Zeek Insights | Sumble

What is Zeek?

Zeek (formerly known as Bro) is a powerful network analysis framework. It provides a comprehensive platform for network security monitoring, enabling real-time analysis of network traffic. Zeek is often used for intrusion detection, anomaly detection, and security research, and is valued for its ability to provide deep insights into network behavior beyond simple signature-based detection. It parses network traffic and uses event-based language for customized analysis.

Find organizations using Zeek on Sumble →

What other technologies are related to Zeek?

Zeek Competitor Technologies

Suricata

Suricata is an open-source network intrusion detection system (NIDS), intrusion prevention system (IPS) and network security monitoring engine. It competes with Zeek in the network security monitoring space.

mentioned alongside Zeek in 39% (1.1k) of relevant job posts

Snort

Snort is another open-source network intrusion detection system that competes with Zeek in the network security monitoring space.

mentioned alongside Zeek in 8% (393) of relevant job posts

Corelight

Corelight provides commercial network sensors based on Zeek. They offer a commercial version of Zeek, effectively competing with the open source offering and other NSM tools.

mentioned alongside Zeek in 23% (56) of relevant job posts

Zeek Complementary Technologies

Arkime

Arkime (formerly Moloch) is an open source, large scale, full packet capturing, indexing, and database system. It can be used with Zeek for enhanced network traffic analysis.

mentioned alongside Zeek in 61% (111) of relevant job posts

Logstash

Logstash is a data processing pipeline that can be used to ingest and process Zeek logs for analysis.

mentioned alongside Zeek in 3% (491) of relevant job posts

YARA

YARA is a tool aimed at helping malware researchers to identify and classify malware samples. It can be integrated with Zeek to detect malicious activity.

mentioned alongside Zeek in 7% (190) of relevant job posts