By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
World of SoftwareWorld of SoftwareWorld of Software
  • News
  • Software
  • Mobile
  • Computing
  • Gaming
  • Videos
  • More
    • Gadget
    • Web Stories
    • Trending
    • Press Release
Search
  • Privacy
  • Terms
  • Advertise
  • Contact
Copyright © All Rights Reserved. World of Software.
Reading: Inside Black Hat’s Network Security Operation: Humans Are Still a Problem
Share
Sign In
Notification Show More
Font ResizerAa
World of SoftwareWorld of Software
Font ResizerAa
  • Software
  • Mobile
  • Computing
  • Gadget
  • Gaming
  • Videos
Search
  • News
  • Software
  • Mobile
  • Computing
  • Gaming
  • Videos
  • More
    • Gadget
    • Web Stories
    • Trending
    • Press Release
Have an existing account? Sign In
Follow US
  • Privacy
  • Terms
  • Advertise
  • Contact
Copyright © All Rights Reserved. World of Software.
World of Software > News > Inside Black Hat’s Network Security Operation: Humans Are Still a Problem
News

Inside Black Hat’s Network Security Operation: Humans Are Still a Problem

News Room
Last updated: 2025/08/09 at 11:40 PM
News Room Published 9 August 2025
Share
SHARE

LAS VEGAS—The network at Black Hat probably shouldn’t work: People have to set up high-end networking gear over a few days, then have 20,000 or so developers, engineers, researchers, and other techies stress the network while testing a variety of attacks that the admins generally have to let go unless they see attendees directly attacking each other. 

And yet it works as well as any conference network I’ve used. Certainly better than the in-house Wi-Fi I see at the same Mandalay Bay conference-center venue during CES. 

“It’s my most stressful two weeks out of my year,” said Neil (Grifter) Wyler, co-lead of the Black Hat network operations center (NOC) and, the rest of the year, vice president of defensive services at the security firm Coalfire, in an interview Wednesday. “But I also love it.”

Starting the week before this conference, technicians set up the network, bringing in two Lumen 10Gbps circuits and 145 Arista Networks Wi-Fi access points as well as an array of hardware, software, and services from the conference’s other network-operations partners–Cisco Security, Corelight, and Palo Alto Networks–in between to help orchestrate the network.  

“We are constantly upgrading the network,” Wyler said. “We have our partners that are solid, but we’re always trying out new things as well.”

Stats shown in a presentation Thursday afternoon about the NOC suggest that this year’s things worked exceedingly well: 100% internet availability, average Wi-Fi throughput of roughly 800Mbps (with a peak of about 4.2Gbps), 28.4TB of wireless data transferred as of the presentation’s preparation earlier Thursday, 462TB of total network traffic.

Wyler said a surprisingly high share of that network traffic consists of software updates. Yes, many security professionals wait until getting to a hacker conference to install patches.

“We see the panic updates that happen when people get on site,” he said. “Some of the most significant amount of traffic that traverses the network is just people updating their machines. It’s wild.”

A crew of professionals ran the network from a small room off a side aisle, with one wall lined with monitors showing data from the various monitoring systems and potential security issues as well as a larger projection screen displaying a visualization of network interactions that vaguely evoked the Atari 2600 classics Missile Command and Asteroids.

Yet another screen at the far corner screened a series of hacking-adjacent thrillers. Thursday afternoon’s fare included the Bond flick GoldenEye, followed by Jason Bourne.

Two red rotary-dial phones hooked up to a VoIP service occasionally rang with real-time reports of problems. 

Much of Black Hat network management consists of tolerating sketchy user behaviors that network admins would want to quash at other events, which here usually involve attendees testing a technique taught in a session.

“The stuff that happens at Black Hat, conferences don’t like to deal with that,” said James Pope, head of Black Hat’s security operations center and, outside the event, Corelight’s director of technical marketing engineering. “It’s okay in this environment,” he said, adding that “illegal stuff is still illegal at Black Hat.” When admins spot that, they have to tell the attacker to knock it off.

Newsletter Icon

Get Our Best Stories!

Stay Safe With the Latest Security News and Updates


SecurityWatch Newsletter Image

Sign up for our SecurityWatch newsletter for our most important privacy and security stories delivered right to your inbox.

Sign up for our SecurityWatch newsletter for our most important privacy and security stories delivered right to your inbox.

By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy.

Thanks for signing up!

Your subscription has been confirmed. Keep an eye on your inbox!

AI and other forms of automation now field almost all incident reports. A slide in Thursday’s NOC presentation reported that of 1,763 incidents, 1,721 were handled automatically. “We’re not immune to the siren song of AI,” Wyler said. “We’re using it to help us find anomalies on the network.”

For example, AI can quickly spot the one person out of 50 in a classroom who’s not doing the same things as everybody else in that training session: “This one guy over here who’s sending this different exploit to some other place, what’s he doing?” 

A red rotary-dial phone in Black Hat's NOC

If this phone rings, somebody should answer it ASAP. (Credit: Rob Pegoraro)

Black Hat admins will often catch malware in action on attendee hardware and then have to break the news to people who may not be in the right headspace to receive it. “A lot of very senior security people don’t like being told they have a problem with their security,” Pope said.

The Risks of Vibe Coding

But AI–in particular, how it enables quick vibe coding–is also now contributing to poor security practices. “What we’re seeing is a lot more apps that have insecure things in them,” Pope observed. “They pulled in a library or package; maybe AI didn’t know how to do it right.”

Recommended by Our Editors

(Pope admitted that he himself vibe-coded the network visualizer shown in the NOC, which he then named Vibes.) 

The NOC presentation highlighted one such case of sloppy coding: a Korean search engine that offered a voice-search option that did not provide any encryption of the data in transit. 

Pope added that a similar sort of sloppiness with self-hosting has emerged this year: “We’re seeing a whole lot more of people who are backhauling something from their laptop or their phone to their home via cleartext.”

Black Hat (Finally) Embraces Encryption

But overall, Black Hat attendees are doing much better than they have in recent years about encrypting their internet traffic in transit. The Thursday briefing revealed that 91.18% of the traffic flowing across Black Hat’s network was encrypted, with 8.82% in the clear. 

That’s still below the 94% figure that Google reports for pages loaded with encryption in Chrome for Windows, but it also represents a serious improvement from Black Hat’s history–last year, only 73.8% of network traffic was encrypted. “This year is the first we broke 90%,” Wyler said.

After further examples of lightly mocking the bad decisions made on Black Hat’s network from Wyler, Pope and fellow NOC lead Bart Stump (also Coalfire’s managing principal), Wyler wrapped up the briefing on a different note.

When you go home, he said, fire up the open-source network-analysis tool Wireshark and see what data your own apps and devices might be leaking. And if you don’t like what you find, remember that when you’re dealing with your users.

“I think it’s good for us to have some empathy,” he said. “We’re all in the same boat; sometimes we all click the link.”

About Rob Pegoraro

Contributor

Rob Pegoraro

Rob Pegoraro writes about interesting problems and possibilities in computers, gadgets, apps, services, telecom, and other things that beep or blink. He’s covered such developments as the evolution of the cell phone from 1G to 5G, the fall and rise of Apple, Google’s growth from obscure Yahoo rival to verb status, and the transformation of social media from CompuServe forums to Facebook’s billions of users. Pegoraro has met most of the founders of the internet and once received a single-word email reply from Steve Jobs.

Read Rob’s full bio

Read the latest from Rob Pegoraro

Sign Up For Daily Newsletter

Be keep up! Get the latest breaking news delivered straight to your inbox.
By signing up, you agree to our Terms of Use and acknowledge the data practices in our Privacy Policy. You may unsubscribe at any time.
Share This Article
Facebook Twitter Email Print
Share
What do you think?
Love0
Sad0
Happy0
Sleepy0
Angry0
Dead0
Wink0
Previous Article Take-Two Interactive Software First quarter 2026 Profit: Beats expectations
Next Article Microsoft Lens PDF Scanner will get killed before the end of 2025
Leave a comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Stay Connected

248.1k Like
69.1k Follow
134k Pin
54.3k Follow

Latest News

Today's NYT Mini Crossword Answers for Aug. 10 – CNET
News
iPhone 17 Models ‘Likely’ to Have Higher Prices, Another Analyst Says
News
Qidi Plus 4 Review: This 3D Printer Can Make Nearly Anything
News
Best Tablets Under Rs 20,000 in India With Metal Body, Powerful Chipset and Smooth Performance
Mobile

You Might also Like

News

Today's NYT Mini Crossword Answers for Aug. 10 – CNET

2 Min Read
News

iPhone 17 Models ‘Likely’ to Have Higher Prices, Another Analyst Says

7 Min Read
News

Qidi Plus 4 Review: This 3D Printer Can Make Nearly Anything

11 Min Read
News

Revamp your PC with Windows 11 Pro for $15

2 Min Read
//

World of Software is your one-stop website for the latest tech news and updates, follow us now to get the news that matters to you.

Quick Link

  • Privacy Policy
  • Terms of use
  • Advertise
  • Contact

Topics

  • Computing
  • Software
  • Press Release
  • Trending

Sign Up for Our Newsletter

Subscribe to our newsletter to get our newest articles instantly!

World of SoftwareWorld of Software
Follow US
Copyright © All Rights Reserved. World of Software.
Welcome Back!

Sign in to your account

Lost your password?