Zeek SSL
- 04 Nov 2024
- 1 Minute to read
- Contributors
- Print
- DarkLight
Zeek SSL
- Updated on 04 Nov 2024
- 1 Minute to read
- Contributors
- Print
- DarkLight
Article summary
Did you find this summary helpful?
Thank you for your feedback
Zeek's SSL (Secure Sockets Layer) log captures details about SSL/TLS sessions on a network, providing visibility into encrypted communications. This log is particularly useful for security analysis, as it reveals information about certificate usage, cipher suites, and connection properties, even if the actual data is encrypted. Zeek’s ssl.log helps monitor SSL/TLS traffic for unusual or potentially risky behavior, such as expired certificates, weak encryption, or unusual patterns in the frequency or duration of SSL sessions.
Was this article helpful?