JavaScript isn't enabled in your browser, so this file can't be opened. Enable and reload.
Malcolm Community Questionnaire
A little information goes a long way! We'd love to hear your feedback on how you use Malcolm (
https://malcolm.fyi
) and get your suggestions for future features and enhancements.
Sign in to Google
to save your progress.
Learn more
Are there any features, improvements or fixes in Malcolm you'd like to suggest?
Your answer
Are there any network protocols you'd like to see Malcolm support? (We're particularly interested in OT protocols you're seeing in the wild.)
Your answer
How did you learn about Malcolm?
Web search or search engine recommendation
GitHub search or recommendation
Conference
Blog or podcast mention
Friend or colleague
Other:
Clear selection
What types of networks do you monitor with Malcolm? (check all that apply)
IT (corporate, business) networks
OT (ICS, SCADA) networks
Home or personal networks
Other:
For what tasks do you use Malcolm? (check all that apply)
Incident response
Threat hunting
In production as a long-running installation
In a Security Operations Center (SOC)
Malware analysis
Capture the Flag events
As a learning tool
Monitoring home/personal network
Other:
If applicable, in what industry are you using Malcolm? (check all that apply)
Local government
Federal government
Critical infrastructure (elaborate sector in "Other...")
Military
Education
Health and medicine
Legal and financial
Manufacturing and distribution
Retail
Travel and transportation
Utilities
Computers, technology and software
Other:
What is your background/education as it relates to network monitoring? (check all that apply)
Cybersecurity operations (security analyst, engineer, administrator, consultant, etc.)
Cybersecurity research
Information technology
Computer science
Other:
What are Malcolm's "killer features" for you? (check all that apply)
Number of network protocols parsed
ICS/OT/IoT protocols parsed
Pre-built dashboards
Creating my own dashboards
Arkime
Integration of Zeek logs with Arkime
Access to packet payloads in Arkime
Dedicated network sensor appliance (Hedgehog Linux)
Automatic file extraction and scanning
Integration with intelligence feeds (e.g., STIX, TAXII)
Anomaly detection
Alerting
ISO installer for VM or bare metal installation
Use of Docker for deployment
Other:
What are your "pain points" when it comes to Malcolm? (check all that apply and elaborate in "Other...")
System resource requirements
Installation and configuration
Analysis learning curve
Documentation and examples
Unfamiliarity with platform (Docker or virtual machines)
Performance
Stability
Scalability
Missing protocol parsers
Missing other features
Other:
What other tools in the network monitoring space do you use (or have you used)? (check all that apply)
SIEM (specify in "Other...")
Security Onion
Wireshark
Zeek (formerly Bro)
Arkime (formerly Moloch)
Network Miner
GRASSMARLIN
Elastic Stack
Splunk
CLI capture tools (tcpdump / netsniff-ng / tshark / etc.)
Other:
Do you have any suggestions for ways to improve Malcolm's prebuilt dashboards? This could include the existing protocol-specific and general-purpose dashboards or any other dashboards, visualizations or analytics you think might be useful.
Your answer
What's the base operating system you're using to run Malcolm? (check all that apply)
Linux
Windows
macOS
Other:
How are you running Docker?
Docker Community Edition
Docker Desktop
Virtual machine (using the Malcolm installer ISO)
Virtual machine (other)
Other:
Clear selection
How are you ingesting network traffic? (check all that apply)
Malcolm's pcap-capture Docker image is capturing with netsniff-ng or tcpdump
Hedgehog Linux is capturing and forwarding to Malcolm
I'm capturing the traffic manually and uploading PCAP files to Malcolm
Other:
Where in the world do you use Malcolm? (check all that apply)
North America
Central America / the Caribbean
South America
European Union
Eastern Europe
Middle East
Asia
Oceania
Africa
Other:
Submit
Page 1 of 1
Clear form
Never submit passwords through Google Forms.
This content is neither created nor endorsed by Google. -
Terms of Service
-
Privacy Policy
Does this form look suspicious?
Report
Forms
Help and feedback
Help Forms improve
Report
