What if your firewall could detect and block malicious files before they finish downloading, without slowing your network down? HPE Threat Labs has made this a reality. In this RSAC 2026 Conference interview with Mounir Hahad, who heads up HPE Networking Threat Labs, we go into some of the details of what that means.
Hahad sits down with us to explain the architecture behind the company’s AI-powered security approach that operates at firewall speed. We had a rather detailed technical discussion about machine learning models, predictive threat intelligence, and how HPE is addressing security challenges that most organizations haven’t even recognized yet.
The conversation begins with the formation of HPE Threat Labs from the merger of Juniper and HPE security teams, but quickly moves into more technical territory. You’ll discover how the new SRX400 Series Firewall runs the exact same software as carrier-grade enterprise systems, why that matters for SMB security, and what “powered by HPE Threat Labs” actually means in practical terms.
The technology behind it
The interview dives deep into HPE’s machine learning architecture. Hahad explains where ML models run, how frequently they update, and why the system can make blocking decisions before malicious files completely transfer.
You’ll learn about the timeline for threat intelligence effectiveness, and that some indicators remain valuable for months before attacks execute. This has interesting implications for how we think about the speed required for threat detection and opens up new approaches to proactive defense.
Key insights
- The architectural differences between on-device and cloud-based ML security processing
- How predictive threat intelligence identifies attack infrastructure during preparation phases
- Why zero-day detection doesn’t require examining entire malware samples
- The real performance impact of ML-based security
- How long ML models remain effective before requiring updates
- The specific data sources HPE combines for predictive intelligence
- Why east-west data center traffic presents unique AI security challenges
- How network fabric integration enables security without dedicated appliances
Beyond firewall features
This interview goes beyond product announcements to explore the strategic thinking behind HPE’s security approach. Hahad discusses the philosophy of treating the network fabric itself as a security solution rather than bolting security onto existing infrastructure. You’ll understand how switches and routers participate in threat response, and why this integration matters more as organizations deploy AI workloads.
The conversation addresses questions about whether current security approaches can keep pace with AI-accelerated threats. Hahad’s responses reveal both the challenges and HPE’s specific technical strategies for staying ahead. If you’re concerned about securing generative AI deployments or agentic workflows, the final section of this interview provides perspectives you won’t find in a product documentation.