by Richard Bejtlich | Dec 10, 2021 | community, Newsletter
Issue 14 – November 2021 Welcome to the Zeek Monthly Newsletter! In this Issue: TL;DR Development Updates Zeek Blog and Mailing List Zeek in the Community Zeek Package Updates Zeek in the Enterprise Upcoming Events Zeek Related Jobs Get Involved TL;DR The big...
by Richard Bejtlich | Dec 6, 2021 | community, Zeek in Action
In this episode of Zeek in Action, Richard examines the four types of network security monitoring data: 1) full content data (“PCAP”), 2) transaction logs, 3) extracted content, and 4) intrusion detection systems (IDS) alerts. He uses the online tool...
by Richard Bejtlich | Nov 5, 2021 | community, Newsletter
Issue 13 – October 2021 Welcome to the Zeek Monthly Newsletter! In this Issue: TL;DR Development Updates Zeek Blog and Mailing List Zeek in the Community Zeek Package Updates Zeek in the Enterprise Upcoming Events Zeek Related Jobs Get Involved TL;DR ZeekWeek...
by Richard Bejtlich | Apr 14, 2021 | community, Zeek in Action
The first video examining network traffic using Zeek and related applications is now available. This episode looks at a suspected malware compromise, posted by Brad Duncan on his Malware Traffic Analysis site. We use Brim to create Zeek and Suricata logs from a packet...
by Richard Bejtlich | Apr 6, 2021 | community, Zeek in Action
Welcome to Zeek in Action, a new series of videos for Zeek users and fans. The purpose of the series is to show how analysts can interpret data in Zeek and related formats to solve various networking challenges. The focus will mainly be on security use cases, but we...