Threat Vector by Palo Alto Networks

What happens when you're face-to-face with a ransomware gang demanding millions—and every decision could determine whether your company survives? Jeremy D. Brown, Consulting Director at Palo Alto Networks Unit 42 with nearly seven years negotiating with cyber criminals, reveals the hidden world of ransomware negotiations. With hundreds of negotiations under his belt, Jeremy knows which groups honor their promises, which ones to never pay, and exactly what mistakes can cost you everything. You'll learn: - Why contacting a threat actor doesn't mean you have to pay (the #1 misconception that paralyzes victims) - How to extract critical forensic intelligence from attackers during initial contact - The fatal mistakes organizations make that destroy their negotiation leverage - Which ransomware groups are sanctioned entities that will land you in legal trouble if you pay - Why being polite to criminals actually gets you better outcomes than hostility Jeremy has negotiated with everyone from aggressive groups who email your executives to methodical operators following strict playbooks. He's seen organizations with backups walk away and others pay millions for decryption keys. Managing over 100 incidents, Jeremy has tracked how double extortion evolved from rare to standard practice, and now watches single extortion (data theft without encryption) surge again. This episode is essential for CISOs who need a negotiation plan before the crisis hits, incident responders building their skillset, and executives who must understand that ransomware response is about far more than just paying or not paying. #IncidentResponse #Ransomware Related Episodes: - Mastering the Basics: Cyber Hygiene and Risk Management - Crisis in the Kitchen About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠

In this episode of Threat Vector, host David Moulton speaks with LeeAnne Pelzer, Senior Consulting Director, and Brandon Hogle, Consulting Director, both with Palo Alto Networks Unit 42. Together, they explore how organizations can move from Zero Trust theory to practice.Zero Trust is the foundation of modern cybersecurity, but turning principles into measurable outcomes remains a challenge for many enterprises. Pelzer and Hogle share how Unit 42’s Zero Trust Advisory helps organizations assess their cybersecurity maturity, identify visibility gaps, and create tailored roadmaps that connect security architecture with business outcomes.The conversation dives into the common pitfalls that derail Zero Trust, including visibility gaps, operational complexity, and misalignment, and explores how to overcome them with clarity, collaboration, and continuous verification. For security leaders driving transformation, this episode offers a pragmatic look at how to cut through complexity and make Zero Trust achievable. About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠

Unit 42 is tracking more than 60 active hacktivist groups and Iran-linked threat actors right now. What are they actually doing, what should you believe, and what should you do about it? In this episode of Threat Vector, David Moulton sits down with Justin Moore, Senior Manager of Threat Intelligence Research at Unit 42, and Andy Piazza, Senior Director of Threat Intelligence at Unit 42, to walk through the Unit 42 Iran Threat Brief and what the observed activity means for defenders. You'll learn: - What Unit 42 is actually observing from groups like Handala Hack, FAD Team, and Dark Storm, and what claims remain unverified - Why Iran's reduced internet connectivity changes the threat picture in ways that aren't obvious - What dispersed operators and proxy groups mean for organizations far outside the Middle East - Which defensive actions matter most against the TTPs and IOCs Unit 42 has documented - How to handle hacktivist claims that may be exaggerated or false Justin Moore brings nine years of intelligence officer experience plus senior threat intel roles at Mandiant, Google, and TikTok before joining Unit 42. Andy Piazza has more than 20 years in security operations and threat intelligence, including leading IBM X-Force's global threat intel team. Read the threat brief from Unit 42:  - Escalation of Cyber Risk Related to Iran (March 2026) - Escalation of Cyber Risk Related to Iran (June 2025) This episode is essential listening if you're: a CISO assessing current exposure, a threat analyst tracking Iran-linked groups, or a security leader who needs to explain the actual observed risk to your board. Related Episodes: - Inside the Mind of State-Sponsored Cyberattackers - Frenemies With Benefits - From Policy to Cyber Interference #Cybersecurity #ThreatIntelligence About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠

North Korea has turned your hiring pipeline into a revenue machine. And most organizations have no idea. Evan Gordenker, Director of AI Security and DPRK Operations at Unit 42, has led more than 160 investigations into sophisticated threat actors, including the North Korean IT worker networks quietly embedded inside global companies. He joins David Moulton to unpack how this operation actually works, why common assumptions about remote work leave organizations exposed, and what security and HR teams can do to detect and disrupt it. You'll learn: - How DPRK operatives use deepfakes, fabricated identities, and real accomplice networks to pass interviews and land jobs at global companies - Why "we don't hire remote" is a dangerous assumption that no longer holds - What signals HR and SOC teams should look for, before and after someone is hired - How the threat has evolved from quiet wage theft to active extortion of former employers - What government collaboration and cross-border intelligence sharing can realistically accomplish Evan contributed to the UN Sanctions Monitoring Team report on North Korean operations and brings a rare combination of technical depth and geopolitical fluency to this problem. Having lived and worked across the US, EU, and Japan, he brings cultural context that matters when investigating a threat with global reach. His investigations have produced some of the most detailed profiles of DPRK operators in the security community. This episode is essential listening if you're: a security leader building out your insider threat program, an HR or talent acquisition leader who hasn't yet connected with your security team, or a threat intelligence analyst tracking how nation-state programs fund themselves. Related Episodes: - From Code to Compromise — Covers North Korean threat actors using fake job interviews to target developers via malicious IDE extensions. A strong companion to this episode's look at the broader IT worker scheme. -Inside the Mind of State-Sponsored Cyberattackers — A deeper look at how nation-state operations are structured and why they're so hard to disrupt. #NationStateThreat #InsiderRisk About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠

Your security budget is funding the wrong defenses. Steve Elovitz leads Unit 42's North America consulting and incident response practice, where his team helps prevent, and ultimately answers the call when organizations face their worst day. After analyzing 750+ major breaches in a single year, he's seen exactly which security investments save companies and which ones fail when attackers strike. The data is uncomfortable: 90% of breaches succeed not because attackers are sophisticated, but because of misconfigurations or gaps in security coverage. You'll discover: - Why your detection window just shrunk to 1.2 hours (and what autonomous containment actually means when every minute counts) - The single identity control that separated organizations recovering in days from those shut down for weeks—with the same attacker, same techniques, different outcome - How to stop wasting money on tools that can't see the SaaS integrations and OAuth tokens attackers are already exploiting in your environment - Which gaps in your security posture are preventable right now, before they become next quarter's incident response bill - The defensive investment that delivers ROI in real breach scenarios, not just compliance checkboxes With 15+ years leading incident response teams at Mandiant, PriceWaterhouseCoopers, and Booz Allen Hamilton, Steve has helped security teams make critical decisions under pressure when ransomware is encrypting, data is walking out the door, and the board is demanding answers. He knows which controls actually stop sophisticated threat actors and which ones just look good in budget presentations. This episode is essential listening if you: - Need to defend your security roadmap with evidence from actual breach investigations, not vendor promises - Want to understand why identity keeps appearing in every postmortem and what to do about it before you're the case study - Are tired of "best practices" that don't map to how attackers actually succeed against real organizations Related Episodes: - Muddled Libra: From Spraying to Preying in 2025 - Learn which conditional access policies actually stopped the threat actor Unit 42 calls their toughest fight - Transform Your SOC and Get Ahead of the Threats - Discover how organizations build SOCs that partner effectively with IR teams instead of slowing down containment - Inside Jingle Thief: Cloud Fraud Unwrapped - Understand why your MFA deployment isn't protecting you from identity compromise the way you think it is #IncidentResponse If you think you may have been compromised or have an urgent matter, please contact Unit 42 Incident Response team or call North America Toll-Free: 866.486.4842 (866.4.UNIT42), EMEA: +31.20.299.3130, UK: +44.20.3743.3660, APAC: +65.6983.8730, or Japan: +81.50.1790.0200. About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.

Security that slows people down is security that gets bypassed. Birat Niraula leads security for Google Enterprise Network, where he oversees protection across on-premise, network infrastructure, enterprise, and cloud environments. In this episode of Threat Vector, host David Moulton explores a critical truth that most security leaders miss: the difference between friction that protects and friction that creates risk. You'll learn: - Why bad security UX isn't just annoying—it's a vulnerability that creates backdoors - How to identify friction that protects (like MFA and jump hosts) versus friction that makes teams bypass controls - Why DevOps teams inject backdoors into production when security slows them down too much - How AI is becoming the new cloud rush—teams deploying models without understanding security risks - The Chrome browser principle: best security is seamless security that users don't have to think about - Why embedding security teams in design processes beats the "sledgehammer approach" of blanket policies - How to use AI agents as security sidekicks to scale beyond what your team can manually review Birat shares hard-won lessons from securing enterprises at massive scale—from building 24/7 SOCs to leading multi-cloud architecture at Goldman Sachs to now protecting Google's infrastructure. But this conversation isn't about his resume. It's about the fundamental tradeoffs security leaders face: velocity versus protection, automation versus human judgment, and when to embrace friction versus when friction becomes the enemy. This episode is essential listening if you're: leading enterprise security programs, struggling with teams that route around your controls, managing DevOps or cloud security, implementing security that doesn't block business velocity, or trying to understand where AI security is heading. Related Episodes: - Securing the Modern Workforce - Why Security Platformization Is the Future of Cyber Resilience - Shifting Security Left #Cloud #SecurityUX #DevSecOps

What separates organizations that truly excel at cybersecurity from those that just spend money on it? In this episode of Threat Vector, host David Moulton sits down with Isaias Telhado, Senior Cybersecurity Customer Success Engineer at Palo Alto Networks, to explore what cybersecurity success actually looks like. With over 25 years in IT and security leadership across Nestlé, Zscaler, and now Palo Alto Networks, Isaiah has seen firsthand what transforms organizations from vulnerable and reactive to confident and resilient. You'll learn: - Why the "castle and moat" security model creates massive blind spots that leave you vulnerable from the inside - The museum analogy that finally makes Zero Trust architecture click - How AI is shifting security teams from reactive firefighting to strategic threat forecasting - What "crypto agility" means and why quantum readiness matters today, not tomorrow - The cultural shifts that separate mature security programs from expensive tool collections Isaias shares a powerful case study of a major financial institution that transformed from a devastating data breach caused by misconfiguration to a proactive, cloud-native security posture. The outcome? Incidents dropped dramatically, and the security team's confidence soared—proving security can be a business driver, not a blocker. Beyond technology, Isaiah reveals why collaboration across IT, legal, operations, and business leadership is essential—and why the best security awareness programs are bidirectional, not just pushing policies onto users. With insights on breaking down silos, measuring what matters, and avoiding common pitfalls that slow security maturity even in well-funded organizations, this conversation delivers practical wisdom for security leaders at any stage of their journey. This episode is essential listening if you're: implementing Zero Trust architecture, managing cloud migration while maintaining security, breaking down organizational silos between security and business units, struggling to prove ROI on security investments, or preparing your organization for AI-powered threats and quantum computing risks. Related Episodes: - Why Security Platformization Is the Future of Cyber Resilience - Securing the Modern Workforce - Unlocking Cybersecurity ROI with Platformization #ZeroTrust #CloudSecurity About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.

Can you trust your AI systems with your business, or are they just another attack surface waiting to be exploited? Aaron Isaksen leads AI Research and Engineering at Palo Alto Networks, where he advances state-of-the-art AI in cybersecurity. In this episode of Threat Vector, host ⁠David Moulton⁠ sits down with ⁠Dr. Aaron Isaksen⁠ to explore why engineering excellence must precede ethical AI debates, how adversarial AI is reshaping cybersecurity, and what it actually takes to build AI systems resilient enough to operate in hostile environments. You'll learn: Why well-engineered AI must be the prerequisite before discussing AI ethics How prompt injection attacks are becoming the "SQL injection of the AI era," and why they may never be fully solved What defending the Black Hat USA NOC with AI-powered security taught about real-world AI resilience How machine learning transforms attack surface management from manual inventory chaos to automated risk reduction Why game development experience creates better cybersecurity AI researchers (and what curiosity has to do with it) Before Palo Alto Networks, Aaron spent 15+ years building products across wildly different domains. From co-founding mobile gaming companies and funding independent game developers through Indie Fund, to leading ML engineering at ASAPP where his teams prototyped state-of-the-art neural networks for NLP. With a PhD from NYU (automated software design), a Master's from MIT (light field rendering), and a BS from UC Berkeley, Aaron brings a unique perspective: AI security isn't about philosophical debates. It's about rigorous engineering, continuous red teaming, and building systems that can withstand determined adversaries. This episode is essential listening if you're: deploying AI in production systems, building security programs around generative AI tools, leading attack surface management initiatives, trying to separate AI security theater from actual resilience, or wondering whether your AI agents can operate safely on the open web. #AI Related Episodes: Identity: The Kill Switch for AI Agents Securing AI in the Enterprise Inside AI Runtime Defense About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.

Can AI agents be trusted when 80% of today's breaches start with compromised identities? Carey Frey, Chief Security Officer at TELUS, joins Threat Vector host David Moulton to tackle the most overlooked security challenge in the AI revolution: identity. With 20+ years protecting everything from Canada's Communication Security Establishment to one of North America's largest telecommunications companies, Carey brings hard-won wisdom about why identity isn't just important—it's the foundation that determines whether agentic AI becomes a force multiplier or an attack surface disaster. You'll learn: Why 95% of organizations haven't thought about AI agent identity (and what happens when they deploy anyway) The single data layer CISOs need to build before AI agents can operate safely at scale How threat actors have already abandoned malware for something far simpler—and why AI makes it exponentially worse What "delegated authority" means for AI agents and why Gmail's EA permissions model points the way forward The maturity model that tells you if your identity foundation will crumble under agentic AI Carey leads security programs protecting TELUS's global assets while delivering managed cybersecurity services to 450+ customers across Canada. As a member of the Security Innovation Network (SINet), he co-authored practitioner guidance defining what "AI-native identity fabric" actually means—and why solving identity before deploying agents isn't optional. His insights bridge 20 years of government intelligence work with real-world enterprise security at telecommunications scale. Read Carey's work on identity and AI: The AI Revolution: Identity Will Unleash Its Full Power SINet Identity Working Group Strategic Guide This episode is essential listening if you're: evaluating AI agent platforms, struggling with fragmented IAM systems across cloud and on-prem, implementing Zero Trust for non-human identities, or trying to understand why identity suddenly became the CISO's #1 priority after being the "third rail" for decades. Related Episodes: Transform Your SOC And Get Ahead Of The Threats Securing AI in the Enterprise How to Scale Responsible AI in the Enterprise Join the conversation on our social media channels: Website:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.paloaltonetworks.com/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Threat Research:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Facebook:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ YouTube:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@paloaltonetworks⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Twitter:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.

What does it take to lead the world's largest cybersecurity company through the AI revolution—without breaking things? Nikesh Arora, Chairman and CEO of Palo Alto Networks, doesn't sugarcoat it: security always becomes an afterthought during innovation cycles. In this special 100th episode of Threat Vector, Nikesh sits down with host David Moulton to share how he transformed Palo Alto Networks from a $2.7B firewall company into the world's largest cybersecurity platform—and why the AI inflection point requires a completely different playbook. You'll learn: Why security inevitably lags innovation (and the psychology behind "Jerry-rigging production") The three-part strategic framework that separates winners from losers during inflection points How "deep laziness" drives first-principles thinking and better decision-making Why enterprises will need 3-5x more data consumption to properly train AI How Palo Alto Networks reduced mean time to detect from 4 days to 1 minute through architectural reinvention What 11 pages of written business principles look like in practice Before Palo Alto Networks, Nikesh served as President and COO at SoftBank and spent nearly a decade at Google as Chief Business Officer. He's seen consumer tech explosions, enterprise transformations, and now leads cybersecurity's response to AI—giving him a rare vantage point on how companies actually navigate technological shifts. The conversation ranges from rapid-fire questions about cricket and family time to deep strategic thinking about looking around corners, normalizing pressure, and the radical bets required to transform a company. Nikesh shares how intent matters more than perfection, why automation will eventually require AI to execute on our behalf, and what he wants his legacy to be. This episode is essential listening if you're: navigating AI adoption without clear playbooks, leading teams through uncertainty, trying to balance innovation velocity with security discipline, or building long-term strategy when the ground keeps shifting beneath you. Related Episodes: Why Security Platformization Is the Future of Cyber Resilience  Securing the AI Frontier  Transform Your SOC and Get Ahead of the Threats  #Leadership #AI Join the conversation on our social media channels: Website:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.paloaltonetworks.com/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Threat Research:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Facebook:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ YouTube:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@paloaltonetworks⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Twitter:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.

AI security is no longer optional, it’s urgent. In this episode of Threat Vector, David Moulton sits down with Ian Swanson, former CEO of Protect AI and now the AI Security Leader at Palo Alto Networks. Ian shares how securing the AI supply chain has become the next frontier in cybersecurity and why every enterprise building or integrating AI needs to treat it like any other software pipeline—rife with dependencies, blind spots, and adversaries ready to exploit them. They also explore "vibe coding" the practice of developers relying on instinct and intuition rather than rigorous review when coding with or around LLMs. It's a fun name for a very real risk. Whether you're a CISO, a developer, or anyone helping shape AI in your organization, this conversation is your guide to locking down AI before it locks you out. Join the conversation on our social media channels: Website:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.paloaltonetworks.com/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Threat Research:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Facebook:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ YouTube:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@paloaltonetworks⁠⁠⁠⁠⁠⁠⁠⁠⁠ Twitter:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠

What if the choices we make about AI security today determine who holds power tomorrow? Erica L. Shoemate brings over a decade of experience from the FBI and U.S. Intelligence Community, followed by senior leadership roles at Twitter, Amazon, and Meta shaping AI policy, cyber strategy, and regulatory readiness. As founder of The EN Strategy Group, she operates at the intersection where national security, emerging technology, and human-centered design collide. In this episode, David Moulton and Erica explore how AI is fundamentally reshaping the security landscape, from compressed decision-making timelines and asymmetric threat capabilities to the erosion of trust that creates strategic vulnerabilities. You'll learn: - Why AI governance can't be an afterthought—and how building policy alongside innovation creates competitive advantage, not friction - How the "new security order" is lowering disruption costs while amplifying ambiguity, enabling smaller actors to generate outsized impact - Why human-centered design isn't about empathy as a value—it's about operational clarity that prevents cognitive overload from becoming a security risk - The framework for balancing innovation and restraint: treating policy as guardrails, not brakes, while red-teaming AI systems before deployment - How trust functions as a national security asset—and why overconfidence is the fastest way to lose it Erica brings rare perspective from both classified intelligence operations and private sector AI deployment at scale. She challenges the assumption that speed and security are trade-offs, arguing instead that ethical AI systems are more durable, more resilient, and ultimately more profitable than those built without accountability. With AI compressing the timeline from detection to decision to response, the margin for error has never been smaller. This conversation reveals why the choices security leaders make right now—about governance, diversity, transparency, and human oversight—will define who is protected, who is exposed, and who maintains strategic advantage in an AI-driven future. This episode is essential listening if you're: - A CISO or security leader deploying AI-enabled systems who needs to balance innovation velocity with governance rigor - A policy professional struggling to keep pace with AI deployment timelines and seeking frameworks that enable rather than block - Anyone responsible for building trust in AI systems—whether with users, regulators, or boards—who recognizes transparency as competitive advantage Related Episodes: - Securing AI in the Enterprise with Tanya Shastri - Deep dive into AI governance frameworks and platformization strategies - How to Scale Responsible AI in the Enterprise with Noelle Russell - Building AI systems with fairness, accuracy, and security as foundational design choices - From Policy to Cyber Interference with Tom Bossert - Bridging national security policy and operational cybersecurity #AISecurity #CyberGovernance About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠

In this episode of Threat Vector, David Moulton is joined by Keith Mularski, Chief Global Ambassador at Qintel and former FBI cybercrime investigator, to explore how threat intel forged in the underground is reshaping today’s SOC. Keith shares lessons from his legendary career—undercover operations, dismantling DarkMarket, and leading some of the FBI’s most successful cybercrime takedowns. Together, they dig into how security operations centers can evolve by adopting the mindset of the adversary. You’ll hear why today’s SOC needs to prioritize threat context over alert volume, how collaboration across sectors drives real transformation, and why the next leap in SOC maturity won’t be technical—it’ll be strategic. You can also find Keith as one of the hosts of N2K CyberWire's ⁠Only Malware in the Building⁠ podcast that publishes the first Tuesday of each month. Check it out.  Join the conversation on our social media channels: Website:⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.paloaltonetworks.com/⁠⁠⁠⁠⁠⁠⁠⁠⁠ Threat Research:⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Facebook:⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn:⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ YouTube:⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@paloaltonetworks⁠⁠⁠⁠⁠⁠⁠⁠ Twitter:⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠

In this episode of Threat Vector, host Michael Heller, Managing Editor for Cortex and Unit 42 and Executive Producer of the podcast, sits down with long-time security leaders Greg Conti and Tom Cross to unpack the hacker mindset and the idea of “dark capabilities” inside modern technology companies. Greg, Principal at Kopidion Cybersecurity and a former Army Cyber Institute founder, and Tom, Head of Threat Research at GetReal and Senior Associate at Kopidion, explain why the real risk is not just what a product is supposed to do, but everything it is technically capable of doing in the hands of insiders, governments, or determined adversaries. Drawing on their DEF CON trainings in adversarial thinking and recent talks on effects based operations for tech companies, they explore how security leaders can systematically map their organization’s hidden capabilities, stress test them with an “if we decided to be evil” lens, and then build the technical and institutional guardrails that keep both people and platforms aligned with ethical and strategic goals. This conversation is especially important for decision makers tasked with securing the workforce in an era of AI, pervasive sensors, and increasingly blurred lines between defense and offense. Join the conversation on our social media channels: Website:⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.paloaltonetworks.com/⁠⁠⁠⁠⁠⁠⁠⁠ Threat Research:⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Facebook:⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn:⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ YouTube:⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@paloaltonetworks⁠⁠⁠⁠⁠⁠⁠ Twitter:⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠

In this episode of Threat Vector, host David Moulton, Senior Director of Thought Leadership at Unit 42, speaks with Jiphun Satapathy, SVP and CISO of Medallia. They discuss how security and user experience must coexist in today’s hybrid and AI-driven workplace. Satapathy explains how Medallia secures its global workforce, manages SaaS adoption, and uses enterprise browsers to protect users without adding friction. The conversation explores GenAI risk, shadow AI, endpoint visibility, and how SASE architecture enables smarter, safer workflows. Learn how CISOs can rethink old processes to keep innovation and protection in balance. Join the conversation on our social media channels: Website:⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.paloaltonetworks.com/⁠⁠⁠⁠⁠⁠⁠ Threat Research:⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Facebook:⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn:⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ YouTube:⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@paloaltonetworks⁠⁠⁠⁠⁠⁠ Twitter:⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠

We dive into a nostalgic yet revealing journey through classic hacker films, from WarGames to The Net and beyond, to assess what they got right, what they wildly imagined, and what those stories say about culture, fears, and cyber reality today. David Moulton, Senior Director of Thought Leadership for Unit 42  talks with Ben Hasskamp, Global Content Leader at Palo Alto Networks, who has been writing deeply on this intersection of media, tech, and risk. Together, we’ll examine how cinematic depictions of hacking have shaped public perception, influenced policy, and sometimes eerily foreshadowed modern cyber threats. Expect a blend of film critique, security insight, and cultural reflection. Join the conversation on our social media channels: Website:⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.paloaltonetworks.com/⁠⁠⁠⁠⁠⁠ Threat Research:⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Facebook:⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn:⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ YouTube:⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@paloaltonetworks⁠⁠⁠⁠⁠ Twitter:⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠⁠⁠⁠⁠⁠ About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠

In this special episode of Threat Vector, host David Moulton, Senior Director of Thought Leadership for Unit 42, sits down with Stav Setty, Principal Researcher at Palo Alto Networks, to unpack Jingle Thief a cloud-only, identity-driven campaign that turned Microsoft 365 into a gift card printing press. Stav explains how the Morocco based group known as Atlas Lion lived off the land inside M365 for months at a time, using tailored phishing and smishing pages, URL tricks, and internal phishing to compromise one user and quietly pivot to dozens more. Together, David and Stav walk through how the attackers abused legitimate identity features like device registration, MFA resets, inbox forwarding rules, and ServiceNow style access requests to blend into normal business workflows and monetize “digital cash” in the form of gift cards. They dig into why MFA alone is not safety, why identity is now the real perimeter, and how behavioral analytics, UEBA, and ITDR can piece together small signals into a clear story of compromise. You’ll come away with practical steps to harden identity posture, spot early warning signs in cloud environments, and protect high value systems where trust can be turned directly into profit. To go deeper on this campaign and the Atlas Lion threat actor, read the Unit 42 article Jingle Thief Inside a Cloud-Based Gift Card Fraud Campaign at https://unit42.paloaltonetworks.com/cloud-based-gift-card-fraud-campaign/ Join the conversation on our social media channels: Website:⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.paloaltonetworks.com/⁠⁠⁠⁠⁠ Threat Research:⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠⁠⁠⁠⁠⁠ Facebook:⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn:⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠⁠⁠⁠⁠⁠ YouTube:⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠@paloaltonetworks⁠⁠⁠⁠ Twitter:⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠⁠⁠⁠⁠ About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠

In this episode of Threat Vector, host David Moulton, Senior Director of Thought Leadership for Unit 42, speaks with Elad Koren, Vice President of Product Management for Cortex Cloud at Palo Alto Networks. With the 2025 Unit 42 Incident Response Report showing that adversaries can move from initial compromise to data theft in less than five hours, Elad explains why reactive security models can no longer keep up. He outlines how complexity in cloud environments, rising attacker speed, and the use of AI-driven automation have reshaped the threat landscape, leaving defenders little time to respond. The conversation dives into why posture and configuration alone are not enough, how uniting vulnerability management and threat detection eliminates blind spots, and why "peacetime" and "wartime" security must finally converge. Listeners will learn how to build trust between security and development teams, what it takes to truly shift left, and how unifying data and context enables faster and smarter decision-making. For security leaders ready to evolve from firefighting to forewarning, this episode offers a clear roadmap to proactive and resilient defense. Join the conversation on our social media channels: Website:⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.paloaltonetworks.com/⁠⁠⁠⁠ Threat Research:⁠⁠⁠⁠ ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠⁠⁠⁠⁠ Facebook:⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn:⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠⁠⁠⁠⁠ YouTube:⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠@paloaltonetworks⁠⁠⁠ Twitter:⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠⁠⁠⁠ About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.

On this episode of Threat Vector, host David Moulton sits down with Andy Piazza, Senior Director of Threat Intelligence at Unit 42, to unpack the good, the bad, and the ugly of AI in security. We explore how AI is accelerating detection and response, where it’s already saving thousands of analyst hours, and why human-in-the-loop still matters. We also examine the darker side: LLMs in command-and-control, deepfake-driven fraud, model drift, and data governance blind spots. For security leaders evaluating AI, Andy shares practical questions to cut through hype, real metrics that matter, and a blueprint for building trust. This conversation is essential for decision-makers aiming to secure AI everywhere while strengthening identity controls and SOC workflows. Join the conversation on our social media channels: Website:⁠⁠ ⁠⁠⁠⁠https://www.paloaltonetworks.com/⁠⁠ Threat Research:⁠⁠ ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠⁠⁠ Facebook:⁠⁠ ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠⁠⁠ LinkedIn:⁠⁠ ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠⁠⁠ YouTube:⁠⁠ ⁠⁠⁠@paloaltonetworks⁠ Twitter:⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠⁠ About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠ ⁠http://paloaltonetworks.com.

While our team is out on winter break, please enjoy this encore episode of Threat Vector . Join⁠ David Moulton⁠, Senior Director of Thought Leadership for Unit 42, as he sits down with⁠ Kyle Wilhoit⁠,Technical Director of Threat Research at Unit 42, for an intimate conversation about the evolution of hacker culture and cybersecurity. From picking up ⁠2600: The Hacker Quarterly⁠ magazines at Barnes & Noble and building beige boxes to leading threat research at Palo Alto Networks, Kyle shares his personal journey into the security community. This conversation explores how AI and automation are lowering barriers for attackers, the professionalization of cybersecurity, and what's been lost and gained in the industry's maturation. Kyle offers practical advice for newcomers who don't fit the traditional mold, emphasizing the importance of curiosity, soft skills, and intellectual humility.  Kyle Wilhoit is a seasoned cybersecurity researcher, with more than 15 years of experience studying cybercrime and nation-state threats. He's a frequent speaker at global conferences like Black Hat, FIRST, and SecTor, and has authored two industry-respected books: ⁠Hacking Exposed Industrial Control Systems⁠ and ⁠Operationalizing Threat Intelligence⁠. As a long-standing member of the Black Hat US Review Board and an adjunct instructor, Kyle is deeply involved in shaping both cutting-edge research and the next generation of cybersecurity professionals.⁠ ⁠ ⁠Connect with Kyle on LinkedIn⁠ Previous appearances on Threat Vector:  Inside DeepSeek’s Security Flaws (Mar 31, 2025) ⁠https://www.paloaltonetworks.com/resources/podcasts/threat-vector-inside-deepseeks-security-flaws⁠ War Room Best Practices (Nov 07, 2024)⁠https://www.paloaltonetworks.com/resources/podcasts/threat-vector-war-room-best-practices⁠  Cybersecurity in the AI Era: Insights from Unit 42's Kyle Wilhoit, Director of Threat Research (Jan 11, 2024)⁠https://www.paloaltonetworks.com/resources/podcasts/threat-vector-cybersecurity-in-the-ai-era-insights-from-unit-42s-kyle-wilhoit-director-of-threat-research⁠  Learn more about Unit 42's threat research at ⁠https://unit42.paloaltonetworks.com/⁠.  Related episodes: For more conversations about AI's impact on cybersecurity, career development in security, and insights from Unit 42 researchers, explore past episodes at⁠ https://www.paloaltonetworks.com/podcasts/threat-vector⁠. Join the conversation on our social media channels: Website:⁠ http://www.paloaltonetworks.com/⁠ Threat Research:⁠ ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠⁠ Facebook:⁠ ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠⁠ LinkedIn:⁠ ⁠⁠⁠⁠⁠https://www.linkedin.com/company/palo-alto-networks/ YouTube:⁠ ⁠⁠⁠⁠⁠@paloaltonetworks Twitter:⁠ ⁠⁠⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠⁠ About Threat Vector Threat Vector, Palo Alto Networks podcast, is your premier destination for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile. ⁠⁠http://paloaltonetworks.com⁠