Zeekurity Zen – Part IX: How To Update Zeek

Zeekurity Zen – Part IX: How To Update Zeek

This is part of the Zeekurity Zen Zeries on building a Zeek (formerly Bro) network sensor. Overview In our Zeek journey thus far, we’ve: Set up Zeek to monitor some network traffic. Used Zeek Package Manager to install packages. Configured Zeek to send logs to 

cool tools, how-to, incident response, information security, network security monitoring
-
by
-
0 Comments
Zeekurity Zen – Part VIII: How to Send Zeek Logs to Elastic

Zeekurity Zen – Part VIII: How to Send Zeek Logs to Elastic

This is part of the Zeekurity Zen Zeries on building a Zeek (formerly Bro) network sensor. Overview In our Zeek journey thus far, we’ve: Set up Zeek to monitor some network traffic. Used Zeek Package Manager to install packages. Configured Zeek to send logs to 

how-to, incident response, information security, network security monitoring
-
by
-
8 Comments
Zeekurity Zen – Part VII: Zeek To Understand Encryption

Zeekurity Zen – Part VII: Zeek To Understand Encryption

This is part of the Zeekurity Zen Zeries on building a Zeek (formerly Bro) network sensor. Overview In our Zeek journey thus far, we’ve: Set up Zeek to monitor some network traffic. Used Zeek Package Manager to install packages. Configured Zeek to send logs to 

how-to, incident response, information security, network security monitoring
-
by
-
10 Comments
Zeekurity Zen – Part VI: Zeek File Analysis Framework

Zeekurity Zen – Part VI: Zeek File Analysis Framework

This is part of the Zeekurity Zen Zeries on building a Zeek (formerly Bro) network sensor. Overview In our Zeek journey thus far, we’ve: Set up Zeek to monitor some network traffic. Used Zeek Package Manager to install packages. Configured Zeek to send logs to 

how-to, incident response, information security, network security monitoring
-
by
-
2 Comments
Zeekurity Zen – Part V: Zeek Intelligence Framework

Zeekurity Zen – Part V: Zeek Intelligence Framework

This is part of the Zeekurity Zen Zeries on building a Zeek (formerly Bro) network sensor. Overview In our Zeek journey thus far, we’ve: Set up Zeek to monitor some network traffic. Used Zeek Package Manager to install packages. Configured Zeek to send logs to 

how-to, incident response, information security, network security monitoring
-
by
-
4 Comments
Attacking The BlueKeep

Attacking The BlueKeep

R-C-E, It’s Easy as R-D-P On May 14, 2019, Microsoft published a security advisory regarding a critical remote code execution (RCE) vulnerability (CVE-2019-0708) affecting Remote Desktop Services (RDP) on older versions of Windows including XP, Vista, 7 and Server 2003/2008. Windows 8 and 10 are 

how-to, incident response, information security, vulnerability management
-
by
-
3 Comments
Zeekurity Zen – Part IV: Threat Hunting With Zeek

Zeekurity Zen – Part IV: Threat Hunting With Zeek

This is part of the Zeekurity Zen Zeries on building a Zeek (formerly Bro) network sensor. Overview In our Zeek journey thus far, we’ve: Set up Zeek to monitor some network traffic. Used Zeek Package Manager to install packages. Configured Zeek to send logs to 

how-to, incident response, information security, network security monitoring
-
by
-
4 Comments
Zeekurity Zen – Part II: Zeek Package Manager

Zeekurity Zen – Part II: Zeek Package Manager

This is part of the Zeekurity Zen Zeries on building a Zeek (formerly Bro) network sensor. Overview In our Zeek journey thus far, we’ve: Set up Zeek to monitor some network traffic. Now we’ll introduce the Zeek Package Manager to extend Zeek’s functionality with packages 

how-to, incident response, information security, network security monitoring
-
by
-
25 Comments