Utilizing Zeek 4 in an Enterprise Environment or for Distributed Operations
Zeek is an open-source network security monitoring (NSM) tool. This course will teach you how to deploy Zeek at scale and how to use Zeek data for continuous monitoring, threat hunting, and incident response.
Cybersecurity professionals are tasked with defending networks against malicious attackers who are becoming more sophisticated and harder to detect. In this course, Utilizing Zeek 4 in an Enterprise Environment or for Distributed Operations, you’ll learn how to deploy this tool to support network security operations. First, you’ll explore how to design a Zeek deployment for Enterprise Monitoring. Next, you’ll discover how Zeek can support Continuous Monitoring. Finally, you’ll learn how to use Zeek for Threat Hunting and Incident Response. When you’re finished with this course, you’ll have the skills and knowledge of using Zeek to rapidly identify indicators of compromise, security control deviations, and to actively pursue adversarial threats on a network.
Author Name: Michael Edie
Author Description:
Michael is a Senior Security Consultant with 10+ years of experience in the public and private sectors. He is a proactive and iterative cyber threat hunter specializing in detection engineering, DFIR, and automation. Michael has led teams and directed collaborative efforts to develop and implement strategies for mitigating evolving threat trends. He is the Founder and Principal Consultant of Sawbox Consulting, where he identifies and resolves security issues, implements solutions and evaluates s… more
Table of Contents
- Course Overview
1min - Designing a Zeek Deployment for Enterprise Monitoring
24mins - Using Zeek for Continuous Monitoring
37mins - Using Zeek for Defensive Cyber Operations
47mins
There are no reviews yet.