PLAY PODCASTS
Packet Protector

Packet Protector

116 episodes — Page 3 of 3

Ep 15PP015: Zero Trust Architecture: Because You Can’t Trust Anybody Any More

Zero trust is a buzzword, but what does it actually mean and how will it impact network engineers? Jennifer is here to get us up to speed. First, she gives a general description: It’s a security architectural strategy that’s progressing toward increased observability and trust inferences. Then she breaks it down for the three main... Read more »

May 21, 202442 min

Ep 14PP014: Good Threat Hunting

Have you ever noticed “threat hunting” in vendor products and wondered exactly what it means? James Williams is here to explain: Threat hunting is the R&D of detection engineering. A threat hunter imagines what an attacker might try and, critically, how that behavior would show up in the logs of a particular environment. Then the... Read more »

May 14, 202433 min

Ep 13PP013: Untangling Managed Security Services

What’s the difference between cybersecurity “as a service” vs. “managed” vs. “hosted”? And what’s the difference between an MSP and an MSSP? In this episode, JJ helps untangle the terms and concepts in cybersecurity offerings. She explains what questions you should ask vendors to make sure you’re picking the right one for your needs; negotiating... Read more »

May 7, 202442 min

Ep 12PP012: Planning for a Post Quantum Cryptography World

The classical encryption algorithms that currently undergird our IT infrastructure will be broken once there’s a powerful and stable enough quantum computer to do the job. Quantum-resistant algorithms are being developed by NIST, but implementation and deployment of these algorithms still have to be addressed. So what does all this mean for busy IT and... Read more »

Apr 30, 202440 min

Ep 1PP011: IoT Protocols: Detection and Protection

IoT devices are often like the tiny aliens in the locker in Men in Black: They’ve created a whole little world on your network without almost any humans knowing they exist. Today Troy Martin joins the show to teach us the basics of how to find and secure IoT devices on your network, specifically focusing... Read more »

Apr 23, 202446 min

Ep 10PP010: CISA’s Cyber Incident Reporting Law: What You Need to Know

The US government is seeking comment on a new law mandating detailed cyber incident reporting. In this episode, we cover what you need to know about the “Cyber Incident Reporting for Critical Infrastructure Act.” We break down the details, including what kind of companies the law applies to, what it defines as an “incident,” and... Read more »

Apr 16, 202437 min

Ep 9PP009: Don’t Forget the Firmware

If your approach to firmware is that you don’t bother it as long as it doesn’t bother you, you might want to listen to this episode. Concerns about supply chain vulnerabilities are on the rise and for good reason: Attackers are targeting firmware because compromising this software can allow attackers to persist on systems after... Read more »

Apr 9, 202441 min

Ep 8PP008: Dishin’ Up Cloud SLAW (Security Lab A Week)

Learning cloud security can be daunting for experienced network engineers, much less complete newbies. That’s why Rich Mogull started “Cloud Security Lab A Week,” aka Cloud SLAW. Every Thursday, he emails subscribers a new hands-on lab, building a full enterprise deployment week-by-week, step-by-step. Rich explains all the details to JJ and Drew including the cost... Read more »

Apr 2, 2024

Ep 7PP007: IPv6 Security Essentials

You’re already running IPv6, even if you don’t know it yet. Your remote users are using it at their homes, your printers come with it built into the kernel, your generals are using it on their mobile phones (check out our news headlines section). So let’s stop trying to disable it whack-a-mole style, and start... Read more »

Mar 26, 202453 min

Ep 6PP006: Effective Security for Small IT Shops

This episode is for IT professionals who work in small- to medium-sized businesses and are expected to handle cybersecurity on top of issues like “my camera isn’t working on Zoom.” Guest Joe Stern has been filling this role for an 80-person company for almost 30 years. We talk about how he prioritizes risks, security tools... Read more »

Mar 19, 202449 min

Ep 5PP005: Red, Blue, Purple: Choosing the Right Teams for Security Testing and Defense

According to Bryson Bort, you can build higher metaphorical fences, electrify them, and have sharks with laser beams prowling the moat, but attackers are still going to get through the security perimeter. That’s why the priority of any IT team should be to identify anomalies and anticipate attack logic. To do this, organizations need to... Read more »

Mar 12, 202443 min

Ep 4PP004: Exploiting Vulnerabilities, Not Customers: How to Pick Good Pen Testers

When you’re picking a penetration tester to poke at your security infrastructure, how do you know if you’re picking a good one? Is pen testing even the right service for your needs? Pen tester, SANS course creator, and OWASP board member Kevin Johnson joins the show to share tips for what to look for in... Read more »

Mar 5, 202449 min

Ep 3PP003: An Insider’s Look At Security Certs

What are the best cybersecurity certs to get? Do advancements in cloud and AI mean security professionals need to re-skill? How do certifying organizations decide what new courses to create? Chief Curriculum Director and Faculty Lead at the SANS Institute, Rob Lee, joins Jennifer “JJ” Minella and Drew Conry-Murray to give an insider’s view on... Read more »

Feb 27, 202454 min

Ep 2PP002: The Tricky Biz Of Secrets Management

Today we look at secrets management and privileged access management from the perspective of a network engineer. How do you and your team securely store sensitive data including passwords, SSH keys, API keys, and private certificate keys, while still being able to work nimbly? What Privileged Access Management (PAM) practices can help put guardrails in... Read more »

Feb 20, 202436 min

Ep 1PP001: WPA3: Everything You Wanted To Know But Were Afraid To Ask

It’s time to make the switch from WPA2 to WPA3. We cover how to do it and what migration challenges to be prepared for no matter what WLAN you are dealing with (open, passphrase, or 802.1x) . We also discuss what features make WPA3 an improvement over WPA2, particularly the replacement of PSK with SAE.... Read more »

Feb 13, 202431 min

Join Us For Packet Protector, A New Cybersecurity Podcast

Hi, I’m Jennifer Minella and I’m excited to finally share with you all that I’ll be co-hosting a new podcast on the Packet Pushers network. It’s called Pocket Protector, a podcast exploring the intersection of networking and security. Each week, we’re drilling into topics, from wired and wireless network security to access control and zero... Read more »

Feb 2, 20240 min