The Power of Open-Source Zeek (formerly Bro)

  • Thursday, 01 Apr 2021 1:00PM EDT (01 Apr 2021 17:00 UTC)
  • Speaker: John Gamble

Open-source Zeek (formerly Bro) is one of network security's best kept secrets. Deployed out-of-band by thousands of the world's top blue teams, Zeek transforms raw network traffic into rich protocol logs, extracted files, and custom behavioral insights. Zeek data provides 'rocket fuel ' for incident responders and threat hunters alike so they can make lightning-fast sense of their traffic and track adversaries across port and protocol, even when it's encrypted.

This webcast will take beginner and intermediate Zeek-ophiles to the next level, while also covering a few advanced use cases for more experienced attendees. The discussion will include open-source deployment options, discussions of key SOC use cases, and specific demonstrations of how IR and hunting workflows in SIEMs can be accelerated with Zeek logs.

Register for this technical webcast to hear from John Gamble, Director of Product Marketing at Corelight to learn about the fundamentals of how Zeek operates, key Zeek wins from leading blue teamers, and how you can get started with using Zeek in your own environment.