"Secure Networks: Endace Packet Forensics Files" features interviews with leading cybersecurity and networking experts from companies such as Cisco, Darktrace, ...
Episode 60: James Spiteri - Director of Product Management for Security Analytics at Elastic
How Generative AI and Machine Learning are Revolutionizing CybersecurityIn this episode of the Endace Packet Forensic Files, Michael Morris explores how advanced technologies like AI and machine learning are transforming security operations with James Spiteri. With extensive experience in cybersecurity and security operations, including leading SOC teams and developing innovative solutions for AI and machine learning, James offers unparalleled insights.He delves into the growing sophistication of nation-state threats, the critical role of SIEM tools, and how AI-driven insights are enabling faster, smarter threat detection by prioritizing critical alerts, automating mundane tasks, analyzing complex data patterns, and operationalizing unstructured threat intelligence in real-time.Don’t miss this insightful episode, where James shares expert tips on leveraging cutting-edge technology to strengthen your cybersecurity defenses and stay ahead of evolving threats.ABOUT ENDACE*****************Endace (https://www.endace.com) is a world leader in high-performance packet capture solutions for cybersecurity, network and application performance.For more than two decades, Endace has revolutionized enterprise-class, always-on packet capture. The scalable EndaceProbe Analytics Platform (https://www.endace.com/endaceprobe) delivers deep, unified visibility across on-premise, private, and public cloud networks. Get to forensic evidence quickly, with rapid search and powerful tool integration. Protect your network and accelerate investigation and response with Endace.
--------
31:41
Episode 59: Matt Bromiley - SANS Author and Instructor | Veteran Threat Hunting Expert
Unlock the Power of Network Packet Data in CybersecurityIn this episode of the Endace Packet Forensics Files, Michael Morris dives into the critical role of network packet data in cybersecurity with Matt Bromiley, a seasoned threat-hunting expert. Matt shares why robust detection systems and proactive threat hunting are essential, and how network data serves as the “glue” that ties together evidence in cybersecurity investigations.The challenges of managing large data volumes, the growing role of AI in threat detection, and the tools needed to stay ahead of emerging threats are explored. Matt provides practical steps to seamlessly integrate packet capture into a threat-hunting toolkit, enabling teams to uncover and respond to even the most elusive threats.Matt emphasizes the importance of implementing a comprehensive packet capture strategy and using advanced tools, including AI, to manage data and enhance detection. He also stresses the need for continuous team training to effectively interpret data and respond to real-time threats, strengthening your defense against complex threats.Don’t miss this insightful episode, where Matt shares expert tips on optimizing threat hunting and leveraging packet capture to strengthen your cybersecurity defenses.
--------
38:59
Episode 57: Ryan Chapman - SANS Author and Instructor | Veteran DFIR Expert
Ransomware has shifted from simple, isolated attacks to coordinated, human-operated campaigns that target entire organizations. In this episode of the Endace Packet Forensics Files, Michael Morris talks with Ryan Chapman, SANS Instructor and expert in Digital Forensic and Incident Response (DFIR) about these evolving threats. Ryan explains how attackers are becoming more methodical and sophisticated, focusing on disabling EDR/XDR solutions to evade detection and leaving organizations vulnerable to advanced attacks. One of the key challenges Ryan highlights is visibility. Without robust logging, packet capture, and monitoring tools, it’s nearly impossible to understand how an attack happened fully. Even encrypted traffic can reveal critical patterns if analyzed properly. Ryan shares examples of organizations that suffered reinfections because they rushed to restore systems without identifying the original entry point. Packet capture data plays a vital role in pinpointing when and how attackers infiltrated, ensuring a safe recovery and minimizing disruption. As ransomware tactics evolve, adopting a Zero-Trust approach is essential. Ryan discusses how limiting permissions and avoiding overly trusting software configurations can help prevent breaches. He cites the Kaseya attack, where some organizations avoided compromise by not blindly whitelisting trusted directories. As attackers increasingly use legitimate tools, verifying all network activity and following least privilege principles are critical defenses. Don’t miss this insightful episode, where Ryan provides actionable advice for preparing your organization against today’s ransomware threats.
In this episode, I chat with Taran Singh, VP of Product Management at Keysight Technologies, about network observability. Taran explains its importance within the zero-trust architecture and discusses the challenges organizations face in achieving clear network visibility. He highlights the role of historical data analysis in cybersecurity and outlines Keysight's approach to network visibility. Don’t miss this insightful discussion on network observability and its significance in modern cybersecurity. Follow Taran here on LinkedIn - https://www.linkedin.com/in/taransingh/
--------
17:59
Episode 54: Jake Williams - IANS faculty member, former SANS educator, computer science and information security expert and U.S. Army veteran.
In this episode of the Endace Packet Forensics Files, Michael chats with Jake Williams, aka @MalwareJake who delves into the concept of Zero Trust and its significance for organizations seeking to bolster their security defences.Discover how Zero Trust challenges traditional security models and learn about the crucial role of continuous verification and network visibility in mitigating threats. Gain valuable insights into networking fundamentals and the integration of cybersecurity principles from an industry veteran.Don't miss out on this opportunity to enhance your cybersecurity knowledge and stay ahead of evolving threats.
About Secure Networks: Endace Packet Forensics Files
"Secure Networks: Endace Packet Forensics Files" features interviews with leading cybersecurity and networking experts from companies such as Cisco, Darktrace, Palo Alto Networks, and others. It focuses on the issues that Security, Network Operations and DevOps teams face in securing and managing their networks and applications and provides insights into best practices and future developments.
![Podcast Tech Life](https://nz.radio.net/podcast-images/175/techtent.jpeg?version="c5e89b459a73875e73b78f17158420e1")
New Zealand