Episode 63: Jack Chan, VP of Product and Field CTO at Fortinet
Why NDR is Evolving—And What Enterprises Should Demand From ItIn this episode of the @Endace Packet Forensic Files, Michael Morris is joined by Jack Chan, VP of Product and Field CTO at Fortinet, to unpack what makes a truly effective Network Detection and Response (NDR) solution. Jack shares his perspective on why visibility, historical context, and deep threat hunting capabilities matter more than flashy features.They explore how AI and machine learning are transforming NDR—helping detect threats in encrypted traffic and reduce alert fatigue for SOC teams. Jack also talks about integrating NDR with firewalls and EDR tools to improve response decisions and streamline investigations.Finally, Jack leaves us with a powerful reminder: security starts with people. From secure coding to user awareness, the human element is often the weakest link—and the best place to strengthen your defences.ABOUT ENDACE *****************Endace (https://www.endace.com) is a world leader in high-performance packet capture solutions for cybersecurity, network and application performance. EndaceProbes are deployed on some of the world's largest, fastest and most critical networks. EndaceProbe models are available for on-premise, private cloud and public cloud deployments - delivering complete hybrid cloud visibility from a 'single-pane-of-glass'.Endace’s open EndaceProbe Analytics appliances (https://www.endace.com/endaceprobe) can be deployed in on-prem locations and can also host third-party security and performance monitoring solutions while simultaneously recording a 100% accurate history of network activity.
--------
25:21
--------
25:21
Episode 62: Jessica (Bair) Oppenheimer, Cisco's Director of Security Operations
What does it take to run a world-class Security Operations Center (SOC) in today’s high-stakes, high-speed cybersecurity landscape?In this episode of the @Endace, Packet Forensic Files, Michael Morris chats with Jessica (Bair) Oppenheimer, Cisco's Director of Security Operations, for an in-depth look at next-generation Security Operations Centers (SOCs). Jessica shares her expertise from securing high-stakes events like the Paris 2024 Olympics, NFL Super Bowl, Black Hat, and RSAC Conference. Discover how her team leverages AI, full packet capture with EndaceProbes, and integrations with Cisco XDR and Splunk to combat AI-driven threats and ensure rapid detection and response. This episode is a must-listen for cybersecurity professionals who want to stay ahead of evolving threats. It is packed with insights on balancing automation with human expertise and key KPIs for SOC success.ABOUT ENDACE *****************Endace (https://www.endace.com) is a world leader in high-performance packet capture solutions for cybersecurity, network and application performance. EndaceProbes are deployed on some of the world's largest, fastest and most critical networks. EndaceProbe models are available for on-premise, private cloud and public cloud deployments - delivering complete hybrid cloud visibility from a single pane-of-glass.Endace’s open EndaceProbe Analytics appliances (https://www.endace.com/endaceprobe) can be deployed in on-premise locations and can also host third-party security and performance monitoring solutions while simultaneously recording a 100% accurate history of network activity.
--------
27:37
--------
27:37
Episode 61: Jean-Pierre Bergeaux - Federal CTO, GuidePoint Security
In this episode of the @Endace Packet Forensics Files, I talk to Jean-Paul Bergeaux, Federal CTO at GuidePoint Security. We unravel the complex world of federal cybersecurity and discuss the critical importance of certifications, the game-changing M-21-31 directives, and how packet capture data is revolutionizing threat detection. We also uncover the potential risks and opportunities presented by generative AI in the cybersecurity landscape. From SolarWinds lessons to the emerging generative AI challenge, Jean-Paul provides unprecedented insights into how government agencies fight to stay ahead of sophisticated cyber threats. This episode offers a must-watch deep dive into the frontlines of digital defense.ABOUT ENDACE *****************Endace (https://www.endace.com) is a world leader in high-performance packet capture solutions for cybersecurity, network and application performance. EndaceProbes are deployed on some of the world's largest, fastest and most critical networks. EndaceProbe models are available for on-premise, private cloud and public cloud deployments - delivering complete hybrid cloud visibility from a 'single-pane-of-glass'.Endace’s open EndaceProbe Analytics appliances (https://www.endace.com/endaceprobe) can be deployed in on-prem locations and can also host third-party security and performance monitoring solutions while simultaneously recording a 100% accurate history of network activity.
--------
22:42
--------
22:42
Episode 60: James Spiteri - Director of Product Management for Security Analytics at Elastic
How Generative AI and Machine Learning are Revolutionizing CybersecurityIn this episode of the Endace Packet Forensic Files, Michael Morris explores how advanced technologies like AI and machine learning are transforming security operations with James Spiteri. With extensive experience in cybersecurity and security operations, including leading SOC teams and developing innovative solutions for AI and machine learning, James offers unparalleled insights.He delves into the growing sophistication of nation-state threats, the critical role of SIEM tools, and how AI-driven insights are enabling faster, smarter threat detection by prioritizing critical alerts, automating mundane tasks, analyzing complex data patterns, and operationalizing unstructured threat intelligence in real-time.Don’t miss this insightful episode, where James shares expert tips on leveraging cutting-edge technology to strengthen your cybersecurity defenses and stay ahead of evolving threats.ABOUT ENDACE*****************Endace (https://www.endace.com) is a world leader in high-performance packet capture solutions for cybersecurity, network and application performance.For more than two decades, Endace has revolutionized enterprise-class, always-on packet capture. The scalable EndaceProbe Analytics Platform (https://www.endace.com/endaceprobe) delivers deep, unified visibility across on-premise, private, and public cloud networks. Get to forensic evidence quickly, with rapid search and powerful tool integration. Protect your network and accelerate investigation and response with Endace.
--------
31:41
--------
31:41
Episode 59: Matt Bromiley - SANS Author and Instructor | Veteran Threat Hunting Expert
Unlock the Power of Network Packet Data in CybersecurityIn this episode of the Endace Packet Forensics Files, Michael Morris dives into the critical role of network packet data in cybersecurity with Matt Bromiley, a seasoned threat-hunting expert. Matt shares why robust detection systems and proactive threat hunting are essential, and how network data serves as the “glue” that ties together evidence in cybersecurity investigations.The challenges of managing large data volumes, the growing role of AI in threat detection, and the tools needed to stay ahead of emerging threats are explored. Matt provides practical steps to seamlessly integrate packet capture into a threat-hunting toolkit, enabling teams to uncover and respond to even the most elusive threats.Matt emphasizes the importance of implementing a comprehensive packet capture strategy and using advanced tools, including AI, to manage data and enhance detection. He also stresses the need for continuous team training to effectively interpret data and respond to real-time threats, strengthening your defense against complex threats.Don’t miss this insightful episode, where Matt shares expert tips on optimizing threat hunting and leveraging packet capture to strengthen your cybersecurity defenses.
About Secure Networks: Endace Packet Forensics Files
"Secure Networks: Endace Packet Forensics Files" features interviews with leading cybersecurity and networking experts from companies such as Cisco, Darktrace, Palo Alto Networks, and others. It focuses on the issues that Security, Network Operations and DevOps teams face in securing and managing their networks and applications and provides insights into best practices and future developments.
New Zealand