Packets don’t lie – Threat Hunting with Zeek
One of the methods to identify, process and gain visibility into a network is Network Security Monitoring(NSM). Zeek is a passive network security monitor and is Open Source. In this course will use Zeek to analyse PCAPs and find badness.
Course Outline
In this course, participants should be able to
Outline:
– Gain an understanding on the value of Zeek in the context of Network Security Monitoring(NSM)
– Analyse PCAPs using Zeek
– Get an overview of Zeek and Zeek logs