Discover
Secure Networks: Endace Packet Forensics Files
![Secure Networks: Endace Packet Forensics Files Secure Networks: Endace Packet Forensics Files](https://s3.castbox.fm/app/castbox/static/images/channelDefault.png)
Secure Networks: Endace Packet Forensics Files
Author: Michael Morris
Subscribed: 14Played: 72Subscribe
Share
© 2025 Endace Technology. All Rights Reserved.
Description
"Secure Networks: Endace Packet Forensics Files" features interviews with leading cybersecurity and networking experts from companies such as Cisco, Darktrace, Palo Alto Networks, and others. It focuses on the issues that Security, Network Operations and DevOps teams face in securing and managing their networks and applications and provides insights into best practices and future developments.
57 Episodes
Reverse
Unlock the Power of Network Packet Data in Cybersecurity In this episode of the Endace Packet Forensics Files, Michael Morris dives into the critical role of network packet data in cybersecurity with Matt Bromiley, a seasoned threat-hunting expert. Matt shares why robust detection systems and proactive threat hunting are essential, and how network data serves as the “glue” that ties together evidence in cybersecurity investigations. The challenges of managing large data volumes, the growing ...
Ransomware has shifted from simple, isolated attacks to coordinated, human-operated campaigns that target entire organizations. In this episode of the Endace Packet Forensics Files, Michael Morris talks with Ryan Chapman, SANS Instructor and expert in Digital Forensic and Incident Response (DFIR) about these evolving threats. Ryan explains how attackers are becoming more methodical and sophisticated, focusing on disabling EDR/XDR solutions to evade detection and leaving organiza...
In this episode, I chat with Taran Singh, VP of Product Management at Keysight Technologies, about network observability. Taran explains its importance within the zero-trust architecture and discusses the challenges organizations face in achieving clear network visibility. He highlights the role of historical data analysis in cybersecurity and outlines Keysight's approach to network visibility. Don’t miss this insightful discussion on network observability and its signifi...
In this episode of the Endace Packet Forensics Files, Michael chats with Jake Williams, aka @MalwareJake who delves into the concept of Zero Trust and its significance for organizations seeking to bolster their security defences. Discover how Zero Trust challenges traditional security models and learn about the crucial role of continuous verification and network visibility in mitigating threats. Gain valuable insights into networking fundamentals and the integration of cybersecurity principle...
In this episode of Secure Networks, Michael chats with Tanya Janka, aka SheHacksPurple, head of education and community at Semgrep and founder of We Hack Purple. Tanya discusses her transition from developer to security expert, the real issues behind the cybersecurity skills gap, and strategies for employee retention. She also dives into the implications of emerging technologies on security practices and the balance between automation and human expertise. Don’t miss these valuable insights. ...
In this episode of the Endace Packet Forensic Files, Michael Morris chats with Cybersecurity Tiktok and Instagram influencer Caitlin Sarian, CEO of Cybersecurity Girl LLC, who discusses her journey into the cybersecurity field and her mission to break down stigmas surrounding the industry. Caitlin highlights the need for continuous learning in the rapidly evolving cybersecurity landscape and recommends various channels for staying updated, including news alerts, newsletters, and professional ...
Are SPAN ports sufficient to provide network traffic visibility for high-quality security (NDR) and network (NPM) investigations? What about cloud workloads? What do you need to gain insights into cloud network activity? In this episode of the Endace Packet Forensic Files, I talk with Eric Buchaus, Director of Sales at Niagara Networks. Eric outlines potential pitfalls and challenges associated with SPAN ports and highlights situations where they may fall short for network and security ...
In this episode of the Endace Packet Forensics Files, Michael Morris talks with Martyn Crew, Senior Director, Solutions Marketing and Partner Technologies at Gigamon, a 30-year veteran in the cyber security and network management space. Martyn shares his expertise on the limitations and risks associated with exclusively using log and meta-data as the primary resources for your security team's investigations. He discusses various use cases where network traffic and full packet data can play a ...
In this Episode of Packet Forensics Files, Endace's Michael Morris talks to Lionel Jacobs, Senior Partner Engineer, ICS and SCADA security expert, at Palo Alto Networks. Lionel draws on his more than 25 years of experience in OT and almost a decade at Palo Alto Networks in discussing some of the challenges of securing OT, IoT and critical infrastructure from cyber-attack. Lionel talks about the challenge of detecting attacks in OT environments, how to spot unusual activity, and the importanc...
In this Episode of Packet Forensics Files, Michael Morris asks Al Edgar, former Information Security Manager for Health Alliance - and now IT Security Manager at Endace - about some of the important areas a security leader needs to focus on and what new challenges they are facing.Firstly, Al says, it’s important to take an holistic approach to cybersecurity, by looking at the three critical components for robust security: people, processes, and technology. He stresses the importance of ...
What are some of the challenges of responding to a serious incident – such as a ransomware attack or advanced persistent attack? Where do you start, and what are the critical things you need to do? In this episode we are lucky to welcome Jasper Bongertz, Head of Digital Forensics and Incident Response at G DATA Advanced Analytics in Germany. Jasper has a wealth of experience from working in the front line of incident response at G DATA as well as in his previous role at Airbus. He also has a...
How did Wireshark come to be, and what’s made it so successful – not just as the pre-eminent tool for analyzing network packet data, but as an open-source project in general? In this episode Michael Morris talks to Wireshark founder, Gerald Combs, and Endace CTO, Stephen Donnelly, about the origins of Wireshark, and why packet capture data is so crucial for investigating and resolving network security threats and network or application performance issues. Gerald talks about the early days of...
Increasingly complex systems, expanding threat landscape, and explosion in the number of potential entry points all make managing security at scale a daunting prospect. So what can you do to implement effective security at scale and what are some of the pitfalls to avoid? In this episode Michael Morris talks with Dimitri McKay, Principal Security Strategist and CISO Advisor at Splunk, about where to start addressing the challenges of security at scale. He highlights the importance of robust r...
Cyberthreats are something all organizations are facing. But Pharmaceutical and Healthcare Providers have some unique challenges and vulnerabilities and come in for more than their fair share of attention from threat actors. What can your SOC team learn from some of the best practices these organizations are implementing? Are you architecting your environment to separate IOT devices from other critical assets and are you managing them with the same level of scrutiny? In this episode I talk wi...
In this episode of the Endace Packet Forensic files, Michael Morris talks to Jim Mandelbaum, Field CTO at Gigamon, about what “security at scale” means. Jim draws on more than a decade of experience as a CTO in the security industry, and shares best-practise tips to ensure that as your infrastructure evolves, your security posture keeps pace. Jim highlights the importance of leveraging automation to help deal with the increasingly complex network environment. Key to this is having visibility ...
In this episode of the Endace Packet Forensic files, Michael Morris talks with RoseAnn Guttierrez, Technical Enablement Specialist BM at IBM Security and a former SOC analyst. Rose shares her experience of what a day in the life of a SOC engineer is really like. She discusses the best practices she and her team put in place to manage the day-to-day challenges and improve their security posture. She also highlights some of the tools that were most valued in their daily operations and the crit...
In this episode of the Endace Packet Forensic files, Michael Morris talks with Andrew Stewart, Senior National Security and Government Strategist at Cisco. Andrew, CAPT, USN (Ret.) is a Senior Federal Strategist at Cisco where he implements strategies to support innovative cybersecurity and AI/ML solutions across the Federal Government. He also served as the Commanding Officer and Program Manager at the Navy Cyber Warfare Development Group (NCWDG). With Andrew’s experience in nati...
Threat hunting is a critical cybersecurity activity that is growing in importance and prevalence around the globe. Are your SOC analysts developing the skills and toolsets they need to enable more efficient and effective threat hunting? What are the inhibitors your teams face and do you have the right tools and processes in place? In this episode of the Endace Packet Forensic files, Michael Morris talks with Chris Greer of Packet Pioneer. Chris is an experienced protocol analyst ...
In this episode, Endace's Michael Morris welcomes back Justin Fier, VP Tactical Risk and Response at Darktrace (who was our very first guest in this series almost 40 episodes ago!) to talk about nation-state cyber, where he sees the threats lie, and what organizations can do to better prepare for possible attacks. Justin talks about some of the great work being done by organizations like CISA, and the signs of increased collaboration between nation state defenders as being positive indicatio...
As data growth accelerates and distributed workloads increase, enterprises are prioritising cost efficiency and space minimization in modern datacenters. They are looking to leverage new technologies and use smaller, more cost-efficient appliances to reduce cost and improve efficiency. By architecting infrastructure to prioritize stability and robustness and focusing on reducing carbon footprint, organizations can dramatically reduce power, storage and cooling requirements while also improvin...
In this episode of the Endace Packet Forensic files, Endace's Michael Morris talks with Rick Jenssen, VP of Global Operations for Plixer, who shares his experience into building robust security at scale. Rick recommends some best practices to address the common challenges in delivering resilient security in large environments and talks about ways to address the flood of alarms SOC teams face on a daily basis. He suggests a nice, six-step, iterative approach to continually improving your secur...
What does it mean to have security at scale? For large infrastructures with rapid data growth have you maintained or improved your security posture as you have scaled? In this episode of the Endace Packet Forensic files Michael Morris talks with Neil Wilkins, Technical Director for EMEA at Garland Technology, who outlines some of the challenges he sees organizations facing when it comes to maintaining security at scale. He shares some recommendations and best practices to get on ...
What did we learn from the recent Log4J 2 vulnerability? How are security holes like this changing the way organizations think about deploying enterprise software solutions? In this episode of the Endace Packet Forensic files Michael Morris talks with Timothy Wilson-Johnston about the Log4J 2 threat and how it is being exploited in the wild. Timothy shares his thoughts about what Log4J 2 has taught us, and why organizations need to look at the bigger picture: - How can you better defend aga...
Increasingly the security of Operational Technology (OT) - Industrial Control Systems - is a major focus of concern. These systems are used in many environments across industries such as manufacturing, transportation, energy, critical infrastructure and more, and are a target for both sophisticated, nation-state attackers and cybercriminals . In this episode of the Endace Packet Forensic files Michael Morris talks with Rick Peters, CISO Operational Technology at Fortinet. With a long career ...
In this episode of the Endace Packet Forensic files Michael Morris talks with Ron Ross, Fellow at NIST, who shares how cyber security standards are evolving to keep pace with new threats and challenges. Ron highlights where he sees most organizations falling short and the highest priorities they should be addressing. He shares some insights into new standards and recommendations for protecting operational technologies which are becoming an attractive target for threat actors. Finally, Ron tal...
In this episode of the Endace Packet Forensic files Michael Morris talks with Merritt Baer, Principal in the Office of the CISO at AWS, who shares her experience in how to design and build robust, dynamic security at scale. Merritt discusses what security at scale looks like, some of the things that are often missed, and how to protect rapidly evolving hybrid cloud infrastructures. She highlights some common pitfalls that organizations run into as they shift workloads to cloud providers...
Modernizing the SOC is one of the latest trends cyber security teams are undertaking to stay current and on a level playing field against today’s threat actors. Whether it is adapting to simply keep up with the volume of threats or implementing AI and ML technologies to find and prevent more sophisticated threat vectors SecOps need to improve and upgrade.In this episode of the Endace Packet Forensic files, Michael Morris talks with seasoned SOC Director, Kamal Khlefat, now Product Manager at ...
In this episode of the Endace Packet Forensic files, Michael Morris talk with Tony Krzyzewski, Director of SAM for Compliance, Global Cyber Alliance Ambassador, and New Zealand’s Convenor on the International Standards Organization SC27 Information Security, Cybersecurity and Privacy Protection Standards Committee. With more than four decades working in IT and Networking, and almost three decades in cybersecurity, there are few more experienced practitioners than Tony. In this episode, Tony d...
In this episode of the Endace Packet Forensic files, Endace's Michael Morris talks with Tim Dales, VP of Labs and Analyst for IT Brand Pulse. Tim shares the results of an IT Brand Pulse study that examines the cost of in-house developed packet capture solutions versus off-the-shelf, vendor-built solutions. Tim shares details of the report's findings including the pros and cons and some of the key things many people don’t consider before trying to build solutions in-house. Finally...
In this episode of the Endace Packet Forensic files I talk with Tim Wade, Technical Director from the Office of the CTO at Vectra.AI, who shares his insights into the “SOC Modernization” trend and three pillars that he suggests require a change in thinking to ultimately be successful. Tim starts with a fundamental change in philosophy - he suggests SOC teams need to shift from a “prevention” to a “resiliency” approach to cyberdefense. He illustrates the importance of taking incremental and it...
Cyber security teams around the globe are embarking on a variety of “modernization” initiatives, as they try to keep up with the dynamic threat landscape, but what are the must-have elements if you are looking to modernize your SOC? In this episode of the Endace Packet Forensic files I talk with Phillip Solakov, Client Solutions Director for Optiv Canada, who shares his view of what “SOC Modernization” means and what’s driving these efforts. Phillip explains some of the biggest issues SOC tea...
Many organizations are undertaking SOC and NOC modernizations, but what does this mean and what is driving it? If your company is planning a “modernization” you won’t want to miss this episode of the Endace Packet Forensic files as Pavel Minarik, CTO of Kemp Technologies, talks about what’s important and what is fueling the need to modernize. Pavel gives his insights into some of the biggest challenges NOCs and SOCs are facing and shares some tips to help these separate teams work together an...
How does an organization quantify its cybersecurity readiness and robustness? What does a strong cybersecurity posture look like? These are questions many CISO and SecOps analysts are trying to figure out so they can sleep at night knowing they are doing all they can to protect their organization's cyber assets. In this episode of the Endace Packet Forensic files, Michael Morris talks with David Ellis, VP of Sales and Corporate Relations for SecureIQLab, who shares his insights in...
You won’t want to miss this episode of the Endace Packet Forensic files as I talk with Ajit Thyagarajan, Principal Security Architect for Cisco, who talks about the challenges security analysts are facing and shares his views and ideas on how to improve their day-to-day operation. Ajit shares the concept of the Intelligent Telemetry Plane that he and his team at Cisco have been developing. He highlights the value of the provenance of telemetry data and how important bringing different data so...
Nation-state cybersecurity is fast becoming the new battle frontline in international conflict. It is complicated by rogue threat actor groups inserting their cyber weapons into the mix, extorting money for funding, fanning the flames of nation-state disputes, and crippling potential targets. You won’t want to miss this episode of the Endace Packet Forensic files as I talk with Stephen Tsirtsonis, Director EMEA Federal Business for Endace, who shares his view of the threat landscape that gove...
Has the fluidity of your network perimeter created holes in your cybersecurity defenses? Tune in for this episode of the Endace Packet Forensic files as I get insights from expert cybersecurity consultant,m and former CISO of Air New Zealand, Michael Wallmannsberger. Michael shares some of the systemic and foundational mistakes that he sees organizations are continuing to make that hamper their security posture. He gives some great advice for new CISOs as to what to prioritize and to fo...
Are you aware if your network has spoofed DNS traffic and do you know what things to look for in your network traffic to find supply chain attacks? If you’re not sure then you won’t want to miss this episode of the Endace Packet Forensic files as I talk with Alex Kirk Director Global Principal Engineer for Corelight. Alex gives his expert insights to the Solarwinds Sunburst supply-chain attacks on the details, what to look for, and why it took so long for security experts to uncover the...
What are the latest threats that Threat Intelligence teams are seeing and what are they recommending as best practices for defending against the latest cybersecurity threats? You won’t want to miss this episode of the Endace Packet Forensic files as Michael sits down with Craig Williams, Director of Talos Outreach at Cisco. Craig talks about how threats have been evolving over the last year - particularly during the Covid-19 pandemic - and gives us some insights into recent high...
Do your cybersecurity skills meet foundational requirements for security analysts of tomorrow? You won’t want to miss this informative episode with Dr. Ryan Ko, Chair and Director of Cybersecurity for the University of Queensland. Ryan talks about how the university is building programs around the critical skills needed by cybersecurity analysts of the future. Ryan is a founder of, and contributor to, the CCSP certification and has developed a variety of masters and post-graduate degree progr...
Interested in hearing what some of the UK’s leading government cyber defense experts are doing to address their biggest concerns and challenges? Then don’t miss this insightful episode with Tim Dudman, Senior Principal Consultant for Riskaware, where he shares his experiences in collaborating with academia, industry, and UK Defense funding to generate leading-edge cybersecurity capabilities. ABOUT ENDACE ***************** Endace (https://www.endace.com) is a world leader in high-performance p...
Want to hear about the latest attack trends, what to expect in the future and how best to prepare your defenses? Then don’t miss this episode of our Packet Forensic Files series as Michael catches up with Jen Miller-Osborn from Unit 42 – the threat intelligence group at Palo Alto Networks. ABOUT ENDACE ***************** Endace (https://www.endace.com) is a world leader in high-performance packet capture solutions for cybersecurity, network and application performance. Endace’s open EndacePr...
Are you struggling to see all the things happening on your network and ensure you are thoroughly monitoring and securing your cyber architecture? You won’t want to miss our latest episode of the Endace Packet Forensic Files series with special guest, Chris Bihary, CEO and Founder of Garland Technology. Chris’s expertise as an innovator and network solution problem solver is unparalleled. In this episode, he shares his insights on the fundamentals for any robust network and security architectu...
How is cybersecurity training and expertise affecting SecOps teams’ ability to effectively manage and secure their cyber-infrastructures? If you want to hear insights from someone with 30 years in the network security industry don’t miss our first episode of the Endace Packet Forensic Files series for 2021 with special guest, Brian Ford, Assistant Professor at the State University of New York at Farmingdale and former Cisco Security Expert. Brian shares his insights into how focused threat hu...
Looking for insights into how to improve your cybersecurity posture? You won’t want to miss the last episode of the Endace Packet Forensic Files for 2020. This episode's special guest is Brett White, Cyber Security Advisor and Architect. Brett has many years of experience at Juniper, Cisco and Palo Alto Networks architecting security solutions and advising clients how to improve their security stacks and processes. He has also worked as both an in-house CISO and as a “CISO for hir...
How are Government agencies being pushed to transform in the new cybersecurity landscape? If you want to hear insights from someone from the inside don’t miss our latest episode of the Endace Packet Forensic Files with special guest Juliana Vida, Chief Technical Advisor for Splunk Public Sector. Juliana had a long and highly distinguished career as a Navy Officer serving as a helicopter and ship pilot before ultimately becoming Deputy CIO for the US Navy. In this episode, she shares her insig...
Security Orchestration, Automation and Response, or SOAR is the hottest growth area in the cybersecurity industry and probably one of the most complex adoptions for most security teams to undertake. You won’t want to miss our latest episode of the Endace Packet Forensic Files Vidcast/Podcast series with special guest Paul Giorgi, CTO for DeFY Security. Paul has had many years of experience building and implementing security solutions with DeFY Security customers. In this episode he suggests s...
Concerned about changes happening in the cybersecurity threat landscape? Then you want to tune in for this latest episode of the Endace Packet Forensic Files Vidcast/Podcast series with special guest Thomas Pore, VP of Technical Services for Plixer. Thomas talks about the growing problems of insider threats, Covid-19 phishing scams and the importance of VPN monitoring to ensure you’re not missing breaches occurring outside your physical perimeter. ABOUT ENDACE ***************** Endace (https...
What are some of the top things on the minds of CISOs in today’s COVID-affected, remote-working, rapidly digitally transforming world? If you want to hear what's dominating their thinking then don’t miss our latest episode of the Endace Packet Forensic Files Vidcast/Podcast series with special guest Kate Kuehn, SVP at vArmour. Kate is a seasoned security executive with years of experience as a CISO herself as well as working alongside many other CISOs. In this episode, Kate talks about what s...
Don’t miss this latest episode of the Endace Packet Forensic Files Vidcast/Podcast series with special guest Shamus McGillicuddy, VP of Research at Enterprise Management Associates (EMA). Shamus is an industry-leading market research analyst with years of experience in the Network Operations space. In this episode he shares his insights into some of the biggest changes going on with NetOps teams, and tools, including the impact of the pandemic and the massive shift to remote workforces which ...
Catch our latest episode of "Secure Networks - the Packet Forensic Files" vidcast/podcast series with this week’s special guest Scott Register, VP of Security Solutions for KeySight Technologies. Scott, with his years of experience in building security solutions, shares some of the biggest challenges SecOps teams are facing in today’s environment and what they are doing to solve them. He talks about the latest trends in the threat landscape and what security teams are doing to test and monito...
Comments
Top Podcasts
The Best New Comedy Podcast Right Now – June 2024The Best News Podcast Right Now – June 2024The Best New Business Podcast Right Now – June 2024The Best New Sports Podcast Right Now – June 2024The Best New True Crime Podcast Right Now – June 2024The Best New Joe Rogan Experience Podcast Right Now – June 20The Best New Dan Bongino Show Podcast Right Now – June 20The Best New Mark Levin Podcast – June 2024