Episodes
-
Security professionals often have an impulse to want to move on to the next new thing. While that can be helpful in a field that thrives on change, it can also make it hard to focus on routine tasks and mundane (yet essential) security controls and practices. Whether this impulse is due to varying degrees... Read more »
-
This episode was recorded live at Security Field Day (XFD) 12 in October, 2024. As delegates at the event, JJ and Drew heard presentations from DigiCert, Dell Technologies, SonicWall, and Citrix. These presentations covered topics including digital certificate management, post-quantum cryptography, supply chain security, recovering from ransomware, Zero Trust Network Access (ZTNA), and Secure Service... Read more »
-
Missing episodes?
-
Today’s Packet Protector rounds up recent security news, including revised password guidelines from NIST, a White House push to help fill infosec jobs, and potential espionage risks from Chinese-made cranes being used at US ports. We also cover a hospital data breach that leaked nude patient photos, discuss why municipal governments are rich targets for... Read more »
-
Industrial Control Systems (ICS) and Operational Technology (OT) used to stand apart from traditional IT. But those worlds are converging, and IT pros, including infosec teams and network engineers, need to become familiar with the operational challenges and quirks of ICS/OT systems. On today’s Packet Protector, guest Mike Holcomb demystifies ICS and OT for IT... Read more »
-
Today on the Packet Protector podcast we talk with sponsor Juniper Networks about how to simplify the complexity that affects network and cybersecurity teams alike. From tool sprawl to floods of data, complexity bedevils operations and troubleshooting. We talk about what Juniper brings to the table for networking and security professionals to help them do... Read more »
-
The terms “AI” and “machine learning (ML)” get thrown around pretty regularly in IT and cybersecurity. On today’s Packet Protector we get an introduction to AI and ML to help you ask the right questions when vendors tout their latest AI-infused products. Our guest is Jeff Crume, a distinguished engineer and cybersecurity architect at IBM.... Read more »
-
Today on Packet Protector we get into BGP security. BGP is an essential protocol for directing traffic across the Internet, but it wasn’t designed with bad actors in mind, not to mention plain old configuration mistakes. Without additional controls in place, BGP is susceptible to issues such as route leaks and route hijacks that can... Read more »
-
Today on Packet Protector we look at cloud firewall architectures. If you’ve deployed firewalls in the campus or a data center, it’s useful to know that there are differences in the public cloud. We’ll dive into what you need to know, including deployment options, the role of high availability in public cloud, selecting the right... Read more »
-
Today’s Packet Protector is an all-news episode. We cover the Volt Typhoon hacker group exploiting a zero-day in Versa Networks gear and a multitude of vulnerabilities in Zyxel network products. We also debate whether Microsoft’s endpoint security summit will be more than a public relations exercise, a serious backdoor in RFID cards used in offices... Read more »
-
On today’s Packet Protector we talk about how to talk about security objectives in ways that resonate with business and non-technical leaders in your organization. Tying security objectives to business outcomes can help you maintain (or increase) budgets, build trust and credibility with executives, and better align your risk management efforts with the organization’s broader... Read more »
-
IT tends to divide itself by job function and technological specialization, especially as technology gets more complex. However, each IT domain is part of a larger system, and these systems require coordination and cooperation to operate effectively. On today’s Packet Protector we look at how and why Security Operations (SecOps) and Network Operations (NetOps) should... Read more »
-
Smartphones use Wi-Fi based Positioning Systems (WPSes) to collect data about nearby Wi-Fi access points and other wireless devices to help determine the phones’ geographic location. Researchers at the University of Maryland show how WPSes from Apple and Google can be used for mass surveillance of access points and, potentially, owners and users of those... Read more »
-
Remote work is now a norm. And whether it’s a day or two at home every week, or relocating overseas so you can log in to the office from an Italian piazza or a beach in Thailand, there are lots of opportunities to do our jobs outside traditional workplaces. On today’s Packet Protector, we look... Read more »
-
On today’s Packet Protector we answer listener questions about Wi-Fi security with guest Stephen Orr. Stephen is Chair of the Security Technical Task Group for the Wi-Fi Alliance and a Distinguished Solutions Engineer at Cisco. Questions include what recommendations Stephen would make for using multiple SSIDs vs. role-based device segmentation, what he sees as the... Read more »
-
In the wake of one of the largest global IT outages, resiliency is the theme of today’s show. We dig into the CrowdStrike debacle as well as an Azure outage that kinda flew under the radar. We also look at the Resiliency Planning Framework Playbook from CISA and other frameworks for building resilient infrastructure. We... Read more »
-
From an SSID confusion exploit to a RADIUS attack to a critical vulnerability in a Windows Wi-Fi driver, the past several months have seen multiple attacks and exploits targeting the wireless realm. On today’s Packet Protector podcast we talk with Wi-Fi security expert Stephen Orr to get his take on the severity of these issues,... Read more »
-
Third-party test labs can help buyers make decisions about which products to purchase. While a testing lab can’t mimic the conditions of your specific production environment, it can assess a product’s fundamental capabilities and measure throughput, performance, and–in the case of security devices–effectiveness against a test suite of malware or attack techniques. On today’s episode... Read more »
-
It’s an all-news episode for this week’s Packet Protector podcast. We cover critical vulnerabilities in the MOVEit file transfer software and in thousands of ASUS routers, and a remote code execution vulnerability in a Windows wireless driver that you really should patch. We discuss a Wall Street Journal article about how AI tools are helping... Read more »
-
If you care about nutrition, you check the ingredients of your food. If you care about your IT infrastructure, you check the Software Bill of Materials (SBOM) of the tech. At least that’s the future that Thomas Pace hopes for. Right now, SBOMs aren’t super common and software transparency is very low. Thomas walks us... Read more »
-
Today we discuss how to secure your all-powerful root accounts on the three major public cloud providers: AWS, Azure, and GCP. Our guests today, Ned Bellavance and Kyler Middleton from the Day Two Cloud podcast (soon to be Day Two DevOps podcast), describe the struggle of securely managing several root accounts at once. They take... Read more »
- Show more
