Tuesday, January 22, 2019

Time for a change

To the Snort community,

It’s been 20 years since that fateful December night when I sent the first release of Snort over to Ken Williams at PacketStorm.  It was my first attempt at working on an open source project and another step for me in the process of learning about security tools, their application and the reasons they work and don’t work.  Almost exactly two years later, Snort was something of a phenomenon and I decided to try to make it my day job by founding Sourcefire and “going pro.”  Here we are now, 20 years down the road with over 100 releases of Snort under our belt — the global standard for describing and detecting network-based threats. 

In 2013, Sourcefire was acquired by Cisco, and Snort became the foundation for Cisco’s core NGFW and NGIPS products. Last year, Snort 3 entered beta, and the integration work is underway by our NGFW team to make it the future of Cisco’s platform.

This has been an amazing journey and I can’t help but be proud of everything that has been accomplished and all the people who made it happen, both within the organization that I serve as well as from the open source community that grew up around Snort.  After Sourcefire was acquired by Cisco, I stepped into the Chief Architect role for the Security Business Group and worked on the technology strategy and design for the company’s security portfolio and evangelized our approach to the world. 

Now, after five years with Cisco, it’s time for me to move on to the next adventure and also move from being on the team the behind Snort to the user community that surrounds it. 

Taking this big step away from Snort doesn’t worry me because I know that we’ve built not just world-class technology, but also a world-class team here at Cisco and still, even after all this time, one of the best security communities in the world.  I expect that will continue with me over *here* instead of over *there,* if you take my meaning. 

Snort’s in great hands at Cisco with a team that’s committed to open source and big plans for the future of the technology. Russ Combs, who has written a vast majority of the code for Snort 3 (it’s awesome, check it out — we need beta feedback!), will remain as the lead developer. Joel Esler will continue as Community Manager and maintain the bridge between the team and the open source community.

I’ll be blogging periodically on Medium as I move on to my next adventure. If you’re interested, my inaugural post to talk a little more about the journey so far is available here.

Thanks to all of you for everything that you have done to help make my little “rainy days and weekends” obsession into what it has become. This entire journey has been an amazing testament to the power of the open source methodology of software developed for and by communities to innovate and drive technology that everyone wants to use. Without this passionate, engaged community I know that Snort would have been nothing. Again, thank you all so much!

January 2019