Re: New Project?
Hi - To me you have two parts. One fits Apache and the other would need to be outside. (1) Open Source Software which is the library, service and CLI tools. This is something that an Apache Community could grow around and be governed in the Apache Way. This part can be incubated. (2) Open Data. Justin refers to Kibble and Pony Mail which are incubating projects around consuming Apache Community data mostly. I would point out that you could host the data portion of your community elsewhere by some community members or others outside of Apache PMCs. Here is a real example. Apache Tika, PDFBox and POI PMCs all share a set of regression test documents (https://openpreservation.org/blog/2016/10/04/apache-tikas-regression-corpus-tika-1302/) and a community member Dominik Stadler (https://github.com/centic9/CommonCrawlDocumentDownload) that are retrieved from Common Crawl (http://commoncrawl.org) which uses the AWS Public Dataset Program (https://aws.amazon.com/opendata/public-datasets/) Regards, Dave > On Jul 2, 2019, at 1:59 PM, Alejandro Caceres > wrote: > > Hi Matt, > > Thanks for the response. You are sort of correct, I would say the end goal > is a service - an open source engine that is able to grab and ingest this > highly unstructured security information and turn it into something useful > - then provide that back to the user in a few different forms. One would be > a web services API for general use exposed to the Internet (a service, like > you said), and another would be a series of command line tools and > libraries that others can use to ingest this information easily. the third > goal would be: not only is the code open source, but all data used in the > application is available itself, so this could easily be used to run a > personal node of this information for an organization, scylla.sh is simply > my instance that I expose to the Internet at large for those that don't > want to run a "full node". If that is more palatable to the ASF I'm glad to > make that the focus. In other words: I'm not married to any model here. > > I knew coming in that it's a bit unconventional for Apache, but, I think, > it is a unique and powerful project that would increase engagement from the > infosec community in which I personally, as well as my R&D company have > some good visibility from. In other words, just testing the waters to see > how this is received by ASF :). > > Alex > > > On Tue, Jul 2, 2019 at 3:44 PM Matt Sicker wrote: > >> I'm a little unclear about the scope of the project here. This project >> looks more like a service, and I don't know of any ASF projects that >> exist to provide services outside the ASF. >> >> On Tue, 2 Jul 2019 at 14:28, Alejandro Caceres >> wrote: >>> >>> Hey Folks, >>> >>> I'm interested in submitting a project as a seedling and am looking >> exactly >>> where to start. The project is already off the ground, being used by >> many, >>> is stable, reasonably mature (it's in alpha release), open source, and >>> already Apache licensed. I've been looking at a lot of resources to how >>> best to submit this to Apache and from what I understand I need to: >>> >>> Find a "champion/mentor" for the project and a "sponsor" -> submit an >>> incubator application -> wait (or do i submit for a vote on general@?) >> -> >>> ... -> profit :) >>> >>> For a bit more context, my project is http://scylla.sh or >>> https://github.com/acaceres2176/scylla. This project aggregates and >> makes >>> searchable database leaks and other information security data that is >> easy >>> for attackers to find (they have blackhat and underground resources) but >>> difficult for security professionals trying to defend their network (they >>> cannot buy stolen data, are not plugged into the blackhat hacker >> community, >>> and frankly generally don't know "where to start"). The Scylla engine >> aims >>> to even the playing field by making this data available and completely >> free >>> for everyone. The feed is meant to power threat intelligence engines to >> aid >>> in the defense of both large corporate networks, but also be accessible >> to >>> an average user who wants to check what information of theirs has been >>> leaked. It's a passion project of mine and have been working on it for >>> several months already. We have several terabytes of data and good >>> attention from the infosec community. >>> >>> Anyway, sorry for the brain dump above, but I suppose I should mainly >> ask - >>> where do I go from here? Do I simply ask this mailing list if there is a >>> sponsor and champion willing to bring this in as a podling? >>> >>> Thanks! >>> Alex >>> >>> >>> >>> -- >>> ___ >>> >>> Alejandro Caceres >>> Hyperion Gray, LLC >>> Owner/CTO >> >> >> >> -- >> Matt Sicker >> >> - >> To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org >> For additional commands, e-mail: general-h...@incubator.
Re: New Project?
I'm a little unclear about the scope of the project here. This project looks more like a service, and I don't know of any ASF projects that exist to provide services outside the ASF. On Tue, 2 Jul 2019 at 14:28, Alejandro Caceres wrote: > > Hey Folks, > > I'm interested in submitting a project as a seedling and am looking exactly > where to start. The project is already off the ground, being used by many, > is stable, reasonably mature (it's in alpha release), open source, and > already Apache licensed. I've been looking at a lot of resources to how > best to submit this to Apache and from what I understand I need to: > > Find a "champion/mentor" for the project and a "sponsor" -> submit an > incubator application -> wait (or do i submit for a vote on general@?) -> > ... -> profit :) > > For a bit more context, my project is http://scylla.sh or > https://github.com/acaceres2176/scylla. This project aggregates and makes > searchable database leaks and other information security data that is easy > for attackers to find (they have blackhat and underground resources) but > difficult for security professionals trying to defend their network (they > cannot buy stolen data, are not plugged into the blackhat hacker community, > and frankly generally don't know "where to start"). The Scylla engine aims > to even the playing field by making this data available and completely free > for everyone. The feed is meant to power threat intelligence engines to aid > in the defense of both large corporate networks, but also be accessible to > an average user who wants to check what information of theirs has been > leaked. It's a passion project of mine and have been working on it for > several months already. We have several terabytes of data and good > attention from the infosec community. > > Anyway, sorry for the brain dump above, but I suppose I should mainly ask - > where do I go from here? Do I simply ask this mailing list if there is a > sponsor and champion willing to bring this in as a podling? > > Thanks! > Alex > > > > -- > ___ > > Alejandro Caceres > Hyperion Gray, LLC > Owner/CTO -- Matt Sicker - To unsubscribe, e-mail: dev-unsubscr...@community.apache.org For additional commands, e-mail: dev-h...@community.apache.org
Re: Volunteers wanted: Hackathon organization at ApacheCon Berlin 2019
Hi, Gris. Thanks for including me in the thread! I am definitely interested in being part of the general organization as an extra pair of Berlin-based hands. About specific initiatives, it would be great to partner up with Aizhamal to do something around documentation! I also took the time to discuss internally the possibility of a Flink Hackathon, but October will be a bit sketchy with Flink Forward in the horizon. We can discuss the feasibility of this if there is agreement that it would be a valuable initiative. Marta On Wed, Jun 26, 2019 at 8:13 PM Griselda Cuevas wrote: > I'm cc'ing folks who might be able to help prepare some project specific > hackathons. Maybe some of them would even be interested in helping with the > general organization? > > Alex, David, Matthias & Max - would you be interested in driving a Beam > Hackathon? > > Aizhamal & Marta, any interest in hosting a documentation hackathon? > > David, Aizhamal, any interest in an Airflow hackathon? > > On Wed, 26 Jun 2019 at 07:38, Myrle Krantz wrote: > >> Hey everyone, >> >> Much like for Las Vegas, I'm hoping we can find a volunteer or two who is >> interested in helping to make the hackathon in Berlin awesome. >> >> Is anyone interested in assisting here? >> >> To quote Rich: >> >> "I need 1 to 3 volunteers to own the Hackathon for ACNA. >> >> The Hackathon has long been a central part of ApacheCon. However, the >> success of the hackathon waxes and wanes over the years, due largely to >> whether someone steps up to drive it. >> >> The hackathon has multiple intertwined purposes: >> >> * Attract and mentor new committers >> * Strengthen personal bonds within project community >> * Foster cross-project cooperation >> * Knock out difficult bugs/features/documentation projects >> >> For this to be successful, the following things need to happen >> >> * Projects need to know about it >> * They need to prepare ahead of time. In particular, they need to think >> about what they will be working on >> * The plan (ie, what we'll be working on) must be promoted both within >> the project (so that core project members show up prepared) and outside >> (so that curious people show up and play along) >> * There needs to be great signage on-site, and we need to mention it at >> every plenary >> >> To this end, I need someone(s) to step up to own this. I do not have >> time to be the point person on this. >> >> I need someone who cares about building project communities, is >> enthusiastic about working directly with projects to build their >> hackathon plans, and who plans to attend ACNA to do the on-site stuff >> necessary to support the above. I need someone who is willing to take >> the reins on this and drive it without much direction from me or anyone >> else, and just report back periodically on progress. >> >> Please let me know if you are willing to lead this effort. Thank you." >> >> Thanks, >> Myrle Krantz >> Conference Chair, ApacheCon Berlin 2019 >> The Apache Software Foundation >> >
