Zeek

Network monitoring platform with Zeek integration for traffic analysis

Centralized platform for managing and configuring Corelight Sensors

Analyzes encrypted network traffic without decryption for threat detection.

Analytics collection for Zeek-based NDR with threat detection & data controls

Selective packet capture linked to Zeek logs for investigation workflows

Network visibility solution for ICS/OT protocols and device monitoring

Detects command and control activity including C2 toolkits and tunneling.

IDS combining Suricata signature alerts with Zeek network evidence for context

Network security monitoring platform that transforms traffic into transaction logs

NDR platform providing MITRE ATT&CK coverage via Zeek network telemetry

Network sensor appliance for traffic monitoring using Zeek and Suricata

Transforms raw flow logs into enriched Zeek logs for threat detection.

Network detection and response platform with IDS, NSM, and threat intel.

Pattern matching library for strings against large lists of glob patterns

Open source network security monitoring tool for traffic analysis

A network forensics toolkit that transforms network traffic data into graph-based representations for interactive analysis and visualization through a web interface.

A Zeek-based protocol analyzer that parses GQUIC traffic to extract connection metadata and create fingerprints for detecting anomalous network behavior.

ZAT is a Python package that processes and analyzes Zeek network security data using machine learning libraries like Pandas, scikit-learn, Kafka, and Spark.

Zeek Remote desktop fingerprinting script for fingerprinting Remote Desktop clients.

Python application to translate Zeek logs into ElasticSearch's bulk load JSON format with detailed instructions and features.

Open source framework for network traffic analysis with advanced features.