8 October 2019 - Pre-conference Training

(Training slides available for attendees only)

Intro to Zeek, Keith Leighigh, Indiana University

Making Sense of Encrypted Traffic, Matt Bromely and Aaron Soto

9 October 2019 - ZeekWeek Day 1 - Sessions

Opening Remarks, Keith Lehigh, Indiana University (Slides)

Keynote: The Threats are Changing, So are We as Defenders, Freddy Dezeure, Founder and former Head CERT-EU (Slides)

eZeeKonfigurator: Web Frontend for the Config Framework, Vlad Grigorescu, ESnet (Slides)

BZAR – Bro/Zeek ATT&CK-based Analytics and Reporting, Mark Fernandez, Lead Cybersecurity Engineer The MITRE Corporation (Slides)

Run, Zeek, Run!, Jim Mellander, Cybersecurity Engineer, ESnet (Slides)

DNSSEC Protocol Parser - A Case Study, Fatema Bannat Wala, Security Engineer, University of Delaware (Slides)

Profiling in Production, Justin Azoff, Corelight (Slides)

Identifying Small Heavy-Hitter Flows Using Zeek to Optimize Network Performance, Jordi Ros-Giralt, Managing Engineer, Reservoir Labs (Slides)

10 October 2019 - ZeekWeek Day 2 - Sessions

7 Years with Zeek on Commodity Hardware, Michal Purzynski. Engineer, Mozilla Corporation (Slides)

Zeek 3.0.0 and beyond, Robin Sommer, Corelight, CTO and Co-Founder (Slides)

Baseline the Network with Zeek, Adam Pumphrey, Consultant, Nimbus LLC (Slides)

Without U There is No CommUnity, Amber Graner, Zeek Community Director, Corelight (Slides)

Zeek - Incident Response and Beyond, Aashish Sharma, Lawrence Berkeley National Lab (Slides)

Encrypted Things: Network Detection and Response in an Encrypted World, TJ Biehle, Sr. Technical Account Manager, Insight (Slides)

Lightning Talks (Various presenters):

• Zeek Based IPS (Slides)
• Challenge: Zeek on a large amount of low power sensors, Alex Bortok (Slides)
• Using BRO [Zeek] to tattle on other tools, Patrick Cain, The Cooper-Cain Group. Inc. (Slides)
• Contributing to Zeek (How to do a Pull Request), Tim Wojtulewicz, Corelight (Slides)
• Dynamite-NSM, Open-source project for network traffic analysis with Zeek, Suricata, Flow Data and ELK, Oleg Sinitsin, Dynamite.AI (Slides)
• eZeeKonfigurator - notice config, Michael Dopheide, ESnet (Slides)
• How I became a Zeeker & Why I Zeek, Jeff Atkinson (Slides)

Using Zeek for SSL Research, Johanna Amann, Senior Researcher, ICSI / Corelight / LBL (Slides)

11 October 2019 - ZeekWeek Day 3 - Sessions

New Implementation of Zeek Dictionary to use Less Memory, Jason Lu, Senior Staff Software Engineer, Gigamon (Slides)

Introduction to Zeek Script Writing, Seth Hall, Corelight, Chief Evangelist and Co-Founder (No slides were used for this talk; live scripting)

Visualizing, Analyzing and Filtering Zeek Events using a Graphical Frontend and OpenGL, Nick Skelsey, Security Engineer, Secure Network (Slides) (Demo Vids)