Researching common vulnerabilities and best practices for securing Zeek deployments

Hello Zeek Community,

I am currently working on a project to identify potential vulnerabilities within Zeek images and understand best practices for securing Zeek deployments.

I would greatly appreciate it if you could share insights on the following:

What are the most common vulnerabilities or security concerns associated with Zeek deployments (e.g., specific versions, configurations, or integrations)?

Are there any known CVEs or publicly reported vulnerabilities that are particularly relevant to Zeek images or common use cases?

What are the recommended strategies or tools for scanning Zeek images for vulnerabilities?

What are the top security best practices or hardening guidelines you recommend for deploying and managing Zeek in a production environment?

Any guidance, resources, or personal experiences you can share would be incredibly helpful.

Thank you in advance for your time and expertise!