* [Blog](https://www.paloaltonetworks.com/blog)
* [Palo Alto Networks](https://www.paloaltonetworks.com/blog/corporate/)
* [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/)
* Palo Alto Networks Helps ...

# Palo Alto Networks Helps Secure Black Hat Asia 2025

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2025%2F03%2Fsecure-black-hat-asia-2025%2F)  
[](https://twitter.com/share?text=Palo+Alto+Networks+Helps+Secure+Black+Hat+Asia+2025&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2025%2F03%2Fsecure-black-hat-asia-2025%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2025%2F03%2Fsecure-black-hat-asia-2025%2F&title=Palo+Alto+Networks+Helps+Secure+Black+Hat+Asia+2025&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com/blog/2025/03/secure-black-hat-asia-2025/&ts=markdown)  
\[\](mailto:?subject=Palo Alto Networks Helps Secure Black Hat Asia 2025)  
Link copied  
By [James Holland](https://www.paloaltonetworks.com/blog/author/james-holland/?ts=markdown "Posts by James Holland") and [Jason Reverri](https://www.paloaltonetworks.com/blog/author/jason-reverri/?ts=markdown "Posts by Jason Reverri")  
Mar 19, 2025  
6 minutes  
[Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown)  
[Event](https://www.paloaltonetworks.com/blog/category/event/?ts=markdown)  
[News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events/?ts=markdown)  
[Black Hat](https://www.paloaltonetworks.com/blog/tag/black-hat/?ts=markdown)  
[Black Hat Asia](https://www.paloaltonetworks.com/blog/tag/black-hat-asia/?ts=markdown)  
[Cortex XDR](https://www.paloaltonetworks.com/blog/tag/cortex-xdr/?ts=markdown)  
[Cortex XSIAM](https://www.paloaltonetworks.com/blog/tag/cortex-xsiam/?ts=markdown)  
[NOC](https://www.paloaltonetworks.com/blog/tag/noc/?ts=markdown)  
[SOC](https://www.paloaltonetworks.com/blog/tag/soc/?ts=markdown)  
[Strata Cloud Manager](https://www.paloaltonetworks.com/blog/tag/strata-cloud-manager/?ts=markdown)

Founded by Jeff Moss as a gathering that delved into the hacker mindset, to its current stature as a global industry-leading cybersecurity conference, Black Hat has been a beacon for both the establishment and underground innovators. As a longstanding partner, Palo Alto Networks is proud to play a critical role in securing Black Hat Asia 2025. Our engagement at the Network Operations Center (NOC) and Security Operations Center (SOC) ensures that the conference not only operates without disruption to you, the attendees, but also remains a step ahead of emerging cyberthreats. By providing advanced network security services and cutting-edge AI-driven security operations, we bolster the conference's defenses, embodying the spirit of innovation that Black Hat champions for participants around the world.

The network and security operations center (NOC/SOC) at the [Black Hat Asia Conference](https://www.blackhat.com/asia-25/) serves the critical role of helping ensure that the conference's entire network is running smoothly and efficiently, as well as detecting and responding to any security threats. Black Hat deploys its own bespoke network and infrastructure per event, instead of using the venue's infrastructure. This allows the NOC/SOC to have full visibility into the network. Black Hat can be an attractive target for threat actors looking for the infamy associated with disrupting the conference or stealing personally identifiable information (PII) from attendees.

To thwart attacks from both internal attendees and external actors, Black Hat partners with a select group of cybersecurity organizations. The partners are selected on merit and do not pay to be involved in the conference. Each partner serves a different function, providing solutions that work together to establish and defend a stable and well-protected network. In addition to leading cybersecurity products, each partner provides a crew of experts to operate and work in lock-step with the Black Hat team.

## Trusted Partner of Black Hat

As a trusted partner, Palo Alto Networks has officially supported Black Hat 23 times over the last eight years at their conferences around the world. At this year's Black Hat Asia, we are providing three functions within the NOC/SOC:

1. We will provide the NOC with network security services, including next-generation firewall capabilities, full Layer 3 dynamic routing, comprehensive network segmentation/isolation and protection of the Black Hat owned infrastructure from network attacks.
2. We will provide the SOC with our AI-driven security operations platform to automate and integrate with the different products used by Black Hat.
3. We will collaborate with Black Hat and the other partners to provide threat hunting and threat context of traffic, to help the SOC team determine appropriate courses of action.

Significant portions of the Palo Alto Networks product portfolio are used to provide these services. [Cortex XSIAM^®^](https://www.paloaltonetworks.com/cortex/cortex-xsiam) unifies all the data collected by the tools Black Hat has available, to quickly provide visibility and reporting for threat hunters and NOC guests. Our PA-5430 [NGFWs](https://www.paloaltonetworks.com/network-security/next-generation-firewall-hardware) will be deployed in high availability, protecting Black Hat owned systems and internal infrastructure. The firewalls also provide network App-ID visibility and the full suite of our Cloud-Delivered Security Services on the entire network.
![Screenshot of Threat Dashboard in Strata Cloud Manager showing threat prevention, URL filtering, WildFire, and DNS Security.](https://www.paloaltonetworks.com/blog/wp-content/uploads/2025/03/word-image-336409-1.png)
Threat Dashboard in Strata^®^ Cloud Manager.

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention) to detect network attacks, defend against vulnerabilities, detect malleable C2 and zero day SQLi, as well as CMDi attacks.
* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security) to identify bad domains and detect threats, which leverage DNS as a vector.
* [Advanced URL](https://www.paloaltonetworks.com/network-security/advanced-url-filtering)to identify malicious URLs and detect web-based threats.
* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire) to identify malicious files.
* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-iot-security) to identify device information which is helpful in incident response.

All the NGFWs and services will be monitored by Strata^®^ Cloud Manager's AIOps capabilities for assessing the network security platforms' health, operational readiness and configuration best practice.

The core of the security operations at Black Hat is Cortex XSIAM.
![Screenshot of Cortex XSIAM dashboard.](https://www.paloaltonetworks.com/blog/wp-content/uploads/2025/03/word-image-336409-2.png)
Cortex XSIAM Dashboard from a recent Black Hat Conference.

XSIAM is key to the SOC, consolidating data and logs from all the tools leveraged by Black Hat, including products from the other partners invited to the NOC. The platform helps streamline threat hunting and incident investigation through an automation first approach, utilizing playbooks and integrations to interact with all the products supporting the Black Hat infrastructure. Combined with out-of-the-box AI models, XSIAM is able to prioritize events and give the threat hunters a single place to perform investigations with all the data easily available at their fingertips.

We leverage and inform investigations with threat intelligence sources from Palo Alto Networks [Unit 42](https://www.paloaltonetworks.com/unit42)^®^ and the other partners in the SOC. XSIAM playbooks are used to automatically provide context and enrichment to any incident that occurs, then progress the incidents to investigation and closure. [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr)^®^ agents are deployed on the Black Hat infrastructure to provide OS-level protections and visibility, streaming endpoint telemetry directly into XSIAM.

XSIAM automation processes dynamically change based on how the Black Hat infrastructure is segmented. Incidents originating from training classrooms are handled with lower priority due to the known malicious nature of the training traffic. Live attacks from the internet toward the external perimeter of the environment or the registration network are given much higher priority.

## The Black Hat Infrastructure Is a Target

As one of the largest cybersecurity conferences in the world, Black Hat has some of the most talented researchers attending and speaking about their projects, who oftentimes highlight new attack techniques and vulnerabilities. Over the years, we have seen attendees immediately test these new attacks on the network. They even attempt to attack fellow attendees or the conference infrastructure. This is an excellent example of what organizations face today: Attackers don't need much time to find ways to abuse a software bug or vulnerability.

The conference focuses on the learning and education of advanced attack and defense techniques. With the partners in the NOC, this can happen without being disruptive to all the attendees, allowing people to focus on learning and networking without worrying about their cybersecurity.

The Palo Alto Networks Unit 42 Threat Hunting team is in the NOC, actively reporting credible threats to the Black Hat team, specifically attacks that are against the registration and internal infrastructure. Based on this threat intel, the Black Hat staff is able to leverage Cortex XSIAM integrations to instantly block bad actors through address tagging on the firewall. The team works in close collaboration with the other NOC/SOC partners: Arista, Cisco, Corelight and MyRepublic.

To see the team in action, the Black Hat NOC will be streamed live via the conference [Twitch channel](https://www.twitch.tv/blackhatnoc), or you can visit and tour the [NOC on-site](https://www.blackhat.com/asia-25/noc.html). The partners also give NOC presentations in the Business Hall and Briefings Pass holders can attend the Black Hat Asia NOC Report on the last day of the conference.

### Black Hat NOC Schedule

**NOC Visiting Hours (Melati Jr. Ballroom 4110)**

Tuesday, April 1 - Friday, April 4: 9:00 AM -- 6:00 PM

**Live Stream Hours**

Tuesday, April 1 - Friday, April 4: 9:00 AM -- 6:00 PM

**NOC Presentations (Business Hall Theater A)**

Thursday, April 3: 3:35 PM - 4:00 PM

Friday, April 4: 12:55 PM - 1:20 PM

**The Black Hat Asia Network Operations Center (NOC) Report\***

Friday, April 4: 3:20 PM - 4:00 PM

*\*Available to Briefings Pass holders only.*

*** ** * ** ***

## Related Blogs

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events/?ts=markdown)

[#### Palo Alto Networks Secures Black Hat from Itself](https://www.paloaltonetworks.com/blog/2023/07/secure-black-hat-from-itself/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### What's Next with Cortex](https://www.paloaltonetworks.com/blog/2023/03/whats-next-in-cortex/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown)

[#### What's Next in Cortex - New Wave of Innovations in Cortex (June 2024 Release)](https://www.paloaltonetworks.com/blog/security-operations/whats-next-in-cortex-new-wave-of-innovations-in-cortex-june-2024-release/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown), [Public Sector](https://www.paloaltonetworks.com/blog/category/public-sector/?ts=markdown)

[#### SEC Rule Sparks Reimagining of Cybersecurity Operations](https://www.paloaltonetworks.com/blog/2023/08/sec-rule-cybersecurity-operations/)

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/security-operations/category/use-cases/?ts=markdown)

[#### Not in My Sandbox: Save Those Deployment Tears](https://www.paloaltonetworks.com/blog/security-operations/not-in-my-sandbox-save-those-deployment-tears/)

### [AI Application Security](https://www.paloaltonetworks.com/blog/network-security/category/ai-application-security/?ts=markdown), [AI Governance](https://www.paloaltonetworks.com/blog/category/ai-governance/?ts=markdown), [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Firewall](https://www.paloaltonetworks.com/blog/category/firewall/?ts=markdown), [Next-Generation Firewalls](https://www.paloaltonetworks.com/blog/network-security/category/next-generation-firewalls/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### Palo Alto Networks Announces Support for NVIDIA Enterprise AI Factory](https://www.paloaltonetworks.com/blog/2026/01/support-nvidia-enterprise-ai-factory/)

### Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language