Where Edge Targeting Concentrated — And Where Defenses Have Measurable Gaps

New GreyNoise research quantifies what's actually hitting edge infrastructure — and the findings challenge common assumptions about where defenses are strongest:

• 52% of remote code execution attempts came from IPs with no prior GreyNoise history.
• A 300,000-IP residential botnet — 73% residential — grew 150x in 72 days.
• Pre-2015 CVEs generated 4x more exploitation traffic than 2023-2024 CVEs (largely driven by one 26-year-old vulnerability).

Join GreyNoise's Founder, VP of Data Science and Research, and Director of Intelligence as they break down key findings from the 2026 GreyNoise State of the Edge Report.

You'll learn:

• Where edge targeting concentrated — from Palo Alto GlobalProtect absorbing 16.7 million sessions to emerging campaigns against AI/LLM inference servers
• Why reputation-based blocking and recency-focused patching leave measurable gaps — and why behavioral detection deserves a larger role
• How ASN-level and fingerprint-based clustering collapses thousands of attacker IPs into a handful of actionable blocking decisions

Who should attend:

• CISOs and Security Leaders — Benchmark your edge security posture against 162 days of internet-scale exploitation data.
• SOC and Threat Intelligence Teams — Learn clustering techniques that turn volume into signal.

• Vulnerability Management Teams — Understand why patching recency bias creates persistent exposure and how to prioritize based on actual exploitation patterns.