惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

F
Fortinet All Blogs
S
Secure Thoughts
月光博客
月光博客
美团技术团队
雷峰网
雷峰网
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
N
News and Events Feed by Topic
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
Forbes - Security
Forbes - Security
W
WeLiveSecurity
P
Proofpoint News Feed
阮一峰的网络日志
阮一峰的网络日志
爱范儿
爱范儿
G
GRAHAM CLULEY
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
AI
AI
Last Week in AI
Last Week in AI
Google Online Security Blog
Google Online Security Blog
Schneier on Security
Schneier on Security
云风的 BLOG
云风的 BLOG
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Recent Announcements
Recent Announcements
Webroot Blog
Webroot Blog
T
Tor Project blog
Cisco Talos Blog
Cisco Talos Blog
N
News and Events Feed by Topic
罗磊的独立博客
The Register - Security
The Register - Security
Blog — PlanetScale
Blog — PlanetScale
T
Threat Research - Cisco Blogs
博客园 - 【当耐特】
Apple Machine Learning Research
Apple Machine Learning Research
人人都是产品经理
人人都是产品经理
T
The Exploit Database - CXSecurity.com
www.infosecurity-magazine.com
www.infosecurity-magazine.com
B
Blog
腾讯CDC
Microsoft Azure Blog
Microsoft Azure Blog
酷 壳 – CoolShell
酷 壳 – CoolShell
H
Hacker News: Front Page
Application and Cybersecurity Blog
Application and Cybersecurity Blog
Engineering at Meta
Engineering at Meta
Latest news
Latest news
IT之家
IT之家
D
DataBreaches.Net
博客园 - 司徒正美
N
Netflix TechBlog - Medium
V
V2EX
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知

Security @ Cisco Blogs

We third-party tested our firewall built for AI-scale. The test tools hit their limit first. SharpHound Recon Attack - How AI enhanced the threat hunt Machine Speed, Human Judgement: How AI Changed the SOC in 2026 Elevating Expertise in the SOC Educate at Event Speed: Cisco Live Security Operations Center What Working the Cisco Live SOC Taught Me About AI, Detection, and Response Cable to Cloud - A Product Engineer's Journey Through the Cisco Live AMER 2026 SOC The Experience Dividend: How Better Digital Experience Protects Revenue, Trust, and Growth AIM: Building an Agentic Tier-2 SOC Analyst at Cisco Live AMER 2026 Building the Agentic SOC at Cisco Live Americas 2026 Ten Years in the SOC at RSAC: What We Learned in 2026 Uplevelling Black Hat Threat Hunters Making Workflow Runs Explain Themselves: AI-Powered Run Summaries in Cisco XDR Automate Independent Testing Confirms Secure Email Threat Defense’s Email Security Strength Defenseclaw for On-Prem AI SOC Workflow at Black Hat Asia Cisco Secure Access with MCP Infrastructure at Black Hat Asia 2026 The Essence of Black Hat – Collaboration with Partners Black Hat Asia 2026: A Decade in Singapore Black Hat Asia 2026: Threat Hunters’ Corner Unveiling the Power of Integration: XDR, Splunk, Corelight, Arista and Palo Alto Networks in Action at Black Hat Asia Security in the Post-Mythos Era Cisco SASE with Meraki: Get in the Fast Lane to SASE Extending Zero Trust Across the Agentic AI Workflow Strengthening the Foundation: A Predictable, Customer focused Response to AI-Accelerated Vulnerability Discovery Quantum Resilience Needs a Common Language. Here’s Where to Start. Security at Cisco Live: Going Shields Up for the Agentic Era Identity Elevated: A New Unified Identity Experience in Cisco Cloud Control Security Needs a New Operating Model Cisco Secure Access and Microsoft Purview Integration for Simplified Data Protection Cisco Secure Access and Island Browser Enable Zero Trust Everywhere Finding what lives between the alerts: Announcing Cisco Talos Threat Hunting From Log Flood to Threat Signal: Cisco and Splunk Bring Context to Modern Defense Cisco Secure Access and Microsoft Edge for Business Integration Why Network Segmentation Projects Fail: Four Patterns Cisco’s Risk-Based Vulnerability Disclosure in the Age of AI Enhancing Cisco Secure Email Gateway: Safer Clicks and Cleaner Files AI-generated reporting: Lessons learned from Cisco Talos Incident Response Inside the SOC: AI-powered DNS defense against ransomware Security Insights: A Threat-First View for the Platform That Enforces Access From Strategy to Architecture: How Cisco is Building a Quantum-Safe Future AI-Ready, Simpler, and More Secure WAN: Cisco SD-WAN Innovations Designing for What’s Next: Securing AI-Scale Infrastructure Without Compromise Preparing for Post-Quantum Cryptography: The Secure Firewall Roadmap Powering MWC Barcelona – Building a Unified SOC and NOC with Splunk in Record Time AI-powered Network Security at the Mobile World Congress 2026 SNOC Inside the Mobile World Congress 2026 SOC: Detecting Shadow Traffic with Firepower 6100 Data Optimization in Security: A Splunk Architect’s Perspective Inside the Talos 2025 Year in Review: A discussion on what the data means for defenders Zero Trust for Agentic AI: Safeguarding your Digital Workforce The Agent Trust gap: What Our Research Reveals About Agentic AI Security Meet Your Incident Responders
Mobile World Congress 2026: AI-powered Network Security
2026-04-09 · via Security @ Cisco Blogs

At this year’s Mobile World Congress in Barcelona, service providers showed up from around the world to join over 115,000 attendees from 210 countries. With more than 3,000 exhibitors, sponsors, and partners on-site, the event showcased a transformative array of technologies—from the first practical applications of 6G and industrial IoT to autonomous, unified security for an AI-native future.

Watch FNTV interview from the SOC

This marked the second year of the combined Security and Network Operations Center (S/NOC) at the world’s largest mobility and network conference. We leveraged the lessons learned from previous SOC deployments, adding the new Secure Firewall 6160, which is designed specifically for AI-ready data centers.

Build your AI infrastructure foundation

Cisco’s S/NOC focused on innovation, unveiling a suite of next-generation solutions, including AI-driven predictive networking and autonomous security operations. Our high-profile media announcements and live demonstrations of intelligent wireless infrastructure underscored a steadfast commitment to defining the next era of global digital communications.

The “One Cisco” strategy reached its full potential on the world stage, seamlessly unifying networking, security, observability, and Splunk’s data-driven insights to deliver unparalleled business outcomes. This holistic approach demonstrated exactly how our customers can build sovereign, AI-ready data centers, optimize hyper-distributed workplaces, and achieve total digital resilience in an increasingly complex landscape.

MWC2026S NOC

The core missions of the S/NOC at MWC 2026 were:

  • Protect: Safeguarding the network from internal and external threats.
  • Educate: Engaging attendees through immersive SOC tours, insightful blog content, and our latest white paper.
  • Innovate: Developing and implementing new integrations, workflows, and automations to set the standard for the future. 
MWC2026SOCdashboards
Clockwise from the upper left quadrant: Firepower in Security Cloud Control, Splunk Cloud dashboard for MWC, Splunk Enterprise Security Mission Control and Cisco XDR. 

Investigative Workflow

The firewall and Secure Access DNS logs were sent to Splunk Cloud as the S / NOC platform. Detections from security events were correlated in XDR for Incident generation; and Tier 1 triage / Tier 2 investigation. From hundreds of thousands of alerts, dozens of Incidents were created for investigation, ranked by priority / impact. The beta Agentic AI ‘Instant Attack Storyboard’ was used to help triage Incidents, for example this Excel file sent in the clear contained an embedded PDF file, a common way to compromise networks in a phishing attack.

MWC2026PDFinvestigation XDRAI1

The Top AI Recommendations included File Analysis for confirmation. The Tier 1 / Tier 2 analysts were empowered to pivot into Secure Malware Analytics to exam the file.

MWC2026PDFinvestigation XDRAI2

Analysis of the file determined it was not malicious but was a leak of confidential information in clear text over the network.

MWC2026PDFinvestigation SMA

The analyst in XDR had the ability to complete the Incident investigation or escalate for a deeper look in Splunk Enterprise Security (ES) by a Tier 3 Threat Hunter/Incident Responder. The worklog of the XDR analyst, AI generated report and Observables (IP addresses, hash values, user data, etc.), were automatically sent to Splunk ES for Investigation, with a simple status change in XDR.

MWC2026PDFinvestigation ES

You can read more about this bi-directional integration in the blog from the SOC team at Cisco Live EMEA 2026 just two weeks prior.

The Statistics

Statistics are always a popular part of the SOC discussions. Below are the stats from this year’s event.

MWC2026Networkdashboard Splunk
Year 2026 
Attendees (MWC)104,497
Total logs captured (Splunk)580 million
Total unique devices (Firewall in Splunk)40,075 
Total logs written to cloud (Splunk)4.3 TBs
Peak bandwidth utilization (Firewall)3.5 Gbps
DNS Requests (Cisco Secure Access)245.5 million / 45.7k would have been blocked
Files sent for malware analysis (Firewall)5 sent to Secure Malware Analytics 

Files were compared to a known file database prior to submission

SOC Findings and Lessons Learned 

Dive deeper into the innovation and technical details with the following blogs, written directly by the engineers on the ground in the MWC SOC:

Acknowledgements

Our appreciation to the engineers whose expertise made the first Mobile World Congress 2026 SNOC a success.

SOC Team

Network Operations Center Liaisons

  • Ivan Padilla Ojeda

Cisco Security and Splunk SOC Team

  • Splunk Enterprise Integrations: Christian Cloutier, with Ivan Berlinson
  • Firewall / Cloud Control: Christopher Grabowski, with Adam Kilgore
  • User Protection Suite / DNS: Apostolos Kouloukourgiotis
  • XDR / Duo Directory: Adi Sankar

We’d love to hear what you think! Ask a question and stay connected with Cisco Security on social media.

Cisco Security Social Media

LinkedIn
Facebook
Instagram