❌

Reading view

SharpHound Recon Attack – How AI enhanced the threat hunt

During the Cisco Live Americas 2026 Agentic SOC, we discovered and investigated suspicious LDAP activity both manually and with the assistance of AI. This helped us understand how the Agentic SOC can improve the threat-hunting process.
  •  
  •  

Uplevelling Black Hat Threat Hunters

Once you ingest major telemetry sources, how can we add value for our Threat Hunters? Check out how we brought in potentially malicious sandbox submissions to the analysts’ queue for triage.
  •  
  •  
  •  

From Flood to Focus: Finding Signal in an β€œOverflow Attempt” Alert Storm

Cisco XDR, Splunk, Cisco Secure Firewall, and Endace (Zeek) were used to investigate a spike in security alerts at Cisco Live EMEA, quickly distinguishing genuine threats from environmental noise through correlated incident analysis and network context.
  •  
❌