New Video from @BlackHatOfficialYT: Behind the Scenes of Black Hat Network Management

The video begins with an introduction of the presenters, Neil Wiler, alias Grifter, and Bart Stump, who are key figures in the field of cybersecurity and the hacker community. They are responsible for managing the network for the Black Hat conferences, a major event in the world of computer security. Grifter and Bart explain their role and the importance of their work, emphasizing that preparation for these events begins immediately after the previous show in Las Vegas. One of the key points of the discussion is the setup of the network for Black Hat Europe 2024. The presenters explain that the network is entirely built from scratch for each event, using equipment and software provided by partners. They stress that these partners are not sponsors but collaborators chosen for their cutting-edge technological solutions. The network is designed to be extremely robust and secure, capable of handling a large amount of traffic and potential threats. The video also details the various technologies used to monitor and secure the network. Tools such as PaloAlto for firewalls, Cisco for telemetry and DNS security, Arista for access points and switches, and Corlite for packet monitoring are mentioned. These tools are integrated to provide complete visibility over the network, allowing for the quick detection and response to threats. An interesting aspect of the presentation is the use of dashboards to monitor the network in real-time. Grifter and Bart explain how these dashboards, initially considered unnecessary, have become essential for effectively managing the network. They allow for the quick visualization of anomalies and corrective actions without constantly querying technical teams. The video also addresses the challenges and evolutions of the network over the years. The presenters discuss the different stages of securing, from simple network segmentation to deep traffic analysis and threat hunting. They mention the importance of automation in managing the increasing scale of events and threats. Several anecdotes and practical cases are shared, such as the discovery of malicious servers reused for different attacks, or attempts at pentesting conducted directly from the conference network. These examples illustrate the unique challenges the team faces and the measures taken to overcome them. Finally, the video concludes with a Q&A session where the presenters answer questions from the audience. They discuss how they handle incidents, the tools used for dashboards, and the types of traffic observed on the network. To learn more, watch the full video here: https://www.youtube.com/watch?v=X-9jPKwwL8w