Tool

BSides talks featuring Zeek

86 talks mention this tool across 33 BSides chapters.

Talks featuring Zeek

Open Source Malware Lab

BSides London · 2016

Technical DFIR Detection Engineering Malware Analysis Intermediary Blue Technical Deep-dives Talk

Open →2016-07

Security Onion: Peeling Back the Layers of Your Network in Minutes

BSides Augusta · 2013

Technical Tooling DFIR Detection Engineering Network Security Blue Demo Talk

Open →2013-09

Sweet Security: Deploying a Defensive Raspberry Pi

BSidesSF · 2016

Open →2016-04

Presenting Threat Intelligence Automation Using Jupyter

BSides Delaware · 2017

Open →2017-11

Offensive Anti-Analysis - Holly Williams

Open →2016-07

Threat Hunting On Linux And Mac With Auditbeat System Module

BSides Luxembourg · 2019

Technical DFIR Detection Engineering Blue Talk

Open →2019-11

Implementing a Kick-Butt Training Program: BLUE TEAM GO!

BSidesSF · 2019

Career Blue Talk

Open →2019-03

Open Source Approach: The Next Best Thing in Cyber Incidence Management

BSides DC · 2017

Open →2017-10

Detecting Malicious Websites using Machine Learning

Ajit Thyagarajan Andrew Beard

BSides DC · 2016

Research Technical Detection Engineering Network Security Talk

Open →2016-10

Hunt Or Be Hunted

BSides London · 2017

Technical Blue Talk

Open →2017-06

Threat Hunting with RockNSM

BSides KC · 2018

Technical Blue Talk

Open →2018-06

Machine Learning Fueled Cyber Threat Hunting

BSides Augusta · 2017

Open →2017-09

Threat Hunting by Dhruv Majumdar

BSides Edmonton · 2018

Open →2018-09

Eyeing the Onion

Brad Shoop Chris Rimondi

BSides Augusta · 2013

Technical Detection Engineering Network Security Blue Demo Talk

Open →2013-09

BSides Rochester 2018 - IoT Botnet Detection System using Machine Learning

Open →2018-04

January Presentation Security Data Analysis for the masses

Open →2017-01

"SSH, so hot right now. Profiling it with HASSH" - Ben Reardon & Adel Karimi

Ben Reardon Adel Karimi

BSides Canberra · 2019

Technical Detection Engineering Network Security Threat Intel Talk

Open →2019-05

Alex Kirk - Incident response and threat hunting using Bro/Zeek data

BSides Augusta · 2019

Technical DFIR Detection Engineering Threat Intel Intermediary Blue Case Studies and Incidents Analysis Technical Deep-dives+1

Open →2019-10

A Novel SIEM Solution That Doesn't Cost An Arm And A Leg

BSides Lisbon · 2019

Open →2019-12

Boston BSides - Machine Learning for Incident Detection - Chris McCubbin & David Bianco

Open →2016-08

Post-Quantum Cryptography For 2025

BSides London · 2025

Technical Cryptography Talk

Open →2025-02

Netsec is Dead(?): Modern Network Fingerprinting for Real-World Defense

BSidesSF · 2025

Open →2025-06

Automating Event Log Production & Testing for SIEM Detection

BSides Augusta · 2017

Technical Detection Engineering Tooling Blue Talk

Open →2017-09

Network Reliability Monitoring for ICS – Going beyond NSM and SIEM

BSides DC · 2015

Open →2015-12

From Kali and a Couple of VMs to NextGen Home Lab - An Approach to Practice and Develop your Skills

BSides SATX · 2020

Open →2020-08

PG - From SOC to CSIRT - Ben Butz

BSides Las Vegas

Open →2017-08

Home Labs Without Hardware: Building in the Cloud

BSides Philly · 2020

Open →2020-12

Applying Data Science to Identify Malicious Actors in Enterprise Logs

Balaji Balakrishnan

BSides DC · 2016

Technical Detection Engineering Malware Analysis Threat Intel Blue Talk

Open →2016-10

BSidesIowa 2019 Reviewing PCAPS with Security Onion

Open →2019-04

Tony Lambert - Spotting Lateral Movement with Endpoint Data

BSides Augusta · 2019

Open →2019-10

BSidesSLC Live Stream

Open →2024-09

BSidesAugusta 2014 Mike Reeves - Scaling Security Onion to the Enterprise

BSides Augusta · 2014

Open →2014-09

VMs All the Way Down: Building an Inexpensive, Advanced Infosec Lab

BSides Delaware · 2016

Technical Tooling Intermediary Purple Talk

Open →2016-11

Patrick Perry & TJ Biehle - Encrypted Things - Network Detection and Response in an Encrypted World

Patrick Perry TJ Biehle

BSides Augusta · 2019

Open →2019-10

LOLS: Low-Level Shells — Weaponizing Ethernet for Command Control

Elysee Franchuk Mohnish Dhage

BSides Las Vegas

Technical Network Security Reverse Engineering Advanced Red Talk

Open →2024-09

IDS is dead, long live IDS

BSides Delaware · 2015

Open →2015-11

Build Yourself an Elastic Threat Hunting and Monitoring SIEM

BSides Huntsville · 2021

Open →2021-02

Emergency VPN: Analyzing Mobile Network Traffic To Detect Digital Threats

BSides Liverpool · 2019

Technical DFIR Mobile Security Network Security Case Studies and Incidents Analysis Technical Deep-dives Talk

Open →2019-07

Model Context Protocol (MCP): The Future of AI-Powered SOC Workflows

BSides SLC · 2026

Technical AI Security Detection Engineering Threat Intel Blue Talk

Open →2026-04

The Modern Defender's Toolbox: Low-Cost Solutions for High-End Defense

BSides Augusta · 2025

Technical Blue Talk

Open →2025-10

Press F to MOVEit: A quest to discover how a web shell appeared

BSides Charlotte · 2023

Technical DFIR Malware Analysis Web AppSec Intermediary Blue Case Studies and Incidents Analysis Technical Deep-dives+1

Open →2023-09

Dale Lakes - Home Defense for an IoT Infested World

BSides Augusta · 2019

Open →2019-10

Robust Defense for the Rest of Us

BSides Las Vegas · 2017

Technical Detection Engineering Network Security Threat Modeling Blue Talk

Open →2017-08

Mike Reeves - Taking a Distributed Computing Approach to Network Detection with Bro and the cloud

Open →2015-09

Detecting Network Beaconing With Convolutional Networks And Zeek Logs by Ignacio Arnaldo

Ignacio Arnaldo

BSides Basingstoke

Technical Detection Engineering Network Security Threat Intel Intermediary Blue Technical Deep-dives Talk

Open →2024-03

PATRIOT: Perceiving Advanced Threats by Rogue Internet Of Things

Ajit Thyagarajan

BSides DC · 2017

Open →2017-10

DCO and Data Science: Best Friends Forever

BSides Augusta · 2022

Technical Blue Demo Talk

Open →2022-10

Detecting and analyzing fileless malware

Christopher Williams Evan Wagner

BSides Tampa · 2021

Technical Intermediary Blue Demo

Open →2021-04

Who are the people in your neighborhood? Tracking 'Shady' CIDR blocks

BSides Tampa · 2021

Open →2021-04

Under the Hood of Ransomware.live: Building an Open-Source Ransomware Observatory

Julien Mousqueton

BSides Bournemouth · 2025

Research Technical Malware Analysis OSINT Threat Intel Intermediary Case Studies and Incidents Analysis Empirical Research+1

Open →2025-09

ICS/SCADA Defense

BSides Augusta · 2014

Technical Blue Talk

Open →2014-09

Don't Panic! A Guide to Proactive Security for Small Businesses

Ryan St. Germain Clarissa Bury

BSides Charm · 2023

Technical GRC Threat Intel Tooling Blue Talk

Open →2023-05

Watching Kittens at Play: Dissecting an Iranian Nation State Interactive Intrusion

BSides SATX · 2022

Technical Blue Case Studies and Incidents Analysis Technical Deep-dives Talk

Open →2023-03

Linux Network Defence Evasion Techniques

BSides Newcastle

Technical Malware Analysis Network Security Red Talk

Open →2023-12

GT - Seek out new protocols, and boldly go where no one has gone before

BSides Las Vegas

Open →2024-09

Breakdown of Network IDS/IPS Choices

BSides Delaware · 2016

Open →2016-11

Patrick Perry - Exploit Kits Machine Learning

BSides Augusta · 2016

Open →2016-09

Wes Lambert - Augmenting the (Security) Onion: Facilitating Enhanced Detection and Response

Technical DFIR Detection Engineering Threat Intel Blue Talk

Open →2019-10

PG - Cut the Sh*t: How to Reign in Your IDS - Tony Robinson/da_667

BSides Las Vegas

Open →2016-12

Last Line of Defense Reliability Through Inducing Cyber Threat Hunting

Abdul Basit Ajmal

BSides Islamabad · 2021

Technical Threat Hunting Intermediary Red Technical Deep-dives Talk

Open →2022-05

I Thought I Saw a HAXOR

Thomas V. Fischer

BSides Amsterdam · 2017

Technical DFIR Detection Engineering Threat Intel Blue Talk

Open →2017-09

The NSM Ouroboros: Embracing The Endless Cycle Of Network Security Monitoring

BSides Leeds · 2023

Open →2023-07

PG - Catching Linux Post-Exploitation with Auditd - Eric Gershman

BSides Las Vegas

Open →2016-12

Martin Holste - Beyond Math Practical Security Analytics

BSides Augusta · 2016

Open →2016-09

Quick Picks from Bro/Zeek logs

BSides Delaware · 2018

Open →2018-11

My Cyber Sense Is Tingling! Detection Engineering With Free Tools

BSides SATX · 2025

Open →2025-09

Building a Sawmill: Processing Logs with Security Onion

BSides Peru · 2024

Technical DFIR Detection Engineering Threat Intel Blue Demo Talk

Open →2024-08

GT - Exploration of Novel Visualizations for Information Security Data - Roni Choudhury & Brian Wyli

BSides Las Vegas

Open →2017-08

Armadillo: A layered approach to portable security

Josh Rykowski Sean Eyre

BSides Augusta · 2018

Technical Demo Talk

Open →2018-11

Turbo Tactical Exploitation: 22 Tips for Tricky Targets

BSides Las Vegas 2025

Technical Network Security OSINT Vulnerability Research Red Talk

Open →2025-12

Tom Webb - Incident Response Awakens

BSides Augusta · 2016

Open →2016-09

Cyber Zoology: Protecting Your Network from New Breeds of Attacks with a Raspberry Pi

BSides Toronto · 2018

Open →2018-11

IDS/IPS Choices: Benefits, Drawbacks, and Configurations

BSides Augusta · 2016

Technical Detection Engineering Network Security Threat Intel Blue Talk

Open →2016-09

Catching More Files - Spotting the Adversary with Honey Techniques

BSidesROC · 2023

Open →2024-09

Forensics: We're Not Just Byte-Sized

BSides Basingstoke · 2025

Open →2025-09

PG - Maximizing Bro Detection - John B. Althouse

BSides Las Vegas

Open →2016-12

BG - A Better Way to Get Intelligent About Threats - Adam Vincent

BSides Las Vegas

Open →2016-12

Setting up an in-line Linux server in Azure for NIDS or packet caps

BSides Delaware · 2021

Technical Blue Talk

Open →2021-11

Emulate.Go: Adversary Emulation for CTI Analysts

BSides Toronto · 2020

Technical Detection Engineering Threat Intel Purple Demo

Open →2021-11

Unity Makes Strength

BSides Athens · 2017

Open →2017-10

Hunting Defense Against The Dark Arts

BSides Philly · 2017

Technical Blue Talk

Open →2017-08

Spotlight: Cybera

Open →2021-12

The Declarative Future

Technical Container Security Detection Engineering Web AppSec Keynote

Open →2021-05

Tony Drake Incident Response for the Overwhelmed, Understaffed, and Unprepared

Career DFIR Talk

Open →2021-08

BSidesCharm -2017 -Arming Small Security Programs: Network Baseline Generation and Alerts with Bropy

Open →2021-05

Current State of Virtualizing Network Monitoring

Ed Sealing Daniel Lohin

BSides Charm · 2017

Technical Detection Engineering Network Security Case Studies and Incidents Analysis Technical Deep-dives Talk

Open →2021-05