The latest Zeek newsletter has a neat trick for analyzing multiple PCAP files in one go  

https://community.zeek.org/t/zeek-newsletter-issue-59-january-2026/7944#p-29641-zeek-techniques-3

#Zeek #NetworkSecurity #OpenSource

RE: https://infosec.exchange/@zeek/116014186286025272

What operational problems have you found hiding in your logs?

#Zeek #NetworkSecurity #OpenSource

Malcolm: A powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts

Check ✅️ it out:
https://github.com/idaholab/Malcolm

#cybersecurity #infosec #threathunting #suricata #zeek #pcapanalysis #networktrafficanalysis

🔧 Malcolm Integration
bash

# Malcolm's zeekctl.cfg or local.zeek
redef SSL::root_certs += {
["PolarProxy Root CA"] = "/opt/polarproxy/certs/rootCA.pem"
};

# In Malcolm's docker-compose.yml, ensure port mapping:
# zeek:
# ports:
# - "57012:57012/tcp" # For PolarProxy PCAP feed

30 protocols but what about hashcat - how many protocols now?

Hashcat Protocol Support Count - As of hashcat v6.2.6 (latest stable), here are the current protocol/hash mode counts:
Total Protocols/Hash Modes: 423+

(This number grows with nearly every release) #hashcat,net #zeek

If you've wanted to learn Zeek scripting but didn't know where to start, Evan put together a comprehensive tutorial covering the basics through building a real detection.

https://www.youtube.com/watch?v=nae8cdrUUKY

#Zeek #NetworkMonitoring #Infosec

The schedule for our workshop at CERN is coming together: https://zeek.org/workshop-cern-2026/schedule/

Register today and join us in Geneva next month 🇨🇭

#Zeek #OpenSource #NetworkSecurity #NetworkMonitoring #Infosec

New on the blog: JA4 fingerprints in Zeek. Install the package, configure it, start detecting. Learn more: https://zeek.org/2026/01/how-to-use-ja4-network-fingerprints-in-zeek/

#Zeek #OpenSource #NetworkSecurity #ThreatHunting #InfoSec

Want to write custom Zeek detections? Evan's scripting tutorial covers the basics - types, events, functions, and building a working script from scratch.

https://youtu.be/nae8cdrUUKY

#Zeek #NetworkSecurity #OpenSource #InfoSec

We just published a walkthrough explaining the change to ZeroMQ as the default cluster backend in Zeek 8.1. It's worth a watch if you're curious about why this change happened and how it works:
https://youtu.be/EeW_Oo-xNdQ

#Zeek #NetworkSecurity #OpenSource #InfoSec

Excited to share that Zeek 8.1 is live with major updates: better JavaScript support, WebSocket API enhancements, and ZeroMQ introduced as the default cluster backend  

Learn more: https://community.zeek.org/t/zeek-feature-release-8-1-0/7934

#Zeek #NetworkSecurity #OpenSource #InfoSec