Zeek Reviews

Zeek Description

Zeek (formerly Bro), is the world's most popular platform for network security monitoring. Flexible, open-source, and powered entirely by defenders. Zeek has a long track record in the open-source and digital security industries. Vern Paxson started the project under the name "Bro" in the 1990s to help him understand the activities at his university and national lab networks. In late 2018, Vern Paxson and the leadership team of the project renamed Bro and Zeek to celebrate its growth and continued development. Zeek is not an active security device like a firewall, intrusion prevention system, or intrusion detection system. Zeek is a "sensor", a hardware, cloud, or software platform that quietly and inconspicuously monitors network traffic. Zeek interprets what it sees, creates compact, high-fidelity transaction records, files content, and customizes the output. This can be used for manual review on disk, or in an analyst-friendly tool such as a security and event management (SIEM), system.

Pricing

Pricing Starts At:

Free

Free Version:

Yes

Integrations

View Integrations

Reviews

Total

ease

features

design

support

No User Reviews. Be the first to provide a review:

Write a Review

Company Details

Company:

The Zeek Project

Year Founded:

1994

Headquarters:

United States

Website:

zeek.org

Media

Product Details

Platforms

Linux

Type of Training

Documentation

Zeek Features and Options

Network Monitoring Software

Network Security Software

Zeek Lists

Blue Team Tools

Compare Zeek Against Alternatives

vs.

NCR Network & Security Services

Internet attackers can attack the IT infrastructure of large and small organizations, threatening your reputation as well as exposing your business and you to costly fines. How can you ensure your security protection is adequate to protect against these threats? It is difficult to identify the...

Compare
vs.

Sentinel IPS

A range of network security services that are affordable, including a Managed Net Detection & Response team, our unique Network Cloaking™, and CINS Active Threat Intelligence. Comprehensive managed security. This service is designed to support IT teams that are lean and allow them to get back to...

Compare
vs.

EventSentry

Hybrid SIEM solutions combine real-time log monitoring with comprehensive system and network monitoring to provide users with a complete view of their servers, endpoints, and networks. The security event log normalization and correlation engine with descriptive emails alerts provides additional...

Compare
vs.

Blesk

Blesk is the only solution that does all aspects of network monitoring from one machine. The solution is fast and easy to deploy, with a high ROI. It is the first industry-standard monitoring application to integrate Open Source monitoring technologies from around the globe in one, very...

Compare
vs.

RedSeal

All your network environments, public clouds, private clouds, on premises, are secured in one dynamic visualization. All four branches of military trust this visualization. It includes the most trusted financial institutions and power grid companies in the world, as well as mission-critical...

Compare
vs.

Nagios Network Analzyer

Network Analyzer gives administrators an in-depth view of all network traffic sources and possible security threats. This allows system administrators to quickly gather high-level information about the health of the network and highly granular data to complete and thorough network...

Compare
vs.

Trellix Endpoint Forensics

State-of-the-art signatureless detection and protection against advanced threats, including zero days, is what you can expect. Combine heuristics with code analysis, statistical analysis, machine learning, and emulation in one advanced sandboxing system. Frontline intelligence from the...

Compare
vs.

Splunk Enterprise

Splunk makes it easy to go from data to business results faster than ever before. Splunk Enterprise makes it easy to collect, analyze, and take action on the untapped value of big data generated by technology infrastructures, security systems, and business applications. This will give you the...

Compare

Similar Software

Sentinel IPS

A range of network security services that are affordable, including a Managed Net Detection & Response team, our unique Network Cloaking™, and CINS Active Threat Intelligence. Comprehensive managed security. This service is designed to support IT teams that are lean and allow them to get back to...

View Software
Suricata

Suricata can perform real-time intrusion detection (IDS), offline pcap processing (NSM), and inline intrusion preventions (IPS) on the network. Suricata analyzes network traffic using powerful rules and signature languages. It also has Lua scripting support to detect complex threats. With...

View Software
Blesk

Blesk is the only solution that does all aspects of network monitoring from one machine. The solution is fast and easy to deploy, with a high ROI. It is the first industry-standard monitoring application to integrate Open Source monitoring technologies from around the globe in one, very...

View Software
NCR Network & Security Services

Internet attackers can attack the IT infrastructure of large and small organizations, threatening your reputation as well as exposing your business and you to costly fines. How can you ensure your security protection is adequate to protect against these threats? It is difficult to identify the...

View Software
EventSentry

Hybrid SIEM solutions combine real-time log monitoring with comprehensive system and network monitoring to provide users with a complete view of their servers, endpoints, and networks. The security event log normalization and correlation engine with descriptive emails alerts provides additional...

View Software