Intro to Zeek Scripting with Bricata


The goal of this course is to provide you with an introduction to Zeek (formerly Bro) the application and the programming language. While the logs Zeek produces natively can be extremely useful, its full value is realized through its scripting interface.

1 hour 24 minutes
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *

Already have an account? Sign In »

Course Description

Bricata supplies network security solutions that deliver innovative next generation intrusion prevention, advanced threat detection and analysis, and threat hunting to enable large organizations to actively pursue and identify advanced, persistent, and coordinated attacks. What is Zeek Scripting? Zeek (formerly Bro) includes an event-driven scripting language that provides the primary means for an organization to extend and customize Zeek's functionality. Virtually all of the output generated by Zeek is, in fact, generated by Zeek scripts. It's almost easier to consider Zeek to be an entity behind-the-scenes processing connections and generating events while Zeek's scripting language is the medium through which we mere mortals can achieve communication. Zeek scripts effectively notify Zeek that should there be an event of a type we define, then let us have the information about the connection so we can perform some function on it. What is Bricata? A specialized component-based approach to today's attacks has left organizations with a stack of tools to manage that provide a patchwork of uncorrelated data, leaving penetrable gaps and inconsistent security policies. The Bricata platform provides organizations with process automation, streamlining operations with the most effective, affordable solution for situational awareness and proactive threat defense, reducing complexity, dwell time, and time to containment. Bricata's appliances offer a high-efficiency solution delivering innovative next generation, full feature intrusion prevention, advanced threat detection and analytics, and threat hunting. This is the only platform that integrates signature inspection, anomaly detection, and malware conviction engine, with all three engines sharing the workload and expanding the scope and accuracy of attacks. Bricata's high-performance MX and GX hardware platforms provide the power necessary to provide visibility into high speed networks, while Bricata's VGX virtual appliances provide the flexibility and ease of deployment necessary for today's networks.

Learn more about Bricata here Logo