Packets don’t lie – Threat Hunting with Zeek
One of the methods to identify, process and gain visibility into a network is Network Security Monitoring(NSM). Zeek is a passive network security monitor and is Open Source. In this course will use Zeek to analyse PCAPs and find badness.
In this course, participants should be able to
– Gain an understanding on the value of Zeek in the context of Network Security Monitoring(NSM)
– Analyse PCAPs using Zeek
– Get an overview of Zeek and Zeek logs