惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Spread Privacy
Spread Privacy
P
Palo Alto Networks Blog
P
Proofpoint News Feed
AI
AI
Help Net Security
Help Net Security
S
Securelist
T
Troy Hunt's Blog
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
C
Cisco Blogs
Scott Helme
Scott Helme
Hacker News - Newest:
Hacker News - Newest: "LLM"
Vercel News
Vercel News
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
B
Blog
GbyAI
GbyAI
Recent Commits to openclaw:main
Recent Commits to openclaw:main
D
Darknet – Hacking Tools, Hacker News & Cyber Security
P
Proofpoint News Feed
S
Security Affairs
Cisco Talos Blog
Cisco Talos Blog
AWS News Blog
AWS News Blog
T
Tenable Blog
H
Help Net Security
NISL@THU
NISL@THU
F
Fortinet All Blogs
博客园_首页
G
GRAHAM CLULEY
L
LINUX DO - 最新话题
P
Privacy International News Feed
G
Google Developers Blog
博客园 - Franky
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Security Archives - TechRepublic
Security Archives - TechRepublic
The Register - Security
The Register - Security
L
LangChain Blog
aimingoo的专栏
aimingoo的专栏
T
Tor Project blog
P
Privacy & Cybersecurity Law Blog
量子位
C
Cyber Attacks, Cyber Crime and Cyber Security
Forbes - Security
Forbes - Security
S
Secure Thoughts
Simon Willison's Weblog
Simon Willison's Weblog
D
Docker
Recorded Future
Recorded Future
博客园 - 三生石上(FineUI控件)
L
Lohrmann on Cybersecurity
T
Tailwind CSS Blog

Security @ Cisco Blogs

We third-party tested our firewall built for AI-scale. The test tools hit their limit first. SharpHound Recon Attack - How AI enhanced the threat hunt Machine Speed, Human Judgement: How AI Changed the SOC in 2026 Elevating Expertise in the SOC Educate at Event Speed: Cisco Live Security Operations Center What Working the Cisco Live SOC Taught Me About AI, Detection, and Response Cable to Cloud - A Product Engineer's Journey Through the Cisco Live AMER 2026 SOC The Experience Dividend: How Better Digital Experience Protects Revenue, Trust, and Growth AIM: Building an Agentic Tier-2 SOC Analyst at Cisco Live AMER 2026 Building the Agentic SOC at Cisco Live Americas 2026 Ten Years in the SOC at RSAC: What We Learned in 2026 Uplevelling Black Hat Threat Hunters Making Workflow Runs Explain Themselves: AI-Powered Run Summaries in Cisco XDR Automate Independent Testing Confirms Secure Email Threat Defense’s Email Security Strength Defenseclaw for On-Prem AI SOC Workflow at Black Hat Asia The Essence of Black Hat – Collaboration with Partners Black Hat Asia 2026: A Decade in Singapore Black Hat Asia 2026: Threat Hunters’ Corner Unveiling the Power of Integration: XDR, Splunk, Corelight, Arista and Palo Alto Networks in Action at Black Hat Asia Security in the Post-Mythos Era Cisco SASE with Meraki: Get in the Fast Lane to SASE Extending Zero Trust Across the Agentic AI Workflow Strengthening the Foundation: A Predictable, Customer focused Response to AI-Accelerated Vulnerability Discovery Quantum Resilience Needs a Common Language. Here’s Where to Start. Security at Cisco Live: Going Shields Up for the Agentic Era Identity Elevated: A New Unified Identity Experience in Cisco Cloud Control Security Needs a New Operating Model Cisco Secure Access and Microsoft Purview Integration for Simplified Data Protection Cisco Secure Access and Island Browser Enable Zero Trust Everywhere Finding what lives between the alerts: Announcing Cisco Talos Threat Hunting From Log Flood to Threat Signal: Cisco and Splunk Bring Context to Modern Defense Cisco Secure Access and Microsoft Edge for Business Integration Why Network Segmentation Projects Fail: Four Patterns Cisco’s Risk-Based Vulnerability Disclosure in the Age of AI Enhancing Cisco Secure Email Gateway: Safer Clicks and Cleaner Files AI-generated reporting: Lessons learned from Cisco Talos Incident Response Inside the SOC: AI-powered DNS defense against ransomware Security Insights: A Threat-First View for the Platform That Enforces Access From Strategy to Architecture: How Cisco is Building a Quantum-Safe Future AI-Ready, Simpler, and More Secure WAN: Cisco SD-WAN Innovations Designing for What’s Next: Securing AI-Scale Infrastructure Without Compromise Preparing for Post-Quantum Cryptography: The Secure Firewall Roadmap Mobile World Congress 2026: AI-powered Network Security Powering MWC Barcelona – Building a Unified SOC and NOC with Splunk in Record Time AI-powered Network Security at the Mobile World Congress 2026 SNOC Inside the Mobile World Congress 2026 SOC: Detecting Shadow Traffic with Firepower 6100 Data Optimization in Security: A Splunk Architect’s Perspective Inside the Talos 2025 Year in Review: A discussion on what the data means for defenders Zero Trust for Agentic AI: Safeguarding your Digital Workforce The Agent Trust gap: What Our Research Reveals About Agentic AI Security Meet Your Incident Responders
Cisco Secure Access with MCP Infrastructure at Black Hat Asia 2026
Takashi Yamamoto · 2026-06-15 · via Security @ Cisco Blogs

Cisco has been a long-standing partner in securing Black Hat conferences worldwide, providing the critical network infrastructure that ensures safe connectivity for all attendees. At Black Hat Asia 2026, we continued this tradition while introducing significant enhancements to our security capabilities through innovative integrations.

DNS Security

Two instances of Cisco Secure Access DNS forwarders were deployed as virtual appliances, to serve as key network components and provide essential security for both network infrastructure and attendee devices. Throughout the event, the system successfully processed over 16 million DNS queries, identified and blocked more than 234,000 encrypted DNS requests under Black Hat policy for Network Operations Center visibility.

BH Asia 2026 secure access volume scaled

You can see the Year over Year statistics below.

DNS Requests via Cisco

The top DNS categories comparing 2024, 2025, and 2026 are shown below.

Black hat Asia 2026 top DNS Categories

App Discovery report revealed notable insights into application usage patterns. A total of 4,050 applications were identified across the network, with over 100 categorized as AI applications. Within this AI category, Cursor, Claude, and ChatGPT emerged as the top three most frequently accessed platforms, highlighting the increasing incorporation of AI technologies into professional workflows.

2025: 4,625 apps2024: 4,327 apps
2023: 1,162 apps2022: 2,286 apps
App Discovery

MCP Integration and Automation

Model Context Protocol (MCP) is a standardized protocol designed to enable AI applications and agents to interact with external tools, data sources, and workflows in a structured and dynamic way. One of the most significant innovations at this year’s event was the integration with MCP infrastructure to streamline SOC workflows. Traditional log analysis requires analysts to manually query log repositories. This a time-consuming and resource-intensive process that can delay threat detection and response. By developing a custom MCP server that enables seamless connectivity to Secure Access Reports API, we achieved real-time, conversational analysis of security events, significantly enhancing operational efficiency.

MCP Host

To further strengthen security posture, Cisco Secure Access MCP Gateway was implemented to enforce fine-grained access policies, ensuring that only authorized tools and personnel can interact with critical systems and sensitive information.

Claude code MCP host

Resource Connector

Cisco Secure Access Resource Connector was deployed to provide secure remote access to critical systems. Not all devices have built-in cloud management or VPN support. Resource Connector solves this problem by creating secure path to the target, which is accessible from public URL generated by Secure Access platform. Integration with Duo IAM ensured strong authentication takes place before access is allowed.

MCP gateway

Final Thoughts

The deployment at Black Hat Asia 2026 successfully demonstrated the evolution of network security through strategic integration of advanced security platforms, AI-powered automation, and zero-trust access controls. These innovations not only protected the conference infrastructure but also validated emerging security technologies in a high-stakes, real-world environment. The insights gained will inform future deployments and contribute to the ongoing development of more resilient security architectures.

Check out the other blogs from our team at Black Hat Asia 2026.

About Black Hat

Black Hat is the cybersecurity industry’s most established and in-depth security event series. Founded in 1997, these annual, multi-day events provide attendees with the latest in cybersecurity research, development, and trends. Driven by the needs of the community, Black Hat events showcase content directly from the community through Briefings presentations, Trainings courses, Summits, and more. As the event series where all career levels and academic disciplines convene to collaborate, network, and discuss the cybersecurity topics that matter most to them, attendees can find Black Hat events in the United States, Canada, Europe, Middle East and Africa, and Asia. For more information, please visit www.Black Hat.com.


We’d love to hear what you think! Ask a question and stay connected with Cisco Security on social media.

Cisco Security Social Media

LinkedIn
Facebook
Instagram