The Power of Open-Source Zeek (formerly Bro)
Open-source Zeek (formerly Bro) is one of network securitys best kept secrets. Deployed out-of-band by thousands of the worlds top blue teams, Zeek transforms raw network traffic into rich protocol logs, extracted files, and custom behavioral insights. Zeek data provides rocket fuel for incident responders and threat hunters alike so they can make lightning-fast sense of their traffic and track adversaries across port and protocol, even when its encrypted.
This webcast takes beginner and intermediate Zeek-ophiles to the next level, while also covering a few advanced use cases for more experienced attendees. Content covered will include open-source deployment options, discussions of key SOC use cases, and specific demonstrations of how IR and hunting workflows in SIEMs can be accelerated with Zeek data.
Watch this technical webcast to hear from John Gamble, Director of Product Marketing at Corelight to learn about the fundamentals of how Zeek operates, key Zeek wins from leading blue teamers, and how you can get started with using Zeek in your own environment.
Corelight makes powerful network security monitoring (NSM) solutions that transform network traffic into rich logs, extracted files, and security insights, helping security teams achieve more effective incident response, threat hunting, and forensics. Corelight Sensors run on Zeek (formerly called “Bro”), the open-source NSM tool used by thousands of organizations worldwide. Corelight’s family of network sensors dramatically simplify the deployment and management of Zeek and expand its performance and capabilities. Corelight is based in San Francisco, California and its global customers include Fortune 500 companies, large government agencies, and major research universities.
