Packet Protector
Packet Pushers
Join us at the intersection of networking and security! Whether you’re fending off ransomware attacks, securing remote workers, hunting for rogue IoT devices, or gearing up for your latest compliance audit, Packet Protector provides practical information that IT and infrastructure pros can put to work. Every episode covers the latest security headlines and then drills into essential topics to provide technical and strategic insights on wired and wireless network security, access control, cloud security, pen testing and red/blue teaming, security hardware and software, and more. Whether security is your full-time job or one of your many responsibilities, Packet Protector is your go-to cybersecurity resource.
Episodes
Mentioned books
Nov 25, 2025 • 45min
PP088: How Fortinet Delivers Web App Security in the AI Era (Sponsored)
Web applications have always been tricky to protect. They’re meant to be accessible over the Internet, which exposes them to malicious actors, they’re designed to take end-user inputs, which can be manipulated for malicious purposes, and they often handle sensitive data. Then the rise of public cloud and microservices architectures added new layers of complexity... Read more »
Nov 18, 2025 • 46min
PP087: Why SBOMs Are Cooler and More Useful Than You Think
Just what’s inside that commercial software you bought? Does it contain open-source components, NPM packages, or other third-party code? How could you find out? The answer is a Software Bill of Materials, or SBOM, a machine-readable inventory of a finished piece of software. Why should you care about SBOMs? Our guest, Natalie Somersall, is here... Read more »
Nov 11, 2025 • 45min
PP086: Using Let’s Encrypt and the ACME Protocol for Domain Validation Certificates
Certificates are the socks of IT—everyone needs them, and you always lose track of a few. On today’s show we dive into the ACME protocol, an IETF standard to help automate how a domain owner gets a domain validation certificate from a Certificate Authority (CA). Our guest, Ed Harmoush, a former network engineer with AWS... Read more »
Nov 5, 2025 • 52min
PP085: News Roundup – Naked Satellite Signals, Account Recovery Buddies, Busting Ghost Networks
Did you know college students are snooping on satellite transmissions? On today’s news roundup we discuss new research in which university investigators use off-the-shelf equipment to intercept traffic from geostationary satellites and discover that a lot of it is unencrypted. We also dig into the credential hygiene lessons we can learn from a corpus of... Read more »
Oct 30, 2025 • 45min
PP084: Inside the CVE Process With Cisco (Sponsored)
Osman Hashmi, a Principal Engineer at Cisco, Joe Malcolm, the CISO for Infrastructure Engineering, and Marco Cassini, an Incident Manager at Cisco's PSIRT, dive into the complexities of the CVE process. They discuss how key organizations like MITRE and NVD contribute to CVE management, explore the role of NVD in scoring vulnerabilities, and unpack the importance of Cisco’s CNA role. Additionally, they touch on responsible disclosure practices, the impact of customer collaboration on validation, and how AI is being integrated into security workflows.
Oct 21, 2025 • 44min
PP083: A CISO’s Perspective on Model Context Protocol (MCP)
Model Context Protocol (MCP) is an open-source protocol that enables AI agents to connect to data, tools, workflows, and other agents both within and outside of enterprise borders. As organizations dive head-first into AI projects, MCP and other agentic protocols are being quickly adopted. And that means security and network teams need to understand how... Read more »
Oct 14, 2025 • 1h 2min
PP082: Building a Workable Mobile Security Strategy In a World of Risky Apps
Today we’re bringing back one of our favorite guests — Akili Akridge. He’s a former Baltimore cop who transitioned to building and leading mobile offense and defense teams for federal agencies and Fortune 100s. These days he’s a straight-talking expert on all things mobile security. We’re digging into mobile threats, why they keep CISOs up... Read more »
Oct 7, 2025 • 48min
PP081: News Roundup – BRICKstorm Backdoor Targets Network Appliances, GitHub Unveils Supply Chain Defense Plans
From a massive SIM farm takedown to dealing with supply chain attacks targeting npm, our news roundup provides context and commentary on a fresh crop of security news. We discuss exploits against Cisco firewalls and switches, a SonicWall firmware update to remove a rootkit targeting its SMA 100, and GitHub’s plans to harden npm packages.... Read more »
Sep 30, 2025 • 45min
PP080: The State of OT Risks in 2025 (and What to Do About Them)
What does the risk environment for Operational Technology (OT) look like in 2025? JJ and Drew review four recent reports on the state of OT security from Dragos, Fortinet, and others. We discuss ransomware impacts, ongoing risks of RDP traffic, directly exposed OT devices, and overall attack trends and the tools and processes that organizations... Read more »
Sep 23, 2025 • 58min
PP079: Rethinking the Architecture of Microsegmentation
Philip Griffiths, Head of Strategic Sales at NetFoundry and a prominent voice in Cloud Security Alliance, dives deep into the intricacies of microsegmentation. He defines it as isolating workloads for enhanced security and links it to Zero Trust principles like continuous authentication and identity enforcement. Philip discusses the importance of starting with protect surfaces for implementing microsegmentation effectively. He also explores the potential of eBPF for real-time visibility and shares visions of identity-embedded applications for the future.
