The Zeek Project is delighted to announce the schedule for ZeekWeek 2021, which will be an online-only event taking place 13-15 October. ZeekWeek is free, though registration is required.
ZeekWeek (formerly BroCon) is the most important community event for users, developers, incident responders, threat hunters and architects who rely on the open-source Zeek network security monitor as a critical element in their security stack.
Our three-day event will include training, two keynote speakers, 20 talks, and a CTF (Capture the Flag) exercise. More information about all talks can be found on the Zeek website.
13 October 2021 – Day 1: Training (8:00am – 4:30pm, Pacific Time) (Wait list after 24 September 2021)
Training by the Zeek Project
- Introduction to Zeek
- Hands-on Zeek Scripting
Signing up for a training session after 24 September 2021 will place you on a waiting list. You will be contacted if a slot becomes available.
Training by Corelight and its Partners
- Corelight
- Humio
- Chronicle
- Devo
- Elastic
More information about Day 1 training can be found here.
14 October 2021 – Day 2: SOC Professional / Zeek User Track (9:00am – 2:00pm, Pacific Time)
- Welcome & Open Remarks
- Keynote – David Monnier
- DNS and Spoofed traffic investigation with Zeek
- Using a Forest to Explore the Logs: Automation, Analytics and AI with Zeek Logs at UC Davis.
- BadRandom: A Survey of TLS Implementations
- Investigating Remote Desktop Protocols attacks using the Zeek observatory at UIUC/NCSA
- A Better Way to Capture Packets with DPDK
- Details for DPDK plugin development and performance measurement
- Kerberos-haters guide to Zeek Threat Hunting
- Stop missing critical data – How to architect in Hybrid architectures
- PacketTotal – A Community Service for Zeek-Based PCAP Analysis
- Zeek the truth, in the Cloud
More information about the Day 2 SOC Professional / Zeek User track can be found here.
15 October 2021 – Day 3: Developer / Zeek Roadmap Track (9:00am – 2:00pm, Pacific Time)
- Recap Day 2 & Overview of Day 3
- Keynote – Richard Bejtlich
- Roadmap & contribution how-to
- The new packet processing pipeline
- zkg templates
- Creating Zeek analyzer packages with Spicy
- Compiling Zeek scripts
- Build Zeek with static plugins included
- Lightning Talks
- Ask the speakers – Q&A
- Summary, Wrap-Up and Thank you’s
More information about the Day 3 Developer / Zeek Roadmap track can be found here.
14-15 October 2021 – Online CTF (Capture the Flag) Event
The online CTF event will take place on Day 2 and Day 3. Information on how to play will be sent to registered attendees prior to 13 October 2021.
Don’t forget; register today!
Haven’t been to a ZeekWeek event? Check out the 2019 and 2020 events.
You can find out more about Zeek and how you can connect and get involved with the community on zeek.org.