Episode 2 - Inside the Black Hat NOC: Defending a hostile conference network
Corelight DefeNDRs
Richard Bejtlich talks with Corelight Principal Technical Marketing Engineer Mark Overholser about what it takes to run the Black Hat Network Operations Center and keep a “hostile” training network safe. They walk through how partners like Corelight, Cisco, Palo Alto Networks, Arista, and Lumen build and monitor the conference network, how the team tells lab traffic from real infections, and why misconfigured self hosted services still show up in surprising ways. Mark shares how the NOC works together in one room to investigate issues, when they decide to block or intervene, and practical advice for attendees on preparing their devices, monitoring their own traffic with tools like Zeek, and staying safe on conference Wi Fi without living out of a Faraday bag.
Loading