Zeek Newsletter - Issue 19 - July 2022

Welcome to the Zeek Newsletter.


In this Issue:

  • TL;DR
  • Development Updates
  • Zeek Blog and Mailing List
  • Zeek in the Community
  • Zeek Package Updates
  • Zeek in the Enterprise
  • Upcoming Events
  • Zeek Related Jobs
  • Get Involved

TL;DR

Zeek 5.0.0 is here, and ZeekWeek 2022 will take place October 11-14, in Austin, Texas, USA. Abstracts for talk submissions must be submitted by August 17 2022. Notifications will be sent by September 1 2022. Please read on for more.


Development Updates

On July 5, Tim Wojtulewicz announced the release of Zeek 5.0.0. This is a LTS release.

See the release notes for details:

https://github.com/zeek/zeek/releases/tag/v5.0.0

Binary packages for the new releases are available:

https://github.com/zeek/zeek/wiki/Binary-Packages

Updated source code is available:

https://zeek.org/get-zeek

https://download.zeek.org/zeek-5.0.0.tar.gz

Please try Zeek 5.0.0 and let us know what you find. There has been great discussion in the Zeek Slack about this release. Thank you to everyone who has participated.

On June 30 Benjamin Bannier announced the release of Spicy 1.5.0. See the NEWS file for a high-level summary, or the CHANGES file for a detailed list of changes.

https://github.com/zeek/spicy/blob/v1.5.0/NEWS.rst

https://github.com/zeek/spicy/blob/v1.5.0/CHANGES


Zeek Blog and Mailing List

Johanna Amann migrated the mailing list to a Discourse platform in late May. The site is available here:

https://community.zeek.org

If you create a new account with the same email address that you used with the previous mailing list, all your old posts will be assigned to you. Please let us know if you encounter any issues, either by Slack, email, or the site-feedback category on Discourse.

The old mailing list archives now redirect to this site:

https://community.zeek.org/archives/list/zeek@lists.zeek.org/

If you’d like to read the Leadership Team meeting notes, they are here:

https://github.com/zeek/zeek/wiki/LT-Meeting-Notes


Zeek in the Community

On July 6, Fatema Bannat Wala hosted a Zeek community call. The recording is here:

https://www.youtube.com/watch?v=GgJ9RS_Xe-0

The Zeek training team conducted a free community training session on May 20. Thank you to everyone who taught and participated, especially instructors Keith Lehigh, Fatema Bannat Wala, and Aashish Sharma. The entire 8 ½ hour session is live on YouTube:

https://www.youtube.com/watch?v=yBE4TrE6lhY

Keith and Fatema teach for the first 4 1/2 hrs. At the 4:32:15 mark, Aashish begins his scripting session. You can access the available training materials and artifacts here:

https://github.com/zeek/zeek-training


Zeek Package Updates

The following packages recently reported updates (as of July 18), via this search:

https://github.com/zeek/packages/pulls?q=is%3Apr+is%3Aclosed

check for spicyz in system before spicy-plugin in build_command
#186 by mmguero was closed 11 days ago

The packages.zeek.org site reported the last 5 updates as of July 18:

7/18/22, 3:22 AM bro-af_packet-plugin
7/18/22, 3:22 AM zeek-af_packet-plugin
7/17/22, 2:53 AM zeek-community-id
7/14/22, 7:28 AM spicy-ldap
7/13/22, 9:06 PM GQUIC_Protocol_Analyzer


Zeek in the Enterprise

On July 13, Seth Grover announced the release of Malcolm 6.1.0, with Zeek 5.0.0. Check out the release page on GitHub:

https://github.com/idaholab/Malcolm/releases

On July 7, Dominik Lohmann announced the release of Vast 2.1. Check out his post for details:

https://vast.io/blog/vast-v2.1


Upcoming Events

On June 9, Johanna Amann announced the call for presentations for ZeekWeek 2022. The project will hold the conference the week of October 11-14, in Austin, Texas, USA.

Abstracts for talk submissions must be submitted by August 17 2022. Notifications will be sent by September 1 2022.

See the post for more information:

https://zeek.org/2022/06/09/zeek-week-2022-call-for-presentations/

On July 14, Doug Burks provided details on the upcoming security conferences in the Augusta, GA, USA region in late September 2022, including Security Onion Conference 2022. See his post for more:

https://blog.securityonion.net/2022/07/registration-now-open-for-augusta-cyber.html

On September 28, Swapneel Patnekar will host a webinar for APNIC titled “Packets don’t lie – Threat Hunting with Zeek.” See this announcement for details:

https://academy.apnic.net/en/webinar-upcoming/packets-dont-lie-threat-hunting-with-zeek-98212583294

See https://zeek.org/events/ for other events.


Zeek Related Jobs

The following are a sampling of job opportunities that mention Zeek skills.

Senior CyberSec Architect
DTG Consulting Solutions, Inc. New York, NY
https://www.linkedin.com/jobs/view/senior-cybersec-architect-at-dtg-consulting-solutions-inc-2917242421

Security Engineer
Criterion Systems North Las Vegas, NV
https://www.linkedin.com/jobs/view/security-engineer-at-criterion-systems-3173082093

Cyber Threat Hunter, Senior
Booz Allen Hamilton Seattle, WA
https://www.linkedin.com/jobs/view/cyber-threat-hunter-senior-at-booz-allen-hamilton-3028113349

For more, see https://www.linkedin.com/jobs/search/?geoId=103644278&keywords=zeek


Get Involved

If you have any comments or material for the newsletter please email news@zeek.org or join the #news Slack channel.

https://zeekorg.slack.com

The Slack channel has been very active during the past month. Here is an invitation link:

https://join.slack.com/t/zeekorg/shared_invite/zt-12z1pjy93-zuVGuT1BF~yUJJvERxhp7g

Stay up to date by subscribing to the Zeek mailing list:

https://community.zeek.org

Follow us on Twitter:

https://twitter.com/Zeekurity

Subscribe to our video channel:

https://www.youtube.com/channel/UC1K5-MWaM1XZcEFPCMrmNMw

See you next time!