Zeek

zeek.orgLaunched 1990

The world's leading platform for network security monitoring

Visit
Zeek screenshot
/ About /

Zeek (formerly Bro) is an open-source network security monitoring platform that passively analyzes network traffic in real-time. It captures high-fidelity transaction logs, file contents, and customizable data outputs suitable for integration into SIEM systems. Originally developed by Vern Paxson in the 1990s, the project is now supported by the broader open-source community and Corelight.

/ How it works /

Zeek runs on a sensor that mirrors network traffic, analyzes packets in real-time, and outputs structured logs and data that can be reviewed manually or fed into SIEM platforms.

/ Who it's for /

Security analysts and network defenders in enterprise, university, and government environments

/ More info /

Background.

Status
launched
Business model
open-source
Company
Corelight
Launched
1990

Founders

  • Vern Paxson
/ Discovered patterns /

Similar projects.

Coming soonSpektrail’s read on Security

Editorial take on the space this project sits in — momentum signals, adjacent moves, our call on whether the wedge is real. Get pinged when we publish a new read or when the landscape shifts.

Coming soon

Have a take on this space?

Tell us what you’d build differently, where you think the incumbents miss, or what we’ve gotten wrong about this project. Comments + reactions are coming soon.