Inside the SOC at RSAC : Cisco and Endace Join Forces to Safeguard Cybersecurity

By /

The RSAC™ 2025 Conference is once again placing cybersecurity at the forefront, and this year, Cisco and Endace are teaming up to power the Security Operations Center (SOC). With a cutting-edge mix of tools, platforms, and intelligence, they’re securing the Moscone Center’s wireless network, protecting attendees, and offering a real-time look at how modern cybersecurity operations work in the field.

The SOC at RSAC is more than just a watchtower; it’s an immersive experience into the technologies and strategies used by cybersecurity professionals. It offers both high-level monitoring and deep-packet analysis, combining Cisco’s powerful cloud and AI-based security tools with Endace’s proven data capture and integration technologies. This collaboration showcases not only the power of modern threat defense but also how coordinated security ecosystems can tackle complex cyber challenges in real time.

SOC Highlights at RSAC™ 2025 (30-line Summary)

  • Cisco and Endace are leading security operations at the RSAC™ 2025 Conference.
  • The SOC monitors the Moscone wireless network, scanning for any signs of security threats.
  • At its core, the SOC uses Cisco Security Cloud—a comprehensive platform integrating:

– Breach Protection Suite

– User Protection Suite

– Secure Firewall

  • The platform runs on Splunk Enterprise Security, giving SOC teams deep visibility.
  • For real-time insights, ThousandEyes is deployed for network observability.
  • Threat intelligence comes from Cisco Talos and key partners:

– Pulsedive

– alphaMountain.ai

  • Cisco’s Cloud Protection Suite safeguards the SOC’s own cloud infrastructure.
  • AI Defense and Identity Intelligence further enhance proactive security measures.
  • Endace brings its full-packet capture solutions into play, seamlessly integrated with:

– Cisco XDR

– Secure Network Analytics

– Splunk

  • These integrations allow forensic-level incident analysis and faster threat response.

– The collaboration is a result of

  • Daily guided tours of the SOC are available:

– April 29: 10:10am, 3:00pm, 4:30pm

– April 30: 10:10am, 3:00pm, 5:00pm

– May 1: 10:10am, 1:00pm

  • Visitors are invited to meet outside the SOC at Moscone South Hall a few minutes early for a briefing.
  • Only an Expo Pass is required to join these tours.
  • An out-briefing session will present key takeaways from this year’s SOC operations:

– PROTECTED: The 6th Annual Findings Report

  • Held in Moscone West, 1:30PM, duration: 50 minutes

– Requires full conference pass

  • Cisco encourages engagement via its social media channels:

– Instagram, Facebook, Twitter, LinkedIn

  • Participants and attendees are urged to ask questions, comment, and stay connected.
  • The 2024 SOC findings report is also available for reference.
  • Cisco and Endace are reinforcing their commitment to transparency and education in cybersecurity.
  • The RSAC SOC continues to serve as both a protective layer and a learning hub for security professionals.

What Undercode Say: (40-line Analytical Insight)

The RSAC™ 2025 SOC initiative, powered by Cisco and Endace, represents a significant leap in live-event cybersecurity strategy. It’s no longer enough to have static defenses; in a conference environment with thousands of connections, devices, and sensitive communications, the defense must be dynamic, adaptive, and deeply integrated.

At the heart of this operation is Cisco’s multi-layered security stack. The Security Cloud, combining breach and user protection suites with AI-powered threat detection, provides a holistic defense framework. What’s crucial here is the interoperability between these tools. Instead of fragmented platforms, Cisco consolidates functions into a centralized system—reducing latency in threat identification and response.

Splunk Enterprise Security acts as the command center, collecting and correlating vast streams of data in real time. This setup gives security teams a real-time dashboard into the network’s health, allowing for rapid incident investigation and response. ThousandEyes further enhances visibility, diagnosing performance issues that may masquerade as security threats or vice versa.

References:

Reported By: blogs.cisco.com
Extra Source Hub:
https://www.reddit.com
Wikipedia
Undercode AI

Image Source:

Pexels
Undercode AI DI v2

Join Our Cyber World:

💬 Whatsapp | 💬 TelegramFeatured Image