Threat Hunting in the Black Hat NOC is like “finding needles in a needle stack,” said Mark Overholser as we all stared at this massive ice cream that James Pope ordered.
The Sophos Central Network Map shows a unified view of your connected Sophos Firewall, Switches, and AP6 access points. This helps you to visualize the topology of your infrastructure, search for devices, and navigate the relationships between your network devices across your entire account.
One of the many interesting things we stumble across in the Black Hat NOC (Network Operations Center) is the various applications exhibiting poor security hygiene. Usually it’s something in the clear that makes us chuckle before we move on to more serious matters. Sometimes it’s something more serious that requires letting an attendee know they’re leaking sensitive information.
Built for a threat landscape reshaped by AI, Sophos Fusion unites security operations, endpoint, network security, identity, email, and cloud into one defense system that prevents, detects, investigates, and responds at AI speed.
The State of Ransomware 2026: Payments are dropping but encryption is climbing Insights from 2,158 IT and cybersecurity leaders across 17 countries whose organizations were hit by ransomware in the past year. This year's data has a few eyebrow-raising departures from the patterns of past State of Ransomware reports. Exploited vulnerabilities lost their three-year grip on the top root-cause spot. Median ransom demands and payments both dropped, yet the average recovery bill still climbed.
On July 14, 2026, SonicWall disclosed two vulnerabilities in SonicWall SMA1000 appliances. Models 6210, 7210, and 8200v are affected. CVE-2026-15409 is a critical (CVSS score of 10.0) unauthenticated server-side request forgery (SSRF) flaw that allows an attacker to force the appliance to make requests to unintended destinations.
The stack had a good run. Defense systems are the future. Introducing Sophos Fusion, the industry’s most complete AI-Native Cybersecurity Defense System. Something shifted in late 2025 that I don't think our industry has fully reckoned with yet.
Whenever I come back from a Black Hat NOC, people always ask the same question: “So, what did you see?!” They understand how unique it is to have access to the detailed logs generated by an NDR overseeing the network traffic of a conference with thousands of attendees. There is always something to see. There are always stories that come out of the packets; those stories evolve into patterns, and the patterns offer the gift of lessons.
Sophos Fusion is the industry’s most complete cyber defense system. It sees everything, connects everything, and enables your defenses to respond as one. In this real-world example, see how Sophos Fusion stopped a wire fraud attack using telemetry from multiple security vendors.