Zeek
The world's leading platform for network security monitoring

Zeek (formerly Bro) is an open-source network security monitoring platform that passively analyzes network traffic in real-time. It captures high-fidelity transaction logs, file contents, and customizable data outputs suitable for integration into SIEM systems. Originally developed by Vern Paxson in the 1990s, the project is now supported by the broader open-source community and Corelight.
Zeek runs on a sensor that mirrors network traffic, analyzes packets in real-time, and outputs structured logs and data that can be reviewed manually or fed into SIEM platforms.
Security analysts and network defenders in enterprise, university, and government environments
Background.
- Status
- launched
- Business model
- open-source
- Company
- Corelight
- Launched
- 1990
Founders
- Vern Paxson
Similar projects.
Editorial take on the space this project sits in — momentum signals, adjacent moves, our call on whether the wedge is real. Get pinged when we publish a new read or when the landscape shifts.
Have a take on this space?
Tell us what you’d build differently, where you think the incumbents miss, or what we’ve gotten wrong about this project. Comments + reactions are coming soon.