* [Blog](https://www.paloaltonetworks.com/blog)
* [Security Operations](https://www.paloaltonetworks.com/blog/security-operations/)
* Continuing the Mission: S...

# Continuing the Mission: Securing Black Hat Asia 2026

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fsecurity-operations%2Fcontinuing-the-mission-securing-black-hat-asia-2026%2F)  
[](https://twitter.com/share?text=Continuing+the+Mission%3A+Securing+Black+Hat+Asia+2026&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fsecurity-operations%2Fcontinuing-the-mission-securing-black-hat-asia-2026%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fsecurity-operations%2Fcontinuing-the-mission-securing-black-hat-asia-2026%2F&title=Continuing+the+Mission%3A+Securing+Black+Hat+Asia+2026&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com/blog/security-operations/continuing-the-mission-securing-black-hat-asia-2026/&ts=markdown)  
\[\](mailto:?subject=Continuing the Mission: Securing Black Hat Asia 2026)  
Link copied  
By [James Holland](https://www.paloaltonetworks.com/blog/author/james-holland/?ts=markdown "Posts by James Holland") and [Jason Reverri](https://www.paloaltonetworks.com/blog/author/jason-reverri/?ts=markdown "Posts by Jason Reverri")  
Apr 15, 2026  
5 minutes  
[Black Hat Asia](https://www.paloaltonetworks.com/blog/tag/black-hat-asia/?ts=markdown)  
[Black Hat NOC](https://www.paloaltonetworks.com/blog/tag/black-hat-noc/?ts=markdown)  
[Cortex XSIAM](https://www.paloaltonetworks.com/blog/tag/cortex-xsiam/?ts=markdown)  
[NOC](https://www.paloaltonetworks.com/blog/tag/noc/?ts=markdown)

Black Hat Asia stands as the premier cybersecurity event in the APAC region, where elite researchers unveil zero-day exploits, trainers demonstrate cutting-edge attack techniques, and thousands of security professionals gather at Marina Bay Sands in Singapore to push the boundaries of what's possible. The conference demands a unique approach to its network security---one that must simultaneously protect critical infrastructure while allowing controlled chaos to unfold in the training environments.

As a longstanding partner, Palo Alto Networks is proud to return and play a critical role in securing Black Hat Asia 2026. Our engagement at the Network Operations Center (NOC) and Security Operations Center (SOC) helps ensure that the conference not only operates without disruption to attendees, but also remains a step ahead of emerging cyberthreats.

### **Architecture Built for Controlled Chaos**

Black Hat's network architecture reflects the unique requirements of hosting security professionals who routinely exploit systems as part of their work. With attendees learning new techniques at all levels, the network cannot simply be left wide open; it requires deep visibility and granular control.

To support this, we provide the NOC with advanced network security services, including next-generation firewall capabilities, and comprehensive network segmentation. Our PA-5430 NGFWs are deployed in high availability to protect Black Hat-owned systems and internal infrastructure. The firewalls operate on a contextual security model: they detect and log malicious activity, but only block traffic based on its source, destination, and intent. If an attack originates from a training class to a benign or expected destination, it is monitored; if an external actor attacks the registration servers, they are immediately blocked.
![Screenshot: Palo Alto Networks, Black Hat’s official Network Security Platform, showing threats alerted versus threats blocked at Black Hat Asia 2025. Threats to the event infrastructure are blocked, training class activity is allowed.](https://www.paloaltonetworks.com/blog/wp-content/uploads/2026/04/word-image-356781-1.png)
Screenshot: Palo Alto Networks, Black Hat's official Network Security Platform, showing threats alerted versus threats blocked at Black Hat Asia 2025. Threats to the event infrastructure are blocked, training class activity is allowed.

### **Zero-Hour Defense Against Live Exploits**

The NOC team operates in a perpetual state of zero-hour response, where the normal flow of threats and simulated attacks blend together. As researchers take the stage to disclose brand-new vulnerabilities, our NOC team is immediately monitoring the data, and protecting the infrastructure as attendees begin testing those newly revealed techniques in real-time.

This dynamic environment creates unprecedented challenges. Our response requires immediate, on-the-fly collaboration between Palo Alto Networks engineers, Unit 42 Threat Intelligence teams, and other NOC partners. By triaging detections using Cortex XSIAM in real-time, we ensure malicious activity is tracked without disrupting the educational flow of the conference.

### **Managing the Issue Fatigue with AI-Driven Automation**

The conference generates an immense volume of threat events, with activity patterns spiking during training days as students practice newly learned techniques. Cortex XSIAM fundamentally changes security operations through intelligent automation, allowing the team to manage terabytes of data, generating thousands of issues and hundreds of cases without overwhelming the analysts.

XSIAM consolidates data and logs from all the tools and infrastructure leveraged by Black Hat, including products from the other NOC partners. We rely heavily on automated playbooks to handle the sheer volume of "Black Hat positives"---legitimate attacks that trigger security controls but represent expected behavior within training environments. Playbooks automatically evaluate and close these cases. All of this data and automation in XSIAM empowers an LLM-based chatbot integrated directly into the Black Hat NOC team's communication tool. This helpful agent collaborates with the threat hunters, allowing direct analyst interaction in the chat, accelerating triage and any required incident response.
![Screenshot: Cortex XSIAM, Black Hat’s official Security Operations Platform, showing integrations with other partner vendors.](https://www.paloaltonetworks.com/blog/wp-content/uploads/2026/04/word-image-356781-2.png)
Screenshot: Cortex XSIAM, Black Hat's official Security Operations Platform, showing integrations with other partner vendors.

### **Multi-Vendor Integration in a High-Stakes Environment**

The Black Hat NOC operates as a real-world example for multivendor security integration. Partner organizations collaborate seamlessly, leaving any industry competition at the door to focus on the unified mission of securing the event.

In Singapore, this collaboration is critical. The Palo Alto Networks team works closely with Arista for network availability and security, Cisco on malware analytics and network monitoring integrations, collaborates with Corelight to analyze deep network traffic detections, and monitors JAMF to help protect the conference's physical assets. The NOC environment serves as the ultimate proving ground to build and test these integrations, which ultimately benefit enterprise customers who deploy multi-vendor security stacks.

### **See the Team in Action**

To see the team in action, the Black Hat NOC will be streamed live via the conference [Twitch channel](https://www.twitch.tv/blackhatnoc), or you can visit and tour the [NOC on-site](https://blackhat.com/asia-26/noc.html). The partners also give NOC presentations in the Business Hall and Briefings Pass holders can attend the Black Hat Asia NOC Report on the last day of the conference.

**Black Hat NOC Schedule (2026 Dates \& Times TBD)**

* **NOC Visiting Hours**
* **Live Stream Hours**
* **NOC Presentations (Business Hall Theater)**
* **The Black Hat Asia Network Operations Center (NOC) Report\*** *(Available to Briefings Pass holders only)*

*** ** * ** ***

## Related Blogs

### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Event](https://www.paloaltonetworks.com/blog/category/event/?ts=markdown), [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events/?ts=markdown)

[#### Palo Alto Networks Helps Secure Black Hat Asia 2025](https://www.paloaltonetworks.com/blog/2025/03/secure-black-hat-asia-2025/)

### [AI and Cybersecurity](https://www.paloaltonetworks.com/blog/security-operations/category/ai-and-cybersecurity/?ts=markdown), [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Use-Cases](https://www.paloaltonetworks.com/blog/security-operations/category/use-cases/?ts=markdown)

[#### When Global Conflict Reaches the SOC: Respond at Scale with XSIAM](https://www.paloaltonetworks.com/blog/security-operations/when-global-conflict-reaches-the-soc-respond-at-scale-with-xsiam/)

### [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown)

[#### Boost SOC Efficiency: Data Control with Cortex XSIAM \& Chronosphere](https://www.paloaltonetworks.com/blog/security-operations/boost-soc-efficiency-data-control-with-cortex-xsiam-chronosphere/)

### [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Uncategorized](https://www.paloaltonetworks.com/blog/category/uncategorized/?ts=markdown)

[#### Beyond the Cloud Dashboard: Exposure Management Requires Full-Scope Visibility and Real Action](https://www.paloaltonetworks.com/blog/security-operations/beyond-the-cloud-dashboard-exposure-management-requires-full-scope-visibility-and-real-action/)

### [AI Application Security](https://www.paloaltonetworks.com/blog/network-security/category/ai-application-security/?ts=markdown), [AI Governance](https://www.paloaltonetworks.com/blog/category/ai-governance/?ts=markdown), [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Firewall](https://www.paloaltonetworks.com/blog/category/firewall/?ts=markdown), [Next-Generation Firewalls](https://www.paloaltonetworks.com/blog/network-security/category/next-generation-firewalls/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### Palo Alto Networks Announces Support for NVIDIA Enterprise AI Factory](https://www.paloaltonetworks.com/blog/2026/01/support-nvidia-enterprise-ai-factory/)

### [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown), [Uncategorized](https://www.paloaltonetworks.com/blog/category/uncategorized/?ts=markdown)

[#### From ILOVEYOU to AI Defenders -- 25 Years of Email Evolution](https://www.paloaltonetworks.com/blog/security-operations/from-iloveyou-to-ai-defenders-25-years-of-email-evolution/)

### Subscribe to Security Operations Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language