New Video from @BlackHatOfficialYT Highlights Collaborative Efforts in Network Operations Center (NOC)

The video presents a detailed report on the Network Operations Center (NOC) of the Black Hat conference, featuring speakers from Cisco, Arista, Palo Alto Networks, and Corelight. Jessica from Cisco introduces the team and emphasizes the importance of collaboration among different companies to ensure network security and smooth operation during the event.

Jonathan from Arista explains that his company provides all the network infrastructure, including wireless access points and switches. He describes the process of setting up the network, which starts with unconfigured equipment and ends with zero-touch configuration via CloudVision. Arista also taps all network traffic for analysis with Corelight's tools. For this conference, Arista deployed 48 access points and 11 switches.

Jimmy from Palo Alto Networks discusses his company's role in network security. He explains that Palo Alto provides a centralized platform for investigation, detection, and response to threats. Unlike a traditional firewall that blocks threats, Palo Alto allows most activities to accommodate cybersecurity offensive demonstrations and training. However, the registration area, where personal information is stored, is heavily protected.

Mark from Corelight describes how his company uses sensors for Network Detection and Response (NDR). Corelight captures network packets and transforms them into logs for analysis. They also provide alerts based on signatures and machine learning algorithms. Mark emphasizes the importance of collaboration among teams to identify and respond to threats.

Jessica from Cisco shares her 10-year experience with Black Hat and explains how the NOC has evolved over time. She mentions the integration of various security tools, including identity management, surveillance cameras, and environmental sensors. She also highlights the importance of network visibility and proactive problem detection.

The video concludes with a Q&A session where the speakers discuss the integration of new technologies like Cloud Access Security Broker (CASB) and the challenges of security in a guest network environment. They note that while CASB is important for cloud application security, its use is limited in a guest network context like that of Black Hat.

In summary, the video highlights the importance of collaboration among different security companies to ensure a secure and functional network during a major conference like Black Hat. It provides insights into the challenges and technological solutions used to protect sensitive data and enable offensive cybersecurity demonstrations.