Zeek
zeek.orgThe world's leading platform for network security monitoring
Securitynetwork-securityopen-sourceintrusion-detectiontraffic-analysissiemnidscybersecurity
About
Zeek (formerly Bro) is an open-source network security monitoring platform that passively analyzes network traffic in real-time. It captures high-fidelity transaction logs, file contents, and customizable data outputs suitable for integration into SIEM systems. Originally developed by Vern Paxson in the 1990s, the project is now supported by the broader open-source community and Corelight.
Problem
Security teams lack deep visibility into network activity and need a passive, high-fidelity monitoring tool that doesn't interfere with traffic flow.
For
Security analysts and network defenders in enterprise, university, and government environments
How it works
Zeek runs on a sensor that mirrors network traffic, analyzes packets in real-time, and outputs structured logs and data that can be reviewed manually or fed into SIEM platforms.
Business model
open-source
Status
launched
Company
Corelight
Launched
1990
Founders
- Vern Paxson