athegist
commented
4 years ago Let me put some time into reviewing and I'll follow up re: a Zoom session. Sound reasonable?
Closed EagleOneJK closed 4 years ago
athegist
commented
4 years ago Let me put some time into reviewing and I'll follow up re: a Zoom session. Sound reasonable?
EagleOneJK
commented
4 years ago Sounds great. Thanks again for your assistance.
From: AT notifications@github.com Sent: Wednesday, May 6, 2020 8:21 PM To: davehull/Kansa Kansa@noreply.github.com Cc: EagleOneJK jonathan.ketchum@gmail.com; Author author@noreply.github.com Subject: Re: [davehull/Kansa] Ketchum pull (#202)
Let me put some time into reviewing and I'll follow up re: a Zoom session. Sound reasonable?
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/davehull/Kansa/pull/202#issuecomment-624974474 , or unsubscribe https://github.com/notifications/unsubscribe-auth/AHL6EQFTRMWBQZPFGXN4ZDDRQIEHLANCNFSM4MZ375LA . https://github.com/notifications/beacon/AHL6EQEUBMBK3B4IVYTQVVTRQIEHLA5CNFSM4MZ375LKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEVAFVCQ.gif
athegist
commented
4 years ago I'm about half way through the files in the commit. Really impressed with the capabilities you've added. My review is not really a deep code review. Mostly looking to understand things at a high level and verify that there's nothing nefarious in the PR.
EagleOneJK
commented
4 years ago Thanks @athegist ! Appreciate your time/patience reviewing the code.
EagleOneJK
commented
4 years ago My talk is scheduled for 10am on July 16th. The slides will be posted on the SANS Summit portal shortly thereafter, and I'll be sure to send you a copy and a big shoutout. :) https://www.sans.org/event/digital-forensics-summit-2020/summit-agenda
@athegist Ref Our previous discussion. I apologize for the delay. Working through corporate processes to get all the right approvals took longer than expected. We have been approved to present our enhancements at the SANS DFIR Summit in Austin, TX this July. We would like to wait to merge changes into the master branch until that time. We'll have a presentation explaining the origins of these changes and how the features work. We made a significant effort to NOT impact existing functionality, so everything SHOULD be backwards-compatible. Admittedly we ONLY use our new Fire&Forget extensions, so we haven't run traditional Kansa jobs with this new code in ages. I'd be happy to work with you to help explain the logic behind the changes, and even do some limited demonstrations. I do have a Zoom pro account so we can set up a chat once you've had a chance to look at my (messy/terrible) code and try to make sense of it. Please reach out before making any decisions. I promise, the features we've added are really cool - I ran 3 kansa jobs today against 150K+ endpoints each and did it in less than an hour each. We could have gone faster, but we slow-roll it to avoid overwhelming the network. :)