Corelight’s introductory guide to threat hunting with Zeek (Bro) logs

If you are considering or new to Corelight and Zeek (formerly known as Bro), this guide will help you as part of a proof of concept for an initial deployment.

The guide consists of analysts questions that help demonstrate usage of the data Zeek provides, and the value of a data-centric approach for Network Security Monitoring (NSM). Questions are organized by the location of instrumentation in the network.

Additionally, several threat hunting concepts are described to help deepen knowledge, especially for teams new to the practice.

Read it now!

Subscribe to the Cybersecurity Insider Newsletter

Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday

Subscribe to the Cybersecurity Insider Newsletter

Strengthen your organization's IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday

Resource Details

Corelight logo
Provided by:
Corelight
Topic:
Security
Format:
PDF