You
MUST register through eventbrite to gain access to this session (Day 3)
Out of the box, Zeek comes with scripts for identifying malicious or suspicious traffic. These scripts are designed to be customizable to your environment, as "malicious" and "suspicious" are highly subjective. In this talk, we'll report on an emerging effort to migrate these to zkg packages. This provides a number of benefits, including faster iteration, a more community-driven feature set, explicit dependencies, and a more manageable codebase. To streamline this migration with consistent, maintainable, CI-enabled packages, we will also present a new open-source zkg package template authored by ESnet that lets script authors hit the ground running and avoid several potential pitfalls during package creation.
Slack Channel for this session -#vzw-day3-talk1-roadmap
Haven't joined the Zeek Slack space yet you can do so at:
https://join.slack.com/t/zeekorg/shared_invite/zt-cgz9wa7p-BXihgVtZlmnRfHZXmUltZQLink to Session Survey - https://forms.gle/aFCTXniakuJGi7YN9 (this is part of the roadmap session number 15 on the survey)
