Zeek Network Security Monitor
With company founders being active members of the Zeek-IDS community and a former developer of the commercial Zeek-based platform, Critical Path Security can advise and consult from a unique perspective.
The problem: Too many alerts. Too little context.
Missing an intrusion on your network is probably not because you don't have enough log data. It’s likely that you are missing the necessary visibility into network traffic or it is delivered in a manner that’s not actionable.
Platforms like Zeek-IDS can help solve those problems by not relying on static, atomic indicators to generate alerts. Zeek looks at traffic from a contextual point-of-view and alerts on correlated indicators of compromise.
Critical Path Security has a dedicated research team that develops wire level behavioral detections for Bro/Zeek IDS. We have experience developing custom detections in diverse environments which include ICS & SCADA. Our red team brings back network captures from engagements to our lab where we create detections based off the latest attacks our penetration testers are successfully executing.
Critical Path Security has extensive experience in consulting with organizations looking to go farther that static analysis will allow.
"Cheers gentlemen, thank you for a flawless execution and delivery" - TM