Packet Protector
Packet Pushers
Join us at the intersection of networking and security! Whether you’re fending off ransomware attacks, securing remote workers, hunting for rogue IoT devices, or gearing up for your latest compliance audit, Packet Protector provides practical information that IT and infrastructure pros can put to work. Every episode covers the latest security headlines and then drills into essential topics to provide technical and strategic insights on wired and wireless network security, access control, cloud security, pen testing and red/blue teaming, security hardware and software, and more. Whether security is your full-time job or one of your many responsibilities, Packet Protector is your go-to cybersecurity resource.
Episodes
Mentioned books
Apr 23, 2024 • 47min
PP011: IoT Protocols: Detection and Protection
IoT devices are often like the tiny aliens in the locker in Men in Black: They’ve created a whole little world on your network without almost any humans knowing they exist. Today Troy Martin joins the show to teach us the basics of how to find and secure IoT devices on your network, specifically focusing... Read more »
Apr 16, 2024 • 37min
PP010: CISA’s Cyber Incident Reporting Law: What You Need to Know
The US government is seeking comment on a new law mandating detailed cyber incident reporting. In this episode, we cover what you need to know about the “Cyber Incident Reporting for Critical Infrastructure Act.” We break down the details, including what kind of companies the law applies to, what it defines as an “incident,” and... Read more »
Apr 9, 2024 • 42min
PP009: Don’t Forget the Firmware
If your approach to firmware is that you don’t bother it as long as it doesn’t bother you, you might want to listen to this episode. Concerns about supply chain vulnerabilities are on the rise and for good reason: Attackers are targeting firmware because compromising this software can allow attackers to persist on systems after... Read more »
Apr 2, 2024 • 0sec
PP008: Dishin’ Up Cloud SLAW (Security Lab A Week)
Learning cloud security can be daunting for experienced network engineers, much less complete newbies. That’s why Rich Mogull started “Cloud Security Lab A Week,” aka Cloud SLAW. Every Thursday, he emails subscribers a new hands-on lab, building a full enterprise deployment week-by-week, step-by-step. Rich explains all the details to JJ and Drew including the cost... Read more »
Mar 26, 2024 • 53min
PP007: IPv6 Security Essentials
You’re already running IPv6, even if you don’t know it yet. Your remote users are using it at their homes, your printers come with it built into the kernel, your generals are using it on their mobile phones (check out our news headlines section). So let’s stop trying to disable it whack-a-mole style, and start... Read more »
Mar 19, 2024 • 49min
PP006: Effective Security for Small IT Shops
This episode is for IT professionals who work in small- to medium-sized businesses and are expected to handle cybersecurity on top of issues like “my camera isn’t working on Zoom.” Guest Joe Stern has been filling this role for an 80-person company for almost 30 years. We talk about how he prioritizes risks, security tools... Read more »
Mar 12, 2024 • 43min
PP005: Red, Blue, Purple: Choosing the Right Teams for Security Testing and Defense
According to Bryson Bort, you can build higher metaphorical fences, electrify them, and have sharks with laser beams prowling the moat, but attackers are still going to get through the security perimeter. That’s why the priority of any IT team should be to identify anomalies and anticipate attack logic. To do this, organizations need to... Read more »
Mar 5, 2024 • 49min
PP004: Exploiting Vulnerabilities, Not Customers: How to Pick Good Pen Testers
When you’re picking a penetration tester to poke at your security infrastructure, how do you know if you’re picking a good one? Is pen testing even the right service for your needs? Pen tester, SANS course creator, and OWASP board member Kevin Johnson joins the show to share tips for what to look for in... Read more »
Feb 27, 2024 • 54min
PP003: An Insider’s Look At Security Certs
What are the best cybersecurity certs to get? Do advancements in cloud and AI mean security professionals need to re-skill? How do certifying organizations decide what new courses to create? Chief Curriculum Director and Faculty Lead at the SANS Institute, Rob Lee, joins Jennifer “JJ” Minella and Drew Conry-Murray to give an insider’s view on... Read more »
Feb 20, 2024 • 37min
PP002: The Tricky Biz Of Secrets Management
Today we look at secrets management and privileged access management from the perspective of a network engineer. How do you and your team securely store sensitive data including passwords, SSH keys, API keys, and private certificate keys, while still being able to work nimbly? What Privileged Access Management (PAM) practices can help put guardrails in... Read more »
