Name: Zeek Network Security Monitor
Author: Open Source

Help Desk

Web and Video Conferencing

Customer Support

Bug  Tracking

WebOps

Development

Business Intelligence (BI)

Collaboration

Visual Collaboration

VoIP

Enterprise

Accounting

Finance and Accounting

Applicant Tracking

Corporate Learning Management

HR Management

On-Demand Payment

Payroll

Talent Intelligence

Talent Management

Workforce Analytics

Workforce Management

Human Resources

3D Printers

API Management

App Development

Browser

Cloud Storage

Component Content Management

Data Observability

Enterprise Architecture Management

Fraud Detection

Hosted Virtual Desktop

Hyper-Converged Infrastructure

Integration Platform as a Service (iPaaS)

Internet of Things (IoT)

Interoperability

MLOps

Network Access Control (NAC)

Network Performance Monitoring

Remote Support

Requirements Management

Security Awareness Training

Session Border Controllers

Voice Recognition

Web Application Firewalls

Information Technology

A/B Testing

Ad Serving & Retargeting

All-in-One Marketing

Business Card Scanning

Content Management

Content Marketing

Digital Signage

Direct Mail Automation

Email Management

Email Marketing

Event Registration

Marketing Automation

Marketing Resource Management

Online Reputation Management

Search Marketing Intelligence

Social Media Management

Social Media Publishing

Survey & Forms Building

Web Analytics

Marketing

AI Meeting Assistants

Business Caller ID

Professional Services Automation

Project Management

Professional Services

Customer Relationship Management (CRM)

Sales Intelligence

Sales

Data Loss Prevention

Insider Risk Management

Security

Commercial Drone

Construction Accounting

HIPAA Compliance

Multiple Listing Service (MLS)

Smart Cities

Utilities

Vertical-Specific

Find top rated software and services based on in-depth reviews from verified users. 400+ software categories including PaaS, NoSQL, BI, HR, and more.

Palo Alto Networks Advanced Threat Prevention

Palo Alto Networks

Zscaler Internet Access

Zscaler

Snort

Cisco

Proofpoint Advanced Threat Protection

Proofpoint

SonicWall Capture Advanced Threat Protection (ATP)

SonicWall

Cisco Secure IPS

Trend Micro TippingPoint

Trend Micro

Security Onion

Security Onion Solutions, LLC

Cisco IPS Sensor (Discontinued)

Trellix Intrusion Prevention System

Trellix (FireEye + McAfee)

The Zeek Network Security Monitor is an open-source tool designed for comprehensive network security monitoring. According to the vendor, it enables organizations of various sizes, from small businesses to large enterprises, to analyze network traffic and detect potential security threats. Zeek is utilized by a wide range of professionals and industries, including security analysts, network administrators, incident responders, threat hunters, and security operations center (SOC) teams.

## Key Features

**Real-time Network Traffic Monitoring**: According to the vendor, Zeek passively observes network traffic in real-time, providing continuous monitoring to detect and analyze potential security threats. It captures and interprets network traffic to generate detailed logs and transaction records.

**Flexible and Customizable Framework**: Zeek offers a flexible framework that, according to the vendor, allows users to customize and extend its functionality. Users can create their own scripts and plugins to enhance Zeek's capabilities and tailor it to their specific needs. The framework supports the development of custom analyzers and protocols for in-depth network analysis.

**Comprehensive Network Protocol Analysis**: Zeek supports the analysis of various network protocols, including TCP, UDP, DNS, HTTP, FTP, and more. According to the vendor, it can decode and analyze network protocols to extract valuable information from network traffic. Zeek provides protocol-specific analyzers for deep inspection and analysis of network communication.

**Threat Detection and Intrusion Detection**: Zeek includes a set of built-in analyzers and detection scripts for identifying potential security threats. According to the vendor, it can detect and alert on various types of network-based attacks, such as port scans, malware infections, and suspicious behavior. Zeek's detection capabilities aim to help organizations identify and respond to security incidents in a timely manner.

**Traffic Analysis and Forensics**: Zeek generates detailed logs and transaction records that provide a source of information for traffic analysis and forensics. It captures network traffic data, including packet payloads, connection metadata, and file transfers, for further analysis. According to the vendor, Zeek's log files enable analysts to investigate network incidents, perform post-incident forensics, and gain insights into network activity.

**Integration with SIEM and Security Tools**: Zeek's output can be easily integrated with security information and event management (SIEM) systems. It can generate logs in various formats, such as JSON or CSV, which can be ingested by SIEM solutions for centralized analysis and correlation. According to the vendor, Zeek's compatibility with other security tools and platforms allows for seamless integration into existing security infrastructures.

**Network Performance Monitoring**: Zeek provides insights into network performance by monitoring network traffic patterns and statistics. It tracks network events, such as bandwidth usage, packet loss, latency, and throughput, to identify performance issues. According to the vendor, Zeek's performance monitoring capabilities aim to help organizations optimize their network infrastructure and ensure efficient network operations.

Zeek (formerly Bro) is a platform for network security monitoring that is available free and open-source.

Essentials

Standard

Premium

AlienVault USM

CrowdStrike offers the Falcon Endpoint Protection suite, an antivirus and endpoint protection system emphasizing threat detection, machine learning malware detection, and signature free updating. Additionally the available Falcon Spotlight module delivers vulnerability assessment with no performance impact, no additional agents, hardware, scheduled scans, firewall exceptions or admin credentials.

Falcon Pro

Falcon Enterprise

Falcon Go (Small Business)

CrowdStrike Falcon

Zeek Network Security Monitor

Intrusion Detection Systems (synonymous with Intrusion Prevention Systems, or IPS) are designed to protect networks, endpoints, and companies from more advanced cyberthreats and attacks. The systems aim to repel intruders or, failing that, reduce attacker dwell time and minimize the potential for damage and data loss.

Intrusion Detection

Open Source

TrustRadius is a technology and business research firm based in Austin, Texas. The company is known as a review platform for verified B2B technology and software reviews through a proprietary algorithm and human verification.

TrustRadius

Home

Intrusion Detection Systems

Zeek Network Security Monitor
Formerly Bro

Overview

What is Zeek Network Security Monitor?