In this episode, we're asking the question: "What Lurks Beneath?" We're joined by Mark Overholser, a Technical Marketing Engineer at Corelight who's part of the team running the Black Hat Network Operations Center (NOC). We discuss the incident during Black Hat 2025 that introduced us and revealed the team's proactive approach to protecting every guest from the unseen threats hiding in the shadows. Mark gives us an insider’s look at the philosophy and challenges behind building a robust network for a security conference, which includes the complex infrastructure provided by partners like Arista, Cisco, Palo Alto Networks, and Lumen.

We then dive into memorable network incidents and how they apply to any modern organization. Mark shares key insights on how to balance a permissive network with robust security, how they identify legit traffic from the digital monsters in training labs, and the crucial role of network alerts (IDS/IPS) in stopping attacks before they become full-blown nightmares. He'll also share some scary stories, including an infected presenter, a leaked company org chart, and people accessing their NASes in the clear. Get ready for a frightfully insightful discussion on network security.