F0rm4t · @F0rm4t
8 followers · 12 posts · Server infosec.exchangeSupercharging Defender for Endpoint with Zeek
The integration of Zeek into Microsoft Defender for Endpoint provides new levels of network analysis capabilities based on deep inspection of network traffic.
can now monitor inbound and outbound traffic with a novel engine that is capable of:
- Session Awareness
- Dynamic Protocol Detection
- Dynamic Scripting Content
#zeek #Corelight #microsoft #defender #microsoft365defender #xdr #edr #azure #windows #linux #network #udp #tcp #networkispection #networkbaseddetections #hunting
#zeek #Corelight #microsoft #defender #microsoft365defender #xdr #edr #azure #windows #linux #network #udp #tcp #networkispection #networkbaseddetections #hunting
F0rm4t · @F0rm4t
4 followers · 6 posts · Server infosec.exchange
Supercharging Defender for Endpoint with Zeek
The integration of Zeek into Microsoft Defender for Endpoint provides new levels of network analysis capabilities based on deep inspection of network traffic.
can now monitor inbound and outbound traffic with a novel engine that is capable of:
- Session Awareness
- Dynamic Protocol Detection
- Dynamic Scripting Content
#zeek #Corelight #microsoft #defender #microsoft365defender #xdr #edr #azure #windows #linux #network #udp #tcp #networkispection #networkbaseddetections #hunting
#zeek #Corelight #microsoft #defender #microsoft365defender #xdr #edr #azure #windows #linux #network #udp #tcp #networkispection #networkbaseddetections #hunting