Cisco has been a long-standing partner in securing Black Hat conferences worldwide, providing the critical network infrastructure that ensures safe connectivity for all attendees. At Black Hat Asia 2026, we continued this tradition while introducing significant enhancements to our security capabilities through innovative integrations.
DNS Security
Two instances of Cisco Secure Access DNS forwarders were deployed as virtual appliances, to serve as key network components and provide essential security for both network infrastructure and attendee devices. Throughout the event, the system successfully processed over 16 million DNS queries, identified and blocked more than 234,000 encrypted DNS requests under Black Hat policy for Network Operations Center visibility.
You can see the Year over Year statistics below.
The top DNS categories comparing 2024, 2025, and 2026 are shown below.
App Discovery report revealed notable insights into application usage patterns. A total of 4,050 applications were identified across the network, with over 100 categorized as AI applications. Within this AI category, Cursor, Claude, and ChatGPT emerged as the top three most frequently accessed platforms, highlighting the increasing incorporation of AI technologies into professional workflows.
| 2025: 4,625 apps | 2024: 4,327 apps |
| 2023: 1,162 apps | 2022: 2,286 apps |
MCP Integration and Automation
Model Context Protocol (MCP) is a standardized protocol designed to enable AI applications and agents to interact with external tools, data sources, and workflows in a structured and dynamic way. One of the most significant innovations at this year’s event was the integration with MCP infrastructure to streamline SOC workflows. Traditional log analysis requires analysts to manually query log repositories. This a time-consuming and resource-intensive process that can delay threat detection and response. By developing a custom MCP server that enables seamless connectivity to Secure Access Reports API, we achieved real-time, conversational analysis of security events, significantly enhancing operational efficiency.
To further strengthen security posture, Cisco Secure Access MCP Gateway was implemented to enforce fine-grained access policies, ensuring that only authorized tools and personnel can interact with critical systems and sensitive information.
Resource Connector
Cisco Secure Access Resource Connector was deployed to provide secure remote access to critical systems. Not all devices have built-in cloud management or VPN support. Resource Connector solves this problem by creating secure path to the target, which is accessible from public URL generated by Secure Access platform. Integration with Duo IAM ensured strong authentication takes place before access is allowed.
Final Thoughts
The deployment at Black Hat Asia 2026 successfully demonstrated the evolution of network security through strategic integration of advanced security platforms, AI-powered automation, and zero-trust access controls. These innovations not only protected the conference infrastructure but also validated emerging security technologies in a high-stakes, real-world environment. The insights gained will inform future deployments and contribute to the ongoing development of more resilient security architectures.
Check out the other blogs from our team at Black Hat Asia 2026.
About Black Hat
Black Hat is the cybersecurity industry’s most established and in-depth security event series. Founded in 1997, these annual, multi-day events provide attendees with the latest in cybersecurity research, development, and trends. Driven by the needs of the community, Black Hat events showcase content directly from the community through Briefings presentations, Trainings courses, Summits, and more. As the event series where all career levels and academic disciplines convene to collaborate, network, and discuss the cybersecurity topics that matter most to them, attendees can find Black Hat events in the United States, Canada, Europe, Middle East and Africa, and Asia. For more information, please visit www.Black Hat.com.
We’d love to hear what you think! Ask a question and stay connected with Cisco Security on social media.
Cisco Security Social Media
