They say what happens in Vegas stays in Vegas—but this year, we couldn’t keep the latest in cybersecurity to ourselves.
Though it wasn’t our first time attending Black Hat USA (we’re no strangers to the neon lights and desert heat), our anticipation was high when we landed at LAS. We couldn’t wait to get to the show, connect with security professionals, learn more about where the industry is headed, and put our own solutions to the test.
And this year’s conference didn’t disappoint.
Inside the Mandalay Bay Resort, the show floor mirrored the Las Vegas Strip: packed with towering booths, vibrant designs, and lights illuminating every corner of the conference hall. Every aisle was brimming with energy, lively conversations, and the latest in security tech.
Here are the key takeaways from the event.
All about model context protocol (MCP) and agentic workflows
A couple of years ago, we discussed how artificial intelligence had become a hot topic at Black Hat USA. Large language models (LLMs), which had suddenly burst on the scene, introduced new challenges for infrastructure due to their heavy resource use, long latencies, and the new security considerations they brought.
The main question attendees had wondered was, “How can we integrate these technologies without opening new vulnerabilities?” This year, the conversation shifted, narrowing in focus to two concepts: model context protocol (MCP) and agentic workflows.
The model context protocol is a standardized communication layer that connects AI applications with databases, tools, and templates, enabling faster, more contextual responses. As a universal, open standard, MCP reduces fragmentation and streamlines integration between LLMs and services. MCP allows AI models and agents to share context, enabling agentic workflows wherein multiple AI agents autonomously perform tasks on behalf of a user or a system.
So, how do you manage and secure these complex, multi-agent systems? This is where HAProxy One comes in, operating as an MCP gateway that acts as the network edge for managing AI traffic for MCP servers.
HAProxy is already familiar with MCP. In our HAProxyConf 2025 panel, “Navigating rapid change in IT: Trends and transformations,” we explored how the adoption of MCP is impacting modern infrastructure. The general sentiment was that while MCP traffic is relatively new, the core infrastructure requirements remain largely unchanged. In other words, many of the capabilities that keep traditional APIs fast, resilient, and secure—such as rate limiting and authentication—are still key components for MCP traffic management.
This means that the foundational load balancing and security principles that HAProxy One embodies still apply to MCP traffic and agentic workflows. Acting as a defensive bulwark in front of your AI infrastructure, HAProxy One provides observability, authorization, and A/B testing; prevents requests from overwhelming MCP servers; and facilitates rapid response delivery—while providing your entire infrastructure with next-gen security features.
The fundamentals still matter
Even as technology evolves, the basic requirements for app delivery remain the same—including scalable and reliable security. Our conversations with attendees always circled back to the fundamental layers, such as web application firewall (WAF), bot management, and DDoS protection.
From defending against the OWASP Top 10, to stopping malicious bots and unwanted crawlers, these tools offer frontline protection against malicious threats. And while some vendors offer solutions to these problems, HAProxy Technologies stands out from the rest with its authoritative approach:
Authoritative across the data plane, control plane, and global edge network. HAProxy One combines a flexible data plane (HAProxy Enterprise or HAProxy ALOHA), a scalable control plane (HAProxy Fusion), and a secure edge network (HAProxy Edge). Together, these components enable multi-cloud load balancing as a service (LBaaS), web app and API protection, API/AI gateways, Kubernetes networking, application delivery network (ADN), and end-to-end observability.
Unified multi-layered security and modern app delivery. HAProxy One consolidates application delivery, traffic management, and advanced security layers into one powerful solution. Simplify complex infrastructure, reduce costs, and enforce consistent protection and observability for every application at the edge.
Ultra-low latency. Threat detection happens in microseconds, ensuring security policies are enforced near-instantly while keeping your application fast and responsive.
Industry-leading WAF accuracy—without compromise. HAProxy Enterprise WAF achieves a 99.61% true-positive rate, 97.45% true-negative rate, and 98.48% balanced accuracy—virtually eliminating false positives and false negatives.
Powered by threat intelligence, enhanced by machine learning. Our data science team uses the threat intelligence data provided by HAProxy Edge to train our security models with machine learning, resulting in extremely accurate and efficient detection algorithms for bots and other threats—without relying on static lists and regex-based attack signatures. We use these algorithms to power the security layers in HAProxy One—without sending customer data or live traffic offsite—so you get highly accurate detection with zero privacy concerns.
At the center of HAProxy One is HAProxy Fusion, the unified control plane that gives teams a single, clear view of traffic patterns, security threats, load balancer performance, and server health. With the new Security Control Plane (coming soon), HAProxy Fusion orchestrates HAProxy Enterprise’s multi-layered security capabilities, including the HAProxy Enterprise Bot Management Module, HAProxy Enterprise WAF, CAPTCHA Module, and flexible building blocks such as the Global Profiling Engine (GPE), ACLs, allow-lists and deny-lists, and GeoIP.
Centralized security policy provides consistent full-spectrum protection across a distributed edge.
Security profiles make it simple to deploy security policies to clusters of HAProxy Enterprise nodes.
Threat-response matrix is an intuitive visual policy builder that enables administrators to combine signals and responses, leveraging all of HAProxy Enterprise’s multi-layered security capabilities.
And, just like with MCP and agentic workflows, the lesson is the same: the fundamentals still matter. Whether you’re protecting against a distributed denial-of-service attack (DDoS) or blocking malicious bots, HAProxy’s 20-plus-year history of performance, reliability, and flexibility ensures your applications stay fast and highly available, even as your infrastructure evolves.
Beyond security: memorable connections and HAProxy goodies
Black Hat wasn’t all about the technical details—it was also about people. It was a privilege to connect with so many interested security professionals at our booth. We're grateful to everyone who stopped by to discuss the future of AI, the importance of foundational security, and their own experiences with HAProxy.
Those who said “hello” took away HAProxy T-shirts, hats, frisbees, and Loady elephant plushies, ensuring attendees’ suitcases were packed even tighter on the way out of Las Vegas than on the way in. If you missed us at Black Hat, don’t worry—you can pick up some swag at one of our upcoming events.
Want to win a $100 Amazon gift card with your new HAProxy swag? Enter our contest for a chance to win—more details here.
Subscribe to our blog. Get the latest release updates, tutorials, and deep-dives from HAProxy experts.
