Talos Takes

Inside the Black Hat NOC: Lessons in Securing One of the Wildest Networks

Cisco Talos

How do you build and defend a network where attacks are not just expected-they're part of the curriculum? In this episode, Hazel talks with Jessica Oppenheimer, Director of Security Operations at Cisco, about the ten years she's spent in the Black Hat Network Operations Center (NOC).

Explore the technical challenges of segmenting and monitoring a network designed for experimentation, live hacking, and hands-on training, including how malicious and benign behaviors are distinguished in real time. Jessica shares how the NOC leverages Cisco technologies like the new machine learning-powered SnortML engine to detect zero-days, outliers, and advanced attack patterns that traditional rule sets miss.

Learn how automation, contextual analysis, and collaborative response drive decision-making in this high-stakes environment, and how those lessons now influence security at global events like the Olympics and the Super Bowl.

For more details, check out the Cisco blog wrap detailing all our Black Hat NOC activity https://blogs.cisco.com/security/bhusa-2025-noc

People on this episode