Endace Packet Forensics Files: Episode #25

Original Entry by : Michael Morris

Michael talks to David Ellis, VP Sales and Corporate Relations, SecureIQLab

By Michael Morris, Director of Global Business Development, Endace


Michael Morris, Director of Global Business Development, Endace

How does an organization quantify its cybersecurity readiness and robustness?  What does a strong cybersecurity posture look like?  These are questions many CISO and SecOps analysts are trying to figure out so they can sleep at night knowing they are doing all they can to protect their organization’s cyber assets.

In this episode of the Endace Packet Forensic files, I talk with David Ellis, VP of Sales and Corporate Relations for SecureIQLab, who shares his insights into what the SecureIQLab team sees in their role as both a test lab and a security assessment consultancy.

David outlines the elements of a successful security team and what metrics SecOps should be monitoring to quantify their security posture.  He shares common vulnerabilities that he sees many organizations are still facing and the table-stakes that every security team should have in terms of tools, processes, and policies.

Finally, David talks about what frameworks and standards teams should be adopting and what the process for your organization might look like if you want to get into a security audit and assessment.

Other episodes in the Secure Networks video/audio podcast series are available here.


Endace Packet Forensics Files: Episode #24

Original Entry by : Michael Morris

Michael talks to Ajit Thyagarajan, Principal Security Architect for Cisco

By Michael Morris, Director of Global Business Development, Endace


Michael Morris, Director of Global Business Development, Endace

The cybersecurity landscape is constantly changing with new Zero-Day Threats, double-extortion ransomware attacks and continuously evolving phishing techniques. The volume of threats and the pace of change are impacting the way SecOps teams operate and pushing them to find new ways to connect disparate data sources in order to automate processes and improve incident response times.

You won’t want to miss this episode of the Endace Packet Forensic files as I talk with Ajit Thyagarajan, Principal Security Architect for Cisco, who talks about the challenges security analysts are facing and shares his views and ideas on how to improve their day-to-day operation.

Ajit shares the concept of the Intelligent Telemetry Plane that he and his team at Cisco have been developing. He highlights the value of the provenance of telemetry data and how important bringing different data sources together is to staying ahead of threat actors.

Finally, Ajit shares some ideas about the types of challenges a common telemetry management platform can help solve and what to keep your eyes on over the year ahead when it comes to security threats and cyber defense.

Other episodes in the Secure Networks video/audio podcast series are available here.


Endace Packet Forensics Files: Episode #23

Original Entry by : Michael Morris

Michael talks to Steve Tsirtsonis, Director EMEA Federal Business for Endace

By Michael Morris, Director of Global Business Development, Endace


Michael Morris, Director of Global Business Development, Endace

Nation-state cybersecurity is fast becoming the new battle frontline in international conflict. It is complicated by rogue threat actor groups inserting their cyber weapons into the mix, extorting money for funding, fanning the flames of nation-state disputes, and crippling potential targets.

You won’t want to miss this episode of the Endace Packet Forensic files as I talk with Steve Tsirtsonis, Director EMEA Federal Business for Endace, who shares his view of the threat landscape that government agencies around the world are facing and how it is evolving.

Steve talks about what he sees governments doing to combat escalating cyber threats, what are some of the unique challenges they face and how they are evolving their security using SOAR, AI and NDR tools to be as prepared as possible to defend critical infrastructure.

Finally, Steve gives his thoughts on the key things security teams should look out for in the years ahead and what we can all learn from government security practices.

Other episodes in the Secure Networks video/audio podcast series are available here.


Endace Packet Forensics Files: Episode #22

Original Entry by : Michael Morris

Michael talks to Michael Wallmannsberger, Security Consultant and former CISO of Air New Zealand

By Michael Morris, Director of Global Business Development, Endace


Michael Morris, Director of Global Business Development, EndaceHas the fluidity of your network perimeter created holes in your cybersecurity defenses?

Tune in for this episode of the Endace Packet Forensic files as I get insights from expert cybersecurity consultant, and former CISO of Air New Zealand, Michael Wallmannsberger.

Michael shares some of the systemic and foundational mistakes that he sees organizations are continuing to make that hamper their security posture.  He gives some great advice for new CISOs as to what to prioritize and to focus on as they build their security maturity.

Finally, Michael shares, from a CISO’S perspective, some key elements to start with to help you walk before you run in your push for stronger cybersecurity. And highlights the importance of taking the time to develop your organization’s security competencies across the whole business.

Other episodes in the Secure Networks video/audio podcast series are available here.


Endace Packet Forensics Files: Episode #21

Original Entry by : Michael Morris

Michael talks to Alex Kirk, Global Principal Engineer, Corelight

By Michael Morris, Director of Global Business Development, Endace


Michael Morris, Director of Global Business Development, Endace

Are you aware if your network has spoofed DNS traffic and do you know what things to look for in your network traffic to find supply chain attacks?

If you’re not sure then you won’t want to miss this episode of the Endace Packet Forensic files as I talk with Alex Kirk Director Global Principal Engineer for Corelight.

Alex gives his expert insights into the Solarwinds Sunburst supply-chain attack, what to look for, and why it took so long for security experts to uncover the threat. He highlights the importance of asset management and the integration of IT planning into security operations practices and policies.

Finally, Alex gives tips for finding and preventing these types of attacks in the future and advises where he still sees many organizations have gaps in their security stacks.

Other episodes in the Secure Networks video/audio podcast series are available here.


Endace Packet Forensics Files: Episode #20

Original Entry by : Michael Morris

Michael talks to Craig Williams, Director of Talos Outreach, Cisco

By Michael Morris, Director of Global Business Development, Endace


Michael Morris, Director of Global Business Development, Endace

What are the latest threats that Threat Intelligence teams are seeing and what are they recommending as best practices for defending against the latest cybersecurity threats?

You won’t want to miss this episode of the Endace Packet Forensic files as Michael sits down with Craig Williams, Director of Talos Outreach at Cisco.

Craig talks about how threats have been evolving over the last year – particularly during the Covid-19 pandemic – and gives us some insights into recent high-profile security issues. He also shares some advice how you can validate your corporate applications and implement zero-trust policies to reduce your exposure to threats.

Finally, Craig talks through key elements of cyber security infrastructure that can help SOC teams investigate issues and evolve towards proactive threat hunting practices.

Other episodes in the Secure Networks video/audio podcast series are available here.


Endace Packet Forensics Files: Episode #19

Original Entry by : Michael Morris

Michael talks to Dr. Ryan Ko, Chair and Director of Cybersecurity for the University of Queensland

By Michael Morris, Director of Global Business Development, Endace


Michael Morris, Director of Global Business Development, Endace

Do your cybersecurity skills meet foundational requirements for security analysts of tomorrow?

You won’t want to miss this informative episode with Dr. Ryan Ko, Chair and Director of Cybersecurity for the University of Queensland. Ryan talks about how the university is building programs around the critical skills needed by cybersecurity analysts of the future.

Ryan is a founder of, and contributor to, the CCSP certification and has developed a variety of masters and post-graduate degree programs in Cybersecurity. He makes his case for why a broad inter-disciplinary approach will be critical for security teams in the years ahead.

Ryan also talks about how new breaches and threats such as supply chain attacks are becoming the norm and some approaches for hunting down these threats.

Finally, he shares what critical tools SOCs need in order to detect and mitigate these complex threats and how SOAR platforms can play a useful role – if implemented correctly.

Other episodes in the Secure Networks video/audio podcast series are available here.


Endace Packet Forensics Files: Episode #18

Original Entry by : Michael Morris

Michael talks to Tim Dudman, Senior Principal Consultant, Riskaware

By Michael Morris, Director of Global Business Development, Endace


Michael Morris, Director of Global Business Development, Endace

Interested in hearing what some of the UK’s leading government cyber defense experts are doing to address their biggest concerns and challenges?

Then don’t miss this insightful episode with Tim Dudman, Senior Principal Consultant for Riskaware, where he shares his experiences in collaborating with academia, industry, and UK Defense funding to generate leading-edge cybersecurity capabilities.

Tim talks about some of the gaps he sees across the industry and how AI and SOAR platforms are fitting in and complementing many security architectures.

Other episodes in the Secure Networks video/audio podcast series are available here.


Endace Packet Forensics Files: Episode #17

Original Entry by : Michael Morris

Michael talks to Jen Miller-Osborn, Deputy Director of Unit 42 at Palo Alto Networks

By Michael Morris, Director of Global Business Development, Endace


Michael Morris, Director of Global Business Development, Endace

Want to hear about the latest attack trends, what to expect in the future and how best to prepare your defenses?

Then don’t miss this episode of our Packet Forensic Files series as Michael catches up with Jen Miller-Osborn from Unit 42 – the threat intelligence group at Palo Alto Networks.

Jen talks about some of the threat trends the team at Unit 42 has been seeing lately – including how ransomware attacks are becoming more sophisticated and targeted, how DDOS attacks are making a comeback, and what the recent Solarwinds “Sunburst” attacks have demonstrated.

She also provides some helpful tips for best practice cyber defense and talks about how the threat landscape might evolve over the next year or two.

Other episodes in the Secure Networks video/audio podcast series are available here.


Endace Packet Forensics Files: Episode #16

Original Entry by : Michael Morris

Michael talks to Chris Bihary, Founder and CEO of Garland Technology

By Michael Morris, Director of Global Business Development, Endace


Michael Morris, Director of Global Business Development, EndaceAre you struggling to see all the things happening on your network and ensure you are thoroughly monitoring and securing it?

You won’t want to miss our latest episode of the Endace Packet Forensic Files series with special guest, Chris Bihary, CEO and Founder of Garland Technology.

Chris’s expertise as an innovator and network solution problem solver is unparalleled. In this episode, he shares his insights on the fundamentals for any robust network and security architecture. Chris talks about the complexity of security stacks and why the sheer number of both in-line and out-of-band vendor solutions is making it increasingly challenging to ensure network performance and security.

Hear how to give your teams more time and better data to effectively investigate and mitigate threats and issues. Finally, get Chris’s outlook on the digital world for the year ahead and things you can do to strengthen your network’s performance and security.

Other episodes in the Secure Networks video/audio podcast series are available here.