Security News > 2024 > June > Zeek: Open-source network traffic analysis, security monitoring
Unlike an active security device such as a firewall, Zeek operates on a versatile 'sensor' that can be a hardware, software, virtual, or cloud platform.
This flexibility allows Zeek to quietly monitor network traffic, interpret it, and generate transaction logs, file content, and customized output.
These outputs are suitable for manual review on disk or in an analyst-friendly tool such as SIEM, providing a comprehensive view of network activity.
Key features Download. Zeek is available for free on GitHub.
Zeek is part of many package repositories, including various Linux distributions, FreshPorts on FreeBSD, and MacPorts / Homebrew on macOS. For Linux, binaries are available through the openSUSE Build Service.
The developers aim to publish a new Zeek release about every four months.
News URL
Related news
- Open source maintainers: Key to software health and security (source)
- Osmedeus: Open-source workflow engine for offensive security (source)
- Am I Isolated: Open-source container security benchmark (source)
- ScubaGear: Open-source tool to assess Microsoft 365 configurations for security gaps (source)
- Debunking myths about open-source security (source)
- AxoSyslog: Open-source scalable security data processor (source)