Zeek Logo

Security Reporting

Security Reporting 

The project is eager to work with the community to resolve security vulnerabilities in Zeek. The project strives to address security concerns in a timely manner and to properly acknowledge the contributor(s). Follow these steps to report a vulnerability:

  • Please do not publicly disclose the vulnerability until the project has an opportunity to review and address the issue.
  • Email security@zeek.org with a description of the bug, the version of Zeek to which it applies, and any other necessary details to help diagnose the problem.
  • Please send one plain-text, unencrypted, email for each vulnerability you are reporting.
  • The Zeek development team will confirm receipt of the report within two business days. It may take additional time to correct the issue.
  • If an update is necessary the reporter will receive an acknowledgment in the Zeek distribution CHANGES file.

Please see Zeek’s security release process for more information on how we handle security issues.

 

Get Zeek
Downloads
Zeek GitHub
Add-on Packages
Try Zeek Online

Documentation
Feature Release
LTS Release
Dev Version
Dev Resources
FAQs

Community
Getting Started
Mastodon
Twitter
Youtube
Discourse
Slack
GitHub Issues
Security Reporting
Contact Us
Subgroups
Training

Events
Upcoming Events
Calendar
ZeekWeek 2024
Past Events

Blog

About About Zeek Leadership Team Code of Conduct Slack Guidelines Governance Framework Mission, Vision, Values