. https://www.lookingglasscyber.com/blog/zeek-based-security-detection-mitigation/
blog article
Today, there are many open-source software projects that provide incredible value to solving a myriad of problems for security detection and mitigation, but not all frameworks necessarily translate from conception into operation easily. Zeek is different. Rooted in 20 years of research,  Zeek, an open-source software project that can help security operations teams achieve more effective threat detection, bridges the gap between academia and operations. Zeek is a network analysis framework focused on network security monitoring based on over 20 years of research. Originally developed by Vern Paxson, Zeek is an open-source project maintained by ICSI Berkeley, CA and NCSA Urbane-Champaign, IL. Zeek should be considered a worthwhile security operations capability because of its ability to be used in a flexible and adaptable manner to provide complete visibility to all network application behaviors. READ MORE