- Course
Utilizing Zeek 4 in an Enterprise Environment or for Distributed Operations
Zeek is an open-source network security monitoring (NSM) tool. This course will teach you how to deploy Zeek at scale and how to use Zeek data for continuous monitoring, threat hunting, and incident response.
Intermediate
- Course
Utilizing Zeek 4 in an Enterprise Environment or for Distributed Operations
Zeek is an open-source network security monitoring (NSM) tool. This course will teach you how to deploy Zeek at scale and how to use Zeek data for continuous monitoring, threat hunting, and incident response.
Intermediate
Get started today
Access this course and other top-rated tech content with one of our business plans.
Try this course for free
Access this course and other top-rated tech content with one of our individual plans.
This course is included in the libraries shown below:
- Security
What you'll learn
Cybersecurity professionals are tasked with defending networks against malicious attackers who are becoming more sophisticated and harder to detect. In this course, Utilizing Zeek 4 in an Enterprise Environment or for Distributed Operations, you'll learn how to deploy this tool to support network security operations. First, you’ll explore how to design a Zeek deployment for Enterprise Monitoring. Next, you’ll discover how Zeek can support Continuous Monitoring. Finally, you’ll learn how to use Zeek for Threat Hunting and Incident Response. When you’re finished with this course, you’ll have the skills and knowledge of using Zeek to rapidly identify indicators of compromise, security control deviations, and to actively pursue adversarial threats on a network.
Utilizing Zeek 4 in an Enterprise Environment or for Distributed Operations
Intermediate
Table of contents
-
Version Check | 15s
-
Configuring a Zeek Management Host | 1m 54s
-
Demo: Configuring a Zeek Management Host | 2m 29s
-
Developing a Sensor Strategy | 2m 44s
-
Connecting Zeek Workers to the Management Host | 2m 14s
-
Demo: Connecting Zeek Workers to the Management Host | 8m 8s
-
Working with the Filebeat Agent | 1m 30s
-
Shipping Zeek Data to a SIEM (ELK) | 5m 34s
Principal Engineer at SmashTheStack.org, Information Security Consultant and Pluralsight Author