Zeek Training sub-group Meeting minutes - 02/18/22

Hi everyone,

Thank you for joining the sub-group meeting this morning. Appreciate the participation.
Please find below the meeting minutes from today’s meeting.

Let me know in case of any questions or issues.

Meeting Minutes:

  • Come up with more type definitions for Zeek Approved training (addition to Zeek Approved training FW) - what presentations/talks should be considered a “Training”.

  • Synchronous -

  • In person trainings

  • Level of training (Intro, intermediate, advance)

  • Async -

  • Self paced trainings - online (Pre-requisites)

  • Level of training (Intro, intermediate, advance)

  • Trainings to get Zeek Approved:

  • Virtually Testing trainings - ZeekU

  • Regular trainings for Zeek -

  • Intro to Zeek training - Get the feedback from Richard

  • Share the pre-reqs. for this training

  • Target audience - Security enggs./analysts…

  • Share the general outline with the audience.

  • Advance Zeek scripting - Reach out to Aashish for providing the training.

  • Other Training ideas:

  • Running Zeek in cluster - in production.

  • What to do with the data Zeek generates - threat hunting training.

  • Philip and Swapneel Volunteered for the training.

  • Terry working on NIST training involve with Zeek -

  • Have an outline of taxonomy

  • Come up with NIST related criteria for Zeek training.