Zeek Community Survey - Cloud Security

Question Title

* 1. What are the Cloud Security threats / attacks that are most challenging for you to detect in your environment? Select all that apply.

IAM role credential access/theft

Escalation of IAM privileges

Data Exfiltration

Command and Control

Data encryption, ransomware

Other (please specify)

Question Title

* 2. What log sources do you routinely use for detection and investigation in the Cloud? Select all that apply.

API logs

Config logs

S3 access logs

VPC Flow logs

Load Balancer logs

Application logs

Other (please specify)

Question Title

* 3. What are the limitations or gaps in visibility with the current log sources that inhibit your SOC teams?

Question Title

* 4. Do you use (or plan to use) network monitoring tools (such as Zeek) in the Cloud to aid your SOC teams? Select one.

Yes

Plan to use in the next 12 months

Undecided

No plans

Question Title

* 5. Which networking monitoring tools do you use (or plan to use)? Select all that apply.

Zeek

Suricata

Snort

Tcpdump

Tshark

Other (please specify)

Question Title

* 6. What network traffic visibility monitoring points will be most valuable in your environment? Select all that apply.

Firewall, Internet GW, VPN GW

VMs

Containers, microservices

Cloud services (storage, DB, etc.)

SaaS applications

Other (please specify)

Question Title

* 7. What pain points have you experienced in adopting network monitoring solutions in the Cloud? (1-Very important, 5-Not important)

Requires non-cloud native solutions (agents, packet brokers, etc.)

Visibility is not comprehensive enough

Lack of integration with automation / devops tooling

Too much traffic, mostly encrypted traffic, etc.

Question Title

* 8. Would you be willing to participate in a Zeeksperts panel to share your experience in Cloud Security with the community?

Yes

Question Title

* 9. If you answered, "Yes," to question 8 please provide your contact information.

Name

Email Address

Zeek Community Survey - Cloud Security

Question Title

* 1. What are the Cloud Security threats / attacks that are most challenging for you to detect in your environment? Select all that apply.

Question Title

* 2. What log sources do you routinely use for detection and investigation in the Cloud? Select all that apply.

Question Title

* 3. What are the limitations or gaps in visibility with the current log sources that inhibit your SOC teams?

Question Title

* 4. Do you use (or plan to use) network monitoring tools (such as Zeek) in the Cloud to aid your SOC teams? Select one.

Question Title

* 5. Which networking monitoring tools do you use (or plan to use)? Select all that apply.

Question Title

* 6. What network traffic visibility monitoring points will be most valuable in your environment? Select all that apply.

Question Title

* 7. What pain points have you experienced in adopting network monitoring solutions in the Cloud? (1-Very important, 5-Not important)

Question Title

* 8. Would you be willing to participate in a Zeeksperts panel to share your experience in Cloud Security with the community?

Question Title

* 9. If you answered, "Yes," to question 8 please provide your contact information.

Question Title

* 10. Is there anything else about Network Security Monitoring in a Cloud environment that you would like us to know?