Just what’s inside that commercial software you bought? Does it contain open-source components, NPM packages, or other third-party code? How could you find out? The answer is a Software Bill of Materials, or SBOM, a machine-readable inventory of a finished piece of software. Why should you care about SBOMs? Our guest, Natalie Somersall, is here... Read more »

Certificates are the socks of IT—everyone needs them, and you always lose track of a few. On today’s show we dive into the ACME protocol, an IETF standard to help automate how a domain owner gets a domain validation certificate from a Certificate Authority (CA). Our guest, Ed Harmoush, a former network engineer with AWS... Read more »

Did you know college students are snooping on satellite transmissions? On today’s news roundup we discuss new research in which university investigators use off-the-shelf equipment to intercept traffic from geostationary satellites and discover that a lot of it is unencrypted. We also dig into the credential hygiene lessons we can learn from a corpus of... Read more »

CVEs, or Common Vulnerabilities and Exposures, are such a routine aspect of tech that most IT pros probably take them for granted. But like many things we take for granted, the CVE process takes some serious organizational infrastructure to function. On today’s Packet Protector, sponsored by Cisco, we talk about the organizations and processes that... Read more »

Model Context Protocol (MCP) is an open-source protocol that enables AI agents to connect to data, tools, workflows, and other agents both within and outside of enterprise borders. As organizations dive head-first into AI projects, MCP and other agentic protocols are being quickly adopted. And that means security and network teams need to understand how... Read more »

Today we’re bringing back one of our favorite guests — Akili Akridge. He’s a former Baltimore cop who transitioned to building and leading mobile offense and defense teams for federal agencies and Fortune 100s. These days he’s a straight-talking expert on all things mobile security. We’re digging into mobile threats, why they keep CISOs up... Read more »

From a massive SIM farm takedown to dealing with supply chain attacks targeting npm, our news roundup provides context and commentary on a fresh crop of security news. We discuss exploits against Cisco firewalls and switches, a SonicWall firmware update to remove a rootkit targeting its SMA 100, and GitHub’s plans to harden npm packages.... Read more »

What does the risk environment for Operational Technology (OT) look like in 2025? JJ and Drew review four recent reports on the state of OT security from Dragos, Fortinet, and others. We discuss ransomware impacts, ongoing risks of RDP traffic, directly exposed OT devices, and overall attack trends and the tools and processes that organizations... Read more »

Microsegmentation is a complex topic. We did an overview episode earlier this year, and we invited listeners to reach out to keep the microsegmentation conversation going. Today’s guest did just that. Philip Griffiths is Head of Strategic Sales at Netfoundry. However, this isn’t a sponsored show about NetFoundry. Philip is also involved in a working... Read more »

You can build effective, scalable detection pipelines using free and open-source tools like Zeek, Suricata, YARA, and Security Onion. Today on Packet Protector we welcome Matt Gracie, Senior Engineer at Security Onion Solutions — the team behind the open-source platform used for detection engineering, network security monitoring, and log management. Matt has over 15 years... Read more »

Is any publicity good publicity? On today’s News Roundup we talk about how Salesloft, which makes the Drift chat agent that’s been used as a jumping-off point for credential harvesting and data breach attacks against a bunch of big-name companies, is testing that proposition. We also discuss bugs affecting industrial refrigeration controllers, and Microsoft making... Read more »

Our airwaves are alive with radio frequencies (RF). Right now billions of devices around the world are chattering invisibly over Wi-Fi, Bluetooth, Zigbee, and other protocols you might not have heard of. On today’s show we peer into the invisible world to better understand the RF threat environment. Our guest is Brett Walkenhorst, CTO of... Read more »

Microsoft is rethinking allowing endpoint security software to run in the Windows kernel (including third-party and Microsoft’s own endpoint security software). While there are benefits to running security software in the kernel, there are also serious downsides (see the CrowdStrike outage). Dan Massameno joins JJ and Drew on Packet Protector to talk about the role... Read more »

Packet Protector goes global for today’s security news roundup. Microsoft discontinues a program in which engineers in China supported the US Department of Defense’s cloud infrastructure (with the help of US ‘digital escorts’), Taiwanese chipmaker TSMC fires several employees over allegations of attempted theft of sensitive tech, an Arizona woman gets 8 years in prison... Read more »

From SAML to OAuth to FIDO2 to passwordless promises, we unpack what’s working—and what’s broken—in the world of identity and authentication. Today on the Packet Protector podcast, we’re joined by the always thoughtful and occasionally provocative Wolf Goerlich, former Duo advisor, and now a practicing CISO in the public sector. We also talk about authorization... Read more »

Mobile devices blur the boundaries between personal and work devices and are packed with sensitive information, making them popular targets for malware, spyware, and data collection. On today’s Packet Protector we dig into strategies for managing threats to mobile devices with guest Akili Akridge. Akili started his career pulling burner phones off suspects as a... Read more »

CyberRatings, a non-profit that performs independent testing of security products and services, has released the results of comparative tests it conducted on Secure Service Edge, or SSE, services. Tested vendors include Cisco, Cloudflare, Fortinet, Palo Alto Networks, Skyhigh Security, Versa Networks, and Zscaler. We look at what was tested and how, highlight results, and discuss... Read more »

There’s lots of juicy stories in our monthly security news roundup. The Scattered Spider hacking group makes effective use of social engineering to target MSPs, Microsoft pushes for better Windows resiliency by rethinking kernel access policies for third-party endpoint security software, and the US Justice Department files indictments against alleged operators of laptop farms that... Read more »

Quantum computing is here, and it’s being used for more than cracking encryption. On today’s Packet Protector we get a primer on quantum, how it differs from classical computing, its applications for difficult computing problems, why quantum will be the death of blockchain, and how to think about quantum risks. Our guest, Johna Johnson, is... Read more »

Today’s Packet Protector digs into risks and threats you might encounter in a Kubernetes environment, what to do about them, and why sometimes a paved path (or boring technology) is the smartest option. My guest is Natalie Somersall, Principal Solutions Engineer for the Public Sector at Chainguard. We talk about risks including identity and access... Read more »