BZAR Update - .zeek File Extensions and ATT&CK Sub-Techniques

Fernandez_Mark_I · October 11, 2020, 8:48pm

All –

New update to BZAR is available. Summary of changes is listed below. For more information, see the CHANGES file.

[09/29/2020] Renamed .bro scripts to .zeek
[10/09/2020] Renamed eight (8) ATT&CK® Techniques, according to the new ATT&CK Sub-Techniques nomenclature in the July 2020 (v7) release of MITRE’s Enterprise ATT&CK framework. Some techniques split apart into two or more sub-techniques. The new nomenclature is represented in BZAR-related entries in the Zeek Notice Log.

For the new version, use the Zeek package manager or download from the following URL: https://github.com/mitre-attack/bzar

Mark I. Fernandez

The MITRE Corporation

Topic		Replies	Views
UPDATE: Bro/Zeek ATT&CK-based Analytics and Reporting (BZAR), by MITRE Zeek	1	92	May 6, 2022
Bro/Zeek ATT&CK-based Analytics and Reporting (BZAR), by MITRE Zeek	6	266	May 6, 2022
BZAR Update - Config Options for Detection, Reporting, and Whitelisting Zeek	1	145	May 6, 2022
BZAR (Bro/Zeek ATT&CK-based Analytics and Reporting) Zeek	1	196	May 6, 2022
: Bro/Zeek ATT&CK-based Analytics and Reporting (BZAR), by MITRE Zeek	2	72	May 6, 2022