"How Berkeley Lab Helped Develop One of the World's Most Popular Open-Source Security Monitoring Platforms"
In the 1990s, when Vern Paxson was a graduate student in the Network Research Group at Lawrence Berkeley National Laboratory (Berkeley Lab), he developed what is now known as Zeek software. He made this software at Berkeley Lab based on his Internet traffic research. It has become one of the most popular open-source security monitoring platforms in the world. Microsoft announced Zeek's integration into the Windows operating system in October 2022, which will help security teams gain better network visibility and respond more effectively to attacks. Zeek monitors network traffic, as well as records and stores the traffic details in a condensed format. It accomplishes this without interfering with network traffic, which is a requirement when transferring massive data sets generated by US Department of Energy (DOE) science projects. Then, security teams can use Zeek data to analyze potential attacks and gain further insight into network activity. Now, in an effort to enhance its own security systems with a strong and dynamic tool, Microsoft is integrating Zeek into a Windows endpoint security product. This article continues to discuss the Berkeley Lab origins of the Zeek software and its integration into the Windows operating system.