Packets don’t lie – Threat Hunting with Zeek

Thumbnail for post.

One of the methods to identify, process and gain visibility into a network is Network Security Monitoring(NSM). Zeek is a passive network security monitor and is Open Source. In this course will use Zeek to analyse PCAPs and find badness.   

Course Outline

In this course, participants should be able to

– Gain an understanding on the value of Zeek in the context of Network Security Monitoring(NSM)
– Analyse PCAPs using Zeek
– Get an overview of Zeek and Zeek logs 

Course Material