Packets don’t lie – Threat Hunting with Zeek

Thumbnail for post.

One of the methods to identify, process and gain visibility into a network is Network Security Monitoring(NSM). Zeek is a passive network security monitor and is Open Source. In this course will use Zeek to analyse PCAPs and find badness.   

Course Outline

In this course, participants should be able to

Outline:
– Gain an understanding on the value of Zeek in the context of Network Security Monitoring(NSM)
– Analyse PCAPs using Zeek
– Get an overview of Zeek and Zeek logs 

Course Material