Tuesday, November 19, 2019 

11:00 a.m. ET/ 8:00 a.m. PT

To conduct hunting operations, threat hunters need to make quick sense of their environment. Since nearly all attacks must cross the network, it’s an essential source of truth—yet common sources of network data such as Netflow records and DNS server logs provide minimal details and are difficult to correlate.
 

A better source of network data exists, however, in one of the industry's best-kept secrets: the open-source Zeek network security monitor. Zeek (formerly known as Bro) transforms raw network traffic into high-fidelity logs that comprehensively summarize network activity across more than 35 protocols at less than 1% the size of full traffic capture--perfect for enabling fast and easy search in SIEM solutions like Splunk.
 

Register for this webcast to hear from Roger Cheeks, Solution Engineer at Corelight, to learn how you can use Zeek logs in Splunk to answer critical questions and expand threat hunting capabilities.

Presenter
Roger Cheeks
Solution Engineer
Corelight
View Biography

Registration details:

By registering you are accepting our Privacy Policy and Terms of Use.

Our registration process uses cookies, by submitting this registration form you agree to our cookie policy.

(*) denotes required form field(s)

Submit