Working at the Black Hat Network Operations Center (NOC) as a data scientist makes me a bit of an outlier (pun intended) among network engineers and hard-core threat hunters.

With the holiday season all wrapped up (pun definitely intended), I finally have time to sit down and digest what we saw in the network traffic at Black Hat Europe 2025 while working alongside the other Network Operations Center (NOC) partners: Arista, Cisco, Jamf, and Palo Alto Networks. As usual, there is a mix of the expected, a dash of the unexpected, and some lessons for newcomers and greybeards alike. Let’s get into it.

Here on the Ignyte blog, we talk a lot about general information security frameworks like ISO 27001 and government frameworks like CMMC and FedRAMP. But that doesn’t mean that’s all we understand. One of the most broadly used security standards in the world is PCI DSS. The Payment Card Industry Data Security Standard is the standard that must be upheld by any and all entities that handle, process, or store cardholder data and authentication data for payments.

A recent report of a solicitor facing regulatory investigation after uploading client documents into ChatGPT is not an isolated incident. It is a visible symptom of a broader structural issue unfolding across highly regulated industries. Legal professionals operate under strict duties of confidentiality, and yet the tools reshaping their workflows are being adopted faster than governance and operational controls can keep pace. The challenge is not whether AI should be used in legal practice.

LimaCharlie's SecOps Cloud Platform is built around a simple idea: everything connects via API. That includes AI. Rather than locking you into a proprietary and limited AI SOC, LimaCharlie lets you bring your own LLM and put it to work directly inside your security environment. With LimaCharlie, AI can execute operations across your detections, sensors, and integrations. Because LimaCharlie operates entirely via API, every AI action is transparent and auditable.

When we think of spring, we think of things in bloom; flowers, ideas, maybe even hope for the snow to melt here in our US headquarters Boston, MA. But regardless of the snow, we've chosen to embrace the idea of spring and letting your workflow creativity grow! What better way to let that creativity shine than with another round of You Did WHAT With Tines?! (YDWWT) For the Spring 2026 round of YDWWT, we want to know what your team can achieve with a Tines workflow.

The traditional model to outsource penetration testing was to engage a consultant to perform a once-a-year test, receive a lengthy PDF report, and then start the cycle again. This model today means something quite different: organizations are hiring external security professionals as continuous partners who constantly test, integrate into development pipelines, and deliver results in real time. It has grown from a check-the-box compliance activity to an integral part of a serious security program.