[Zeek] Use cases of Bro for Threat hunting
Chris Walsh
chris at cwalsh.org
Mon Jul 22 10:02:04 PDT 2019
One useful source might be Liam Randall’s training materials, which you can find at https://github.com/LiamRandall
An example of identifying and tracing the behavior of specific malware samples is https://github.com/LiamRandall/BroMalware-Exercise
Additionally, some of the presentations at BroCon 2017 went into detail about identifying/analysing specific real-world threats: https://www.zeek.org/community/brocon2017.html
Chris
> On Jul 22, 2019, at 8:06 AM, Amber Graner <akgraner at corelight.com> wrote:
>
> Hania,
>
> Here's a link to some uses case examples - https://docs.zeek.org/en/stable/examples/
>
> I'm sure others on the list can point you to more specific uses cases.
>
More information about the Zeek
mailing list