Exclusive Data Breakthroughs
Be the first to explore new intelligence we’ve never shared before — built to power the next wave of security innovation.

Meet Us Where Things Are Happening: In Our On-Floor Meeting Room
We’re unveiling new exclusive intelligence — never shared publicly — in our private Meeting Room Lounge (BMR6403) at the Mandalay Bay Convention Center, steps away from the booth area.
Join our executive team for focused conversations tailored for product leaders shaping the future of cybersecurity.
Be the first to explore new intelligence we’ve never shared before — built to power the next wave of security innovation.
Meet in a private, quiet space for focused, no-fluff discussions tailored to your product roadmap.
See our latest APIs, enrichment layers, and tools in action with insights you won’t find in public documentation.
We’re unveiling what’s next. If you’re not in the room, you’re not in the loop.

🔬 A look inside the research with Ed Gibbs ![]()
Attackers are now using AI to spin up malicious domains and phishing infrastructure faster than teams can track them, and detection is only as strong as the data behind it. Ed shares how WhoisXML API surfaces that infrastructure early and turns it into the domain, DNS, and IP intelligence that keeps detection ahead of the curve, along with a candid look at what WhoisXML API is building next.
🚀 This session follows two investigations: Internet-wide reconnaissance against enterprise firewalls, and North Korea's external Internet footprint, with Alex Ronquillo ![]()
Using observations from the WXA Internet Abuse Signal Collective (IASC), we'll show how global NetFlow sampling across major IXPs captured FortiBleed reconnaissance without relying on sinkholes or honeypots. You'll see:
From global firewall scanning to Pyongyang's piggybacked connectivity, this talk turns Internet abuse signals into evidence of attacker infrastructure, victim exposure, and hidden physical networks.

WhoisXML API delivers the domain, DNS, and IP intelligence trusted by cybersecurity teams building next-generation products. With over 15 years of experience and recognition from Inc. 5000 and the Financial Times, we support leading security companies, threat intel teams, and national security agencies worldwide. Our data powers detection, enrichment, attribution, and prevention at scale. We deliver much more:
historic WHOIS records
domains and subdomains
DNS records
IP netblocks, covering 99.5% of IPv4/IPv6
Our team of solution-focused professionals.

Our dedicated space is right on the event floor, just steps from the booth area, room BMR6403 — no hassle, free from the noise and private.
Step into a comfortable setting for real conversations with our team — from new data capabilities to what’s coming next from WhoisXML API. It’s your space for clarity, strategy, and connection just around the corner.

Whether you're aiming to strengthen your intelligence workflows, explore WhoisXML API’s capabilities, or dive into specific challenges your team is facing, this is your chance to speak directly with our executives during BlackHat USA 2026.
We’ll be in Las Vegas on Tuesday, Wednesday, and Thursday. Submit the form to schedule an insightful, private conversation.