Decisions and Revisions - The Ever Evolving Face of the Black Hat NOC

Conference:  BlackHat EU 2019



The presentation discusses incidents and challenges faced by security practitioners in protecting networks and endpoints. It emphasizes the importance of diligence and collaboration in ensuring network security.
  • Incidents such as web shell attacks and unencrypted endpoint monitoring pose significant threats to network security
  • Security practitioners should not trust other companies to protect their networks and should double-check their own security measures
  • Collaboration with partners and the use of tools such as wireless spectrum analysis can enhance network security
  • The presentation aims to change the stigma surrounding the Black Hat Network and make it more accessible to users
The presenter recounts an incident where they had to enter a classroom and tell the students to stop attempting SQL injections outside of the Black Hat Network. They also discuss the use of automation and visualization tools to make their job easier.


This session is your chance to get up close and personal with the Black Hat NOC. We'll walk you through the process of deciding what equipment and services we deploy on the Black Hat network, and our reasoning around those decisions. We'll also discuss the changes we make when deploying and securing a network in the U.S., Europe, and Asia, and will share some of the behavioral differences we see in the attendees of those shows, both good and bad. And of course, there will be stories and stats! We'll provide a full debrief of the activity we experienced this year, what has changed since past shows, and what that means for our industry as whole.