Join us on Wednesday, November 19th at 10am Pacific for the webinar “ Parsnip: Lowering the Barrier of Entry for Parser Development”.
The Speaker is Melanie Pierce from Idaho National Laboratory.
Abstract:
Spicy and BinPAC are robust languages that greatly aid developers in crafting protocol analyzers for Zeek. Spicy, in particular, has streamlined the process significantly over its predecessor, BinPAC, making it less daunting to develop network protocol analyzers. Yet, mastering Spicy’s relatively simpler syntax and tools still demands a considerable investment of time and effort. For seasoned developers who regularly build protocol analyzers, this is hardly a deterrent, as they can fully utilize the sophisticated capabilities of these languages. However, this complexity can deter others from attempting to build analyzers.
To address this challenge, the Cybersecurity & Infrastructure Security Agency (CISA) partnered with Idaho National Laboratory to develop and introduce Parsnip. This project aims to lower the entry barrier to creating analyzers by utilizing more accessible tools like a Graphical User Interface (GUI) and JSON. Parsnip provides a practical solution that covers 80-90% of the needs for an analyzer, which can either suffice in many scenarios or be refined further by a Spicy expert
Bio:
Melanie is a Cybersecurity Analyst at Idaho National Laboratory (INL). She joined INL in 2022. Melanie has a bachelor’s degree in Cybersecurity from Brigham Young University and is currently pursuing her master’s degree in computer science from Johns Hopkins University.
After joining INL, Melanie became involved in the efforts to secure critical infrastructure networks through the ICSNPP project and the Malcolm project. With the ICSNPP (Industrial Control Systems Network Protocol Parsers) project, Melanie develops Zeek parsers in Spicy and BINPAC to provide further visibility into critical infrastructure networks. These protocol parsers are incorporated into the Malcolm tool suite.
Melanie is passionate about simplifying security. Cybersecurity doesn’t need to be expensive or complicated. Melanie loves finding creative solutions to make the implementation of a basic security poster reachable, even among the smaller industries. Melanie is a strong believer in open-source software that benefits the entire community and wants to contribute to lasting impacts in critical infrastructure security.