Packet Protector
Packet Pushers
Join us at the intersection of networking and security! Whether you’re fending off ransomware attacks, securing remote workers, hunting for rogue IoT devices, or gearing up for your latest compliance audit, Packet Protector provides practical information that IT and infrastructure pros can put to work. Every episode covers the latest security headlines and then drills into essential topics to provide technical and strategic insights on wired and wireless network security, access control, cloud security, pen testing and red/blue teaming, security hardware and software, and more. Whether security is your full-time job or one of your many responsibilities, Packet Protector is your go-to cybersecurity resource.
Episodes
Mentioned books
Jul 23, 2024 • 44min
PP023: Wi-Fi Security Part 1 – Unpacking Vulnerabilities and Exploits
From an SSID confusion exploit to a RADIUS attack to a critical vulnerability in a Windows Wi-Fi driver, the past several months have seen multiple attacks and exploits targeting the wireless realm. On today’s Packet Protector podcast we talk with Wi-Fi security expert Stephen Orr to get his take on the severity of these issues,... Read more »
Jul 9, 2024 • 47min
PP022: Inside an Equipment Test Lab
Third-party test labs can help buyers make decisions about which products to purchase. While a testing lab can’t mimic the conditions of your specific production environment, it can assess a product’s fundamental capabilities and measure throughput, performance, and–in the case of security devices–effectiveness against a test suite of malware or attack techniques. On today’s episode... Read more »
Jul 2, 2024 • 37min
PP021: Critical Vulnerabilities, AI-Assisted Scams, Compromised VPNs, and More Security News
It’s an all-news episode for this week’s Packet Protector podcast. We cover critical vulnerabilities in the MOVEit file transfer software and in thousands of ASUS routers, and a remote code execution vulnerability in a Windows wireless driver that you really should patch. We discuss a Wall Street Journal article about how AI tools are helping... Read more »
Jun 25, 2024 • 35min
PP020: Dropping the SBOM: The Software Bill of Materials and Risk Management
If you care about nutrition, you check the ingredients of your food. If you care about your IT infrastructure, you check the Software Bill of Materials (SBOM) of the tech. At least that’s the future that Thomas Pace hopes for. Right now, SBOMs aren’t super common and software transparency is very low. Thomas walks us... Read more »
Jun 18, 2024 • 0sec
PP019: The God Accounts: Cloud IAM
Today we discuss how to secure your all-powerful root accounts on the three major public cloud providers: AWS, Azure, and GCP. Our guests today, Ned Bellavance and Kyler Middleton from the Day Two Cloud podcast (soon to be Day Two DevOps podcast), describe the struggle of securely managing several root accounts at once. They take... Read more »
Jun 11, 2024 • 39min
PP018: RSA Recap, Including a View from the Event SOC
Drew and JJ have recovered from the overstimulation of the RSA expo floor and are ready to discuss their takeaways from the conference. They discuss the surprising emphasis on microsegmentation and storage backups, and the not-so-surprising focus on IoT security and AI-assisted products. They also pull back the curtain on what the conference’s own SOC... Read more »
Jun 4, 2024 • 0sec
PP017: What’s the Matter? Understanding the Matter Protocol
Matter is an IoT protocol that has security and interoperability baked into it. Steve Hanna, the chair of the Product Security Working Group in the Connectivity Standards Alliance, joins the show today to walk us through this IP-based protocol for smart home devices. He compares Matter to an armored car, delivering a valuable payload securely... Read more »
May 28, 2024 • 0sec
PP016: Tabletop Security Exercises: D&D for Grown-ups
Tabletop security exercises can help organizations game out their response to a security incident. From the technical and business considerations to legal and PR implications, a tabletop exercise, like Dungeons and Dragons, lets you play-test attack and defense scenarios. Johna Till Johnson, CEO of Nemertes consulting firm and co-host of the Heavy Strategy podcast, joins... Read more »
May 21, 2024 • 42min
PP015: Zero Trust Architecture: Because You Can’t Trust Anybody Any More
Zero trust is a buzzword, but what does it actually mean and how will it impact network engineers? Jennifer is here to get us up to speed. First, she gives a general description: It’s a security architectural strategy that’s progressing toward increased observability and trust inferences. Then she breaks it down for the three main... Read more »
May 14, 2024 • 33min
PP014: Good Threat Hunting
Have you ever noticed “threat hunting” in vendor products and wondered exactly what it means? James Williams is here to explain: Threat hunting is the R&D of detection engineering. A threat hunter imagines what an attacker might try and, critically, how that behavior would show up in the logs of a particular environment. Then the... Read more »
