The Bro Network Security monitor is now...

Security's best-kept open-source secret has a new name — Zeek. Read about the Zeek Project's reasons for the name change or watch the reveal.

Zeek and ye shall find!

Zeek logo Zeek logo

Security's best-kept open-source secret has a new name — Zeek. Read about the Zeek Project's reasons for the name change or watch the reveal.

Zeek and ye shall find!

What's Zeek / Bro?

It's the network data you wish you had.

When a security alert fires or when you have a problem to investigate, Zeek / Bro helps you find the problem—faster. It complements signature-based tools to help you rapidly trace complex events across multiple flows and protocols with ease, to quickly pinpoint and resolve security issues.

tracing logs

Zeek has a long, rich history that makes it one of network security’s most powerful tools.

Hear our CEO Greg Bell recount the story and growth of Zeek / Bro:

Highly-structured real time network data.

If your typical response to alerts involves digging through piles of PCAP files or trying to piece together data through thin NetFlow records, there’s a better way. It’s Zeek. Zeek / Bro generates a wide range of rich network information, including logs for:

  • conn
  • capture loss
  • dce rpc
  • dhcp
  • dnp3
  • dns
  • dpd
  • files
  • ftp
  • http
  • intel
  • irc
  • kerberos
  • modbus
  • mysql
  • notice
  • ntlm
  • radius
  • rdp
  • sftp
  • sip
  • socks
  • smb
  • smtp
  • snmp
  • ssh
  • ssl
  • tunnel
  • weird
  • x509

Top organizations use Zeek / Bro to:

Find rogue application deployments