Packet Protector
Packet Pushers
Join us at the intersection of networking and security! Whether you’re fending off ransomware attacks, securing remote workers, hunting for rogue IoT devices, or gearing up for your latest compliance audit, Packet Protector provides practical information that IT and infrastructure pros can put to work. Every episode covers the latest security headlines and then drills into essential topics to provide technical and strategic insights on wired and wireless network security, access control, cloud security, pen testing and red/blue teaming, security hardware and software, and more. Whether security is your full-time job or one of your many responsibilities, Packet Protector is your go-to cybersecurity resource.
Episodes
Mentioned books
May 7, 2024 • 43min
PP013: Untangling Managed Security Services
What’s the difference between cybersecurity “as a service” vs. “managed” vs. “hosted”? And what’s the difference between an MSP and an MSSP? In this episode, JJ helps untangle the terms and concepts in cybersecurity offerings. She explains what questions you should ask vendors to make sure you’re picking the right one for your needs; negotiating... Read more »
Apr 30, 2024 • 41min
PP012: Planning for a Post Quantum Cryptography World
The classical encryption algorithms that currently undergird our IT infrastructure will be broken once there’s a powerful and stable enough quantum computer to do the job. Quantum-resistant algorithms are being developed by NIST, but implementation and deployment of these algorithms still have to be addressed. So what does all this mean for busy IT and... Read more »
Apr 23, 2024 • 47min
PP011: IoT Protocols: Detection and Protection
IoT devices are often like the tiny aliens in the locker in Men in Black: They’ve created a whole little world on your network without almost any humans knowing they exist. Today Troy Martin joins the show to teach us the basics of how to find and secure IoT devices on your network, specifically focusing... Read more »
Apr 16, 2024 • 37min
PP010: CISA’s Cyber Incident Reporting Law: What You Need to Know
The US government is seeking comment on a new law mandating detailed cyber incident reporting. In this episode, we cover what you need to know about the “Cyber Incident Reporting for Critical Infrastructure Act.” We break down the details, including what kind of companies the law applies to, what it defines as an “incident,” and... Read more »
Apr 9, 2024 • 42min
PP009: Don’t Forget the Firmware
If your approach to firmware is that you don’t bother it as long as it doesn’t bother you, you might want to listen to this episode. Concerns about supply chain vulnerabilities are on the rise and for good reason: Attackers are targeting firmware because compromising this software can allow attackers to persist on systems after... Read more »
Apr 2, 2024 • 0sec
PP008: Dishin’ Up Cloud SLAW (Security Lab A Week)
Learning cloud security can be daunting for experienced network engineers, much less complete newbies. That’s why Rich Mogull started “Cloud Security Lab A Week,” aka Cloud SLAW. Every Thursday, he emails subscribers a new hands-on lab, building a full enterprise deployment week-by-week, step-by-step. Rich explains all the details to JJ and Drew including the cost... Read more »
Mar 26, 2024 • 53min
PP007: IPv6 Security Essentials
You’re already running IPv6, even if you don’t know it yet. Your remote users are using it at their homes, your printers come with it built into the kernel, your generals are using it on their mobile phones (check out our news headlines section). So let’s stop trying to disable it whack-a-mole style, and start... Read more »
Mar 19, 2024 • 49min
PP006: Effective Security for Small IT Shops
This episode is for IT professionals who work in small- to medium-sized businesses and are expected to handle cybersecurity on top of issues like “my camera isn’t working on Zoom.” Guest Joe Stern has been filling this role for an 80-person company for almost 30 years. We talk about how he prioritizes risks, security tools... Read more »
Mar 12, 2024 • 43min
PP005: Red, Blue, Purple: Choosing the Right Teams for Security Testing and Defense
According to Bryson Bort, you can build higher metaphorical fences, electrify them, and have sharks with laser beams prowling the moat, but attackers are still going to get through the security perimeter. That’s why the priority of any IT team should be to identify anomalies and anticipate attack logic. To do this, organizations need to... Read more »
Mar 5, 2024 • 49min
PP004: Exploiting Vulnerabilities, Not Customers: How to Pick Good Pen Testers
When you’re picking a penetration tester to poke at your security infrastructure, how do you know if you’re picking a good one? Is pen testing even the right service for your needs? Pen tester, SANS course creator, and OWASP board member Kevin Johnson joins the show to share tips for what to look for in... Read more »
