us are listed on our Community page.
If you need to talk to us in private about logistics, donation offers, or other special requests, you can write to

A little reminder and request to the community: As an open source project the Bro team tries to help wherever possible with using and developing Bro. Please send technical questions to one of the mailing lists, though; not to That way the broader Bro community gets a chance to chime in as well, and everybody will benefit from any responses.

The Bro User Community

We want to take this opportunity to thank all our users and contributors! Please keep talking to us.

Friday, January 29, 2016

BroCon ’16: Sept. 13th - 15th in Austin, TX

We are happy to announce that BroCon ’16 will occur on Tuesday, September 13th - Thursday, September 15th at the Texas Advanced Computing Center in Austin, Texas.

See our event page:

Early bird registration is open! CFP is open!

Interested in sponsoring BroCon? Contact us at for more information.

Thank you for your continued support, and see you in September!

The Bro Project

Tuesday, January 19, 2016

Bro training at Educause Security Professionals Conference, April 18th

The Bro Team is presenting a training at the 2016 Educause Security Professionals Conference on Monday April 18th in Seattle, Washington. Our topic is "Monitoring Your Science DMZ with Bro."

The Science DMZ architecture is spreading throughout higher ed, with both the National Science Foundation and ESNet promoting this more open model to campus cyberinfrastructure providers. NSF has invested in building 10G and 100G research networks to meet the growing demands of the nation's scientists and engineers, but this brings challenges to many traditional ways of securing campus infrastructure. Bro has a successful track record protecting some of the most demanding networks in the country, and it comes well prepared to address the security challenges of bringing data and compute resources outside the firewall for performance. The NSF Bro Center of Expertise is hosting a one-day Bro training workshop aimed at higher ed operators of cyberinfrastructure. This hands-on training will demonstrate Bro's capabilities, teach you how to set up and configure Bro, discuss strategies for deployment on high-speed networks, and present opportunities for further individual assistance from the center.

  • Understand the purpose of Bro and its features
  • Learn how to install Bro with suggested configuration modifications (e.g., load balancing, pinning workers)
  • Learn how to seek assistance from the Bro Center of Expertise

Event link:

Bro Abstract:

Thursday, December 17, 2015

A New Bro Tutorial: Happy Holidays from the Bro Team

New Bro Tutorial

We are happy to announce our special present to the Bro Community: Our new interactive Bro Tutorial.

Based on this tutorial leads you step by step through the Bro Script Language and allows you to interactively run and change all examples. The first lesson is complete, more lessons are in the works.

Feedback and questions are more than welcome at

We hope you enjoy our new little helper and wish you Happy Holidays.

Your Bro Team

Friday, December 11, 2015

Broker & CAF: An Interview with the Developers

With Broker as our new communication middle-layer, we set the foundation for more open and distributed deployments of Bro. Broker is the successor of Broccoli, with much more emphasis on asynchronous, distributed communication. Over the past decade, we learned that scaling network monitoring fundamentally requires load balancing. Bro cluster deployments are becoming mainstream, and Broker lays the foundation to harness them effectively.

Internally, Broker leverages CAF, the C++ Actor Framework, which lifts the actor model to modern C++ environments. We foster a close collaboration with the CAF developers, who have been very responsive and helpful so far. Recently, the team reached out to us for an interview, which you can find at their blog:

Stay tuned for more Broker-related updates in the future.

Thursday, December 10, 2015

Bro Receives $200K Grant from Mozilla

The Mozilla Open Source Support (MOSS) program has awarded the Bro Project a $200,000 grant to develop the Comprehensive Bro Archive Network (CBAN), a public repository for sharing 3rd-party scripts and plug-ins.

CBAN has been a proposed project for some time but requires more time and resources than we were able to dedicate to its development. This grant will allow us to acquire the people and hardware needed without sidetracking Bro's core development.

For members the community, CBAN solves the key challenge of helping people extend Bro beyond our provided scripts. Users will be able to easily share scripts, up-vote the best ones, and possibly have their scripts incorporated into Bro. Our hope is for CBAN to grow into a substantial repository, curated by the Bro community and its development team.

To learn more about the award and the other recipients, see Mozilla's blog post.

We thank the Mozilla Open Source Support program for its support.