Packet Protector
Packet Pushers
Join us at the intersection of networking and security! Whether you’re fending off ransomware attacks, securing remote workers, hunting for rogue IoT devices, or gearing up for your latest compliance audit, Packet Protector provides practical information that IT and infrastructure pros can put to work. Every episode covers the latest security headlines and then drills into essential topics to provide technical and strategic insights on wired and wireless network security, access control, cloud security, pen testing and red/blue teaming, security hardware and software, and more. Whether security is your full-time job or one of your many responsibilities, Packet Protector is your go-to cybersecurity resource.
Episodes
Mentioned books
Oct 7, 2025 • 48min
PP081: News Roundup – BRICKstorm Backdoor Targets Network Appliances, GitHub Unveils Supply Chain Defense Plans
From a massive SIM farm takedown to dealing with supply chain attacks targeting npm, our news roundup provides context and commentary on a fresh crop of security news. We discuss exploits against Cisco firewalls and switches, a SonicWall firmware update to remove a rootkit targeting its SMA 100, and GitHub’s plans to harden npm packages.... Read more »
Sep 30, 2025 • 45min
PP080: The State of OT Risks in 2025 (and What to Do About Them)
What does the risk environment for Operational Technology (OT) look like in 2025? JJ and Drew review four recent reports on the state of OT security from Dragos, Fortinet, and others. We discuss ransomware impacts, ongoing risks of RDP traffic, directly exposed OT devices, and overall attack trends and the tools and processes that organizations... Read more »
Sep 23, 2025 • 58min
PP079: Rethinking the Architecture of Microsegmentation
Philip Griffiths, Head of Strategic Sales at NetFoundry and a prominent voice in Cloud Security Alliance, dives deep into the intricacies of microsegmentation. He defines it as isolating workloads for enhanced security and links it to Zero Trust principles like continuous authentication and identity enforcement. Philip discusses the importance of starting with protect surfaces for implementing microsegmentation effectively. He also explores the potential of eBPF for real-time visibility and shares visions of identity-embedded applications for the future.
Sep 16, 2025 • 49min
PP078: Using Free Tools for Detection Engineering
You can build effective, scalable detection pipelines using free and open-source tools like Zeek, Suricata, YARA, and Security Onion. Today on Packet Protector we welcome Matt Gracie, Senior Engineer at Security Onion Solutions — the team behind the open-source platform used for detection engineering, network security monitoring, and log management. Matt has over 15 years... Read more »
Sep 9, 2025 • 37min
PP077: News Roundup–Drift Breach Has Long Reach; FCC Investigates Its Own IoT Security Program
Is any publicity good publicity? On today’s News Roundup we talk about how Salesloft, which makes the Drift chat agent that’s been used as a jumping-off point for credential harvesting and data breach attacks against a bunch of big-name companies, is testing that proposition. We also discuss bugs affecting industrial refrigeration controllers, and Microsoft making... Read more »
Sep 2, 2025 • 60min
PP076: RF Risks and How to See Unseen Threats
Our airwaves are alive with radio frequencies (RF). Right now billions of devices around the world are chattering invisibly over Wi-Fi, Bluetooth, Zigbee, and other protocols you might not have heard of. On today’s show we peer into the invisible world to better understand the RF threat environment. Our guest is Brett Walkenhorst, CTO of... Read more »
Aug 19, 2025 • 44min
PP075: Kernel Vs. User Mode In Endpoint Security Software
Microsoft is rethinking allowing endpoint security software to run in the Windows kernel (including third-party and Microsoft’s own endpoint security software). While there are benefits to running security software in the kernel, there are also serious downsides (see the CrowdStrike outage). Dan Massameno joins JJ and Drew on Packet Protector to talk about the role... Read more »
Aug 12, 2025 • 43min
PP074: News Roundup – Microsoft Dumps Digital Escorts; Palo Alto Bundles Billions Aboard CyberArk
Packet Protector goes global for today’s security news roundup. Microsoft discontinues a program in which engineers in China supported the US Department of Defense’s cloud infrastructure (with the help of US ‘digital escorts’), Taiwanese chipmaker TSMC fires several employees over allegations of attempted theft of sensitive tech, an Arizona woman gets 8 years in prison... Read more »
Aug 5, 2025 • 40min
PP073: Identify Yourself: Authentication From SAML to FIDO2
From SAML to OAuth to FIDO2 to passwordless promises, we unpack what’s working—and what’s broken—in the world of identity and authentication. Today on the Packet Protector podcast, we’re joined by the always thoughtful and occasionally provocative Wolf Goerlich, former Duo advisor, and now a practicing CISO in the public sector. We also talk about authorization... Read more »
Jul 29, 2025 • 47min
PP072: Mobile Device Threat Management
Mobile devices blur the boundaries between personal and work devices and are packed with sensitive information, making them popular targets for malware, spyware, and data collection. On today’s Packet Protector we dig into strategies for managing threats to mobile devices with guest Akili Akridge. Akili started his career pulling burner phones off suspects as a... Read more »
