CloudShark, a web-based packet analysis platform, provides valuable network insights faster with Zeek logs.
QA Cafe, a leading provider of innovative test and analysis software solutions for communication and information technology teams, today announced that CloudShark Enterprise, secure packet analysis and management platform designed for increasing team efficiency, now supports the fast and powerful logging capabilities of Zeek. The integration associates traffic logs with the raw packet data within a beautiful user interface, gaining instant visibility into the underlying network traffic and enabling faster issue resolution.
CloudShark users can now benefit from instant access to Zeek logs when performing retrospective analysis across historical data without the need for additional software. CloudShark provides a seamless user experience with easy to navigate summary tables, filters, analysis view presets, and the ability to quickly pivot back to the pcap. With this level of network visibility, teams can protect the business by exposing strange network behavior, increase analyst productivity, and streamline incident response and security operations.
“CloudShark has always been about analyzing network issues faster through cataloging, collaboration, and adding context to packets,” said Zach Chadwick, Product Manager for CloudShark. “We believe in helping teams get access to the information they need to solve problems. Adding Zeek logs to CloudShark’s easy to use web-interface is the next exciting step in our continuous evolution of packet analysis.”
Zeek (formerly Bro) is a passive network traffic analyzer. It is primarily a security monitor that inspects all traffic on a link for signs of suspicious activity, but can also be used to illuminate many different kinds of network behavior. It is a trusted tool used by today’s network and security experts. As an open-source project, Zeek is maintained by the leadership team at zeek.org and has a vibrant community expanding its capabilities through a scripting language optimized for network analysis.
CloudShark is a secure modern platform empowering networking teams to collaboratively store, organize and analyze packet captures. Teams can quickly access packet capture history, safely open them on any device, and share analysis all through a web browser. By increasing collaboration across teams, CloudShark increases efficiency and company productivity.
CloudShark’s Zeek Logs analysis tool will be free to all active CloudShark systems as part of the 3.8 release. Companies interested in CloudShark Enterprise should contact sales@cloudshark.io, and attend a special webinar session covering Zeek in CloudShark.