Welcome to the Zeek Newsletter.
In this Issue:
- TL;DR
- Development Updates
- Zeek in the Community
- Zeek in the Enterprise
- Friends of Zeek
- Upcoming Events
- Zeek Package Updates
- Get Involved
[TL;DR]
Zeek webinars continue. See Upcoming Events for details. Also check out the development update in the next section.
Registration is still open for the free two day Zeek workshop in Munich, Germany on 26-27 February 2025. Day 1 features technical presentations by the Zeek team and community. We’ll cover common use cases, recent releases, Zeek’s roadmap, and more. Day 2 offers optional, hands-on training by Zeek team members on Incident Response with Zeek and Writing Zeek Analyzers With Spicy. See this site for details:
https://zeek.org/workshop-muc-2025/
Development Updates
Christian wrote:
“We’re closing in on Zeek 7.1, the next feature release in Zeek’s current release cycle. Here’s a quick look at our planned release timeline.
Early next week the last planned 7.1 features will land in our master branch. We’re planning to fork the release branch and create RC1 on Friday, December 13 (yes, we believe in lucky numbers!). Given the upcoming holiday break and end of the year, we’re aiming to release 7.1 on January 6, to give our community ample time to test the release candidates.
As in past years, the 7.1 release will mark the end of updates to our past LTS line, 6.0.x. We’ll decide whether that series will receive a final patch release around the time of 7.1 finalization. We will likely do a patch release for 7.0 around the same time.
If you’re running Zeek clusters in production and would like to help us test our release candidates, we’d very much like to hear from you. While our testsuites cover much of Zeek’s functionality, we do rely on Zeek users and the testing subgroup for the final go-ahead for a release. If you’d like to join our testing subgroup, please get in touch on Slack.”
Tim released Zeek versions 6.0.9 and 7.0.4. These are bugfix and security releases.
https://download.zeek.org/zeek-6.0.9.tar.gz
https://download.zeek.org/zeek-7.0.4.tar.gz
See the release notes for details of the addressed bugs and security issues:
https://github.com/zeek/zeek/releases/tag/v6.0.9
https://github.com/zeek/zeek/releases/tag/v7.0.4
Binary packages for the new releases will also be available shortly:
https://github.com/zeek/zeek/wiki/Binary-Packages
For more information on release cadence, see:
https://github.com/zeek/zeek/wiki/Release-Cadence
Zeek in the Community
Seth published a new version of Malcolm. Please see the project site for details:
Zeek in the Enterprise
The recording of the 6 November webinar, How Zeek Helps Secure Open Science by Aaron J. Scantlin, is live here:
https://youtube.com/live/45DN9ilF8g4
The recording of the 13 November webinar, What’s in a Name – Hiding in Plain Sight by Brian Olson, is live here:
https://youtube.com/live/gEl5vZwNvfk
The recording of the 20 November webinar, Parsnip: Lowering the Barrier of Entry for Parser by Melanie Pierce, is live here:
https://youtube.com/live/gEl5vZwNvfk
Friends of Zeek
The Suricata project released version 7.0.7. Visit their site for details:
Upcoming Events
The next Zeek webinar, Zeek File Extraction and Automating Malware Analysis by Seth Grover, will take place on Wednesday 11 December 2024 at 1 pm ET. Register for free here:
https://us06web.zoom.us/webinar/register/WN_6CfZ3o3DRnuYE9o5G2sqwg
The next Training Group Call is 20 December at 12 noon ET. Here is the Zoom link:
<https://ESnet.zoom.us/j/6445948648>
Meeting ID: 644 594 8648
Passcode: Rockon!
The next Zeek Community Call is scheduled for 1 January at 1 pm ET but will likely be deferred to February due to the holiday. There is no need to register. Here is the Zoom link:
https://us06web.zoom.us/j/99882457331?pwd=WVZLRGtpbmx1V2FqSnlRT1FLRC9lQT09
Zeek Package Updates
Changes to packages are available via this search:
https://github.com/zeek/packages/pulls?q=is%3Apr+is%3Aclosed
The https://packages.zeek.org site reported the last 5 updates as of 2 June:
12/9/24, 4:15 AM shodan-zeek
11/25/24, 11:34 AM ssl-extensions
11/21/24, 1:51 PM zeek-perf-support
11/21/24, 8:55 AM zeekjs
11/20/24, 5:08 PM ja4
Get Involved
If you have any comments or material for the newsletter please email news@zeek.org or join the #news Slack channel.
Here is an invitation to the Slack channel:
https://join.slack.com/t/zeekorg/shared_invite/zt-12z1pjy93-zuVGuT1BF~yUJJvERxhp7g
Stay up to date by joining the Zeek Discourse:
Subscribe to our YouTube channel:
https://youtube.com/c/Zeekurity
Follow us on Mastodon:
https://infosec.exchange/@zeek
The old mailing list archives now redirect to this site:
https://community.zeek.org/archives/list/zeek@lists.zeek.org/
If you’d like to read the Leadership Team meeting notes, they are here:
https://github.com/zeek/zeek/wiki/LT-Meeting-Notes
Follow us on LinkedIn:
https://www.linkedin.com/company/zeekurity
To search LinkedIn for jobs mentioning Zeek skills, use this query:
https://www.linkedin.com/jobs/search/?keywords=zeek
See you next time!