Loading...
Zeek Agent is a free Endpoint Detection and Response tool. Security professionals most commonly compare it with BluSapphire OneAgent™, HarfangLab Cybersecurity Solutions. All 77 alternatives are matched by shared capabilities, tags, and NIST CSF 2.0 coverage.
A closer look at the 8 most relevant alternatives and competitors to Zeek Agent, including their key features and shared capabilities.
Prevention-first EDR stopping zero-day attacks, ransomware, and fileless malware
EDR platform with EPP capabilities for endpoint threat detection and response
Runtime security agent for IoT devices with AI-based threat detection
eBPF-based, AI-driven EDR for edge, containers, and critical infra.
Kernel-level runtime integrity verification using NSA-licensed technology.
Do Not Disturb is a free open-source macOS security tool that detects unauthorized physical access to laptops.
Cutting-edge technology for developing security applications within the Linux kernel.
A free, open-source tool that uncovers persistently installed software on macOS, helping to generically reveal malware.
Prevention-first EDR stopping zero-day attacks, ransomware, and fileless malware
EDR platform with EPP capabilities for endpoint threat detection and response
Runtime security agent for IoT devices with AI-based threat detection
eBPF-based, AI-driven EDR for edge, containers, and critical infra.
Kernel-level runtime integrity verification using NSA-licensed technology.
Do Not Disturb is a free open-source macOS security tool that detects unauthorized physical access to laptops.
Cutting-edge technology for developing security applications within the Linux kernel.
A free, open-source tool that uncovers persistently installed software on macOS, helping to generically reveal malware.
MIDAS (Mac Intrusion Detection Analysis System) - archived and no longer supported.
A bash-based anti-forensic script that monitors USB ports and triggers system shutdown when unauthorized devices are detected.
A tool to locally check for signs of a rootkit with various checks and tests.
Open-source tool for monitoring macOS hosts with detailed system activity insights.
AI-powered endpoint protection, detection, and response platform
Multiplatform endpoint security with detection and response capabilities
Autonomous EDR preventing data theft, ransomware & identity theft attacks
AI-powered EDR solution for endpoint threat detection and automated response
EDR solution with Zero Trust architecture and AI-based malware detection
EDR solution with behavioral analytics and MITRE ATT&CK mapping
EDR solution with ransomware recovery, threat detection, and access control
AI-driven EDR for threat detection, response, and investigation on endpoints
Next-gen antivirus & EDR with pattern/behavior detection engines
EDR platform with automated cross-endpoint correlation and prevention-first approach
EDR solution for endpoint threat detection and response capabilities
AI-powered endpoint protection with integrated EPP and EDR capabilities
EDR solution for endpoint threat detection and response capabilities
EDR platform detecting and remediating endpoint threats with ML-based analysis
AI-based endpoint security with behavioral analysis and autonomous response
Enterprise endpoint protection platform with autonomous response capabilities
AI-powered endpoint protection platform with EDR and identity security
EDR and NGAV solution for endpoint threat detection, prevention, and response
AI-driven endpoint security with prevention, detection, and response capabilities
EDR solution with automated threat detection, remediation, and integrated NGAV
EDR solution with in-memory detection and machine learning capabilities
Managed EDR with 24/7 SOC for Windows, macOS, and Linux endpoints
AI-driven endpoint security platform with EDR, NGAV, and autonomous response
EDR+EPP solution for endpoint protection, threat detection, and response
Endpoint security platform with managed AV, EDR, and 24/7 MDR capabilities
Automated CrowdStrike EDR deployment & mgmt platform for macOS & Windows devices
Unified endpoint security platform with EDR, next-gen AV, and threat hunting
EDR solution for workstations and servers with attack detection capabilities
Behavior-based detection with proactive remediation capabilities for endpoints
AI-driven endpoint security platform with autonomous case management
Endpoint detection and response solution within HYPERSECURE IT platform
APIs for FireEye endpoint security management and monitoring operations
API for automating endpoint security actions and SIEM integrations
AI-driven ransomware detection, prevention, and recovery platform
Cloud-based EDR solution for threat detection and response across endpoints
Managed EDR solution with 24/7 SOC, AI-driven threat detection, and Zero Trust
Real-time endpoint threat investigation and incident response platform
EDR platform for APT threat hunting and ransomware prevention with MDR
EDR platform with integrated SIEM and SOAR for unified threat detection
Policy-based EDR solution monitoring endpoints for IoCs with automated responses
Endpoint security agent with ZTNA, EDR, and secure remote access capabilities
AI-driven endpoint protection platform for threat detection and response
Ransomware-specific detection tool for rapid identification of extortion attacks
AI-powered EDR detecting zero-day threats & APTs via behavioral analysis
Cross-platform EDR sensor for endpoint threat detection and telemetry.
Managed EPP, EDR, and patch management service for business endpoints.
On-premises/hybrid EDR with local threat detection, response, and NAC integration.
Unified endpoint control plane combining EDR, EPP, and XDR with NAC/ZTNA enforcement.
European EPP+EDR+ASM platform with IKARUS malware engine in a single agent.
Enterprise endpoint security platform with EDR, XDR, and risk analytics.
Endpoint utility for EDR/XDR alert validation and user phishing reporting.
Endpoint agent detecting in-memory malicious code execution on Windows.
AI-powered ransomware detection & response agent with pre-execution blocking.
AI-based on-device endpoint agent for DLP, insider threat, and AI security.
Enterprise endpoint security with EDR, anti-ransomware, and behavior blocking
Comprehensive cybersecurity platform for hybrid and multi-cloud environments
A comprehensive utility that shows what programs are configured to run during system bootup or login, and when you start various built-in Windows applications.
OpenEDR is an open-source platform enhancing cybersecurity through real-time detection and analysis of cyber threats.
YARA-Endpoint is a client-server architecture tool that can be used for endpoint protection and incident response.
ProcFilter is a process filtering system for Windows with built-in YARA integration, designed for malware analysts to create YARA signatures for Windows environments.
Doorman is an osquery fleet manager that allows administrators to remotely manage the osquery configurations retrieved by nodes.
A script that validates Group Policy Object audit settings required for proper Microsoft Defender for Endpoint functionality.
Monitor WMI consumers and processes for potential malicious activity
An Event Hub to gather, process, and monitor system events and link them to an inventory.
A Unix-based tool that scans for rootkits and other malware on a system, providing a detailed report of the scan results.
Common questions security professionals ask when evaluating alternatives and competitors to Zeek Agent.
The most popular alternatives to Zeek Agent include BluSapphire OneAgent™, HarfangLab Cybersecurity Solutions, Exein Runtime, AI EdgeLabs Host Platform Security, and Invary Runtime Integrity Solution. These Endpoint Detection and Response tools offer similar capabilities and are frequently compared by security professionals evaluating their options.
