appalachian
deleware
indiana
ohio

Learn how top network security pros use Zeek to defend campus networks.

Corelight assembled a panel of top network security professionals from universities across the United States to speak about their own Zeek deployment architectures and security use cases. Learn from the pros!

Join the data-first revolution in network security design.

Leading security organizations use Zeek as the foundational layer in a network architecture that provides complete, actionable network visibility that can be deployed in any network environment and centralizes data in a common repository (e.g., a SIEM).

Compared to network architectures where visibility is limited and decentralized, this data-first design pattern can dramatically accelerate security operations and analytics. Learn how.

government-security-stack

Corelight Sensors make it easy to deploy and manage Zeek, at scale.

Monitor your Science DMZ.

education-elephant
elephant

The Corelight AP 3000 Sensor can shunt large, long-lived elephant flows (e.g., video files) using a hardware NIC on the box—so you can scale beyond 25 Gbps. Learn more.

Graduate to enterprise-grade Zeek:

government-splunk
elastic
enterprise-bitcoin
enterprise-icon-target
  • Manage sensor configurations and monitor key health metrics via an intuitive web interface
  • Out-of-the-box integration with your favorite tools, like Splunk, Elastic, Kafka and more...
  • Activate Corelight-verified Zeek packages with one click for additional traffic insights, like cryptocurrency mining activity alerts
  • Easily filter out unneeded Zeek logs to control traffic volumes to your SIEM
  • And more

See why Corelight and Zeek earn stellar marks:

CSO Magazine reviewed Corelight Sensors and called them a network security person’s dream, noting that Corelight "transforms network data adding value and detail that you won’t get anywhere else." Read more.

Case Study

This university created custom threat detections with Zeek.

When server and firewall logs left critical visibility gaps, this university turned to Zeek logs as their primary source of network visibility and wrote custom scripts to track behaviors like known-C2 server communications and port scanning to root out attacks.

Download case study

corelight-ccs-research-university