APRICOT 2026 in Jakarta brought together one of the most technically sharp and operationally focused Internet communities we’ve seen this year. As Asia Pacific’s largest Internet operations conference, APRICOT continues to be a place where engineers, operators, researchers, and policy communities meet to exchange very practical knowledge about running and protecting real networks at scale. The nine-day summit, co-organised by APNOG and APNIC and local host APJII, covered everything from routing security and DNS operations to network performance, peering, and emerging infrastructure challenges across the region.
The FastNetMon team attended the conference part of the event, from the Sunday social through to the Wednesday closing social, focusing on connecting with operators across the region, as well as attending sessions around DDoS, routing security, network visibility, and operational security.
A strong start: community, history, and the future Internet
The ISOC social set the tone for the week. While small and intimate event, the conversations were open, practical, and strongly community-driven, which is something APRICOT consistently does well. It felt less like a vendor-heavy conference and more like an operator-first environment where people are comfortable sharing real production lessons.
On Monday, the opening sessions balanced future-looking themes with deep historical context. Jim Cowie’s Internet History Initiative keynote highlighted the importance of preserving operational knowledge and Internet data history, while broader conference themes explored how AI is reshaping infrastructure and operations.
Across plenary and SIG sessions, we saw strong participation from global ecosystem organisations including APNIC, ICANN, and the RIR community, reinforcing how tightly coupled policy, routing security, and real-world network operations are in the Asia Pacific region.
Routing, security, and DDoS: operational reality over theory
For FastNetMon, the most relevant content sat in routing security, DNS, and operational security sessions.
Dave Phelan’s talk on DDoS in Indonesia — has it improved stood out as a grounded regional view of attack trends and mitigation realities. This kind of operator-level regional analysis is exactly what helps teams understand how threat landscapes differ between regions and infrastructure maturity levels, and Dave’s insights on mitigation were also spot-on.
Routing security discussions were equally strong. Sessions covering RPKI, ASPA development, and post-ROV attack scenarios showed how the community is moving from theory into deployment and operational tooling. The Routing Security SIG discussions reinforced how adoption is progressing across APAC and how operators are approaching validation, policy enforcement, and automation.
From a visibility and measurement standpoint, Randy Bush’s session on debugging routing and forwarding using RIPE Atlas demonstrated how distributed measurement continues to be essential for troubleshooting complex interdomain behaviour.
The security track also highlighted the operational reality of defence-in-depth. Sessions and training tracks focused on device security, routing protocol protection, DNSSEC, threat detection, and incident response practices for real production environments, not just theoretical frameworks.
IPv6, DNS, and the operational Internet at scale
IPv6 deployment and measurement continued to be a major theme. Case studies on large-scale IPv6-first deployments and scanning methodologies showed how the transition is no longer experimental in many parts of APAC, but operational and business-critical.
DNS sessions led by speakers such as Geoffrey Huston and Shaila Sharmin focused on resolver behaviour, DNSSEC deployment journeys, and multilingual Internet enablement. These topics are particularly relevant in APAC, where language diversity and scale introduce very different operational constraints compared to other regions.
The consistent theme across these sessions was operational pragmatism: what works in production, what breaks, and how teams are fixing it.
The APAC operator community: technically sharp and genuinely welcoming
One thing that stood out throughout APRICOT was the quality of the people. The technical level was extremely high, but the environment stayed approachable and collaborative. Conversations moved easily from deep protocol discussions into practical deployment lessons, and then into social events without losing that strong sense of shared purpose.
We were also invited to a large number of regional NOG communities across Asia Pacific. The NOG reports session alone showed how active and diverse the regional operator ecosystem is, from well-established groups to fast-growing newer communities. It is very clear that knowledge sharing in APAC does not happen once a year at a single conference — it is continuous, local, and extremely operationally focused. We fully intend to attend as many regional NOG events as possible moving forward.
Post-conference musings
From a FastNetMon perspective, APRICOT is not just a regional event. The Asia Pacific region is one of the fastest-growing Internet markets in the world, with very different infrastructure constraints, threat models, and deployment realities compared to Europe or North America.
You see earlier adoption of some technologies, different attack patterns, and often extremely creative engineering solutions driven by geography, scale, and cost constraints. That makes APRICOT an important place to come to listen and learn.
The week in Jakarta confirmed something we already suspected: FastNetMon needs to spend more time in the Asia Pacific region. The conversations around DDoS, network visibility, routing security, and operational tooling were highly relevant, and we met operators facing challenges that map directly to what we’re building.
We are already planning to participate in more regional events and deepen our engagement with the APAC network operator community. The next few years will be extremely interesting for Internet infrastructure development across the region.