Threat Vector by Palo Alto Networks

Epizode

• Encore: Securing Modern Workforce 04.06.2026 32min

  Enjoy this encore episode of Threat Vector by Palo Alto Networks. Hybrid work has changed the game, but has your security kept up? In this episode of Threat Vector,⁠ David Moulton⁠ sits down with⁠ Harish Singh⁠, Vice President and Global Head of Infrastructure and Application Management at Wipro, to unpack the evolving cybersecurity landscape at the intersection of digital transformation, SaaS expansion, and AI-powered operations. With decades of experience driving infrastructure modernization and risk mitigation across global enterprises, Harish brings a pragmatic lens to today’s most urgent challenges. They explore how context-aware SASE, secure enterprise browsers, and automation can reduce security complexity while enhancing user experience. If you're a security leader navigating app sprawl, unmanaged endpoints, or GenAI blind spots—this is your blueprint for staying ahead. Join the conversation on our social media channels: Website:⁠ ⁠⁠⁠⁠https://www.paloaltonetworks.com/⁠ Threat Research:⁠ ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠⁠ Facebook:⁠ ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠⁠ LinkedIn:⁠ ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠⁠ YouTube:⁠ ⁠@paloaltonetworks Twitter:⁠ ⁠⁠⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠⁠ About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠ ⁠http://paloaltonetworks.com
• Encore: Is the Quantum Threat Closer Than You Think? 29.05.2026 44min

  In honor of AAPI Heritage Month, and as attackers increasingly stockpile encrypted data today to decrypt once quantum computing makes it possible, we're revisiting this episode. Quantum computing is advancing fast, and with it comes a major cybersecurity risk—the potential to break today’s encryption standards. In this episode of Threat Vector, host ⁠David Moulton⁠ speaks with ⁠Richu Channakeshava⁠, Senior Product Manager at Palo Alto Networks, about the urgent need for organizations to prepare for a post-quantum world. They discuss the risks of "harvest now, decrypt later" attacks, the painfully slow process of cryptographic migration, and the steps security leaders must take today to protect sensitive data. If your organization relies on encryption for long-term data security, this episode is a must-listen. Learn why waiting could be a critical mistake and how to start your transition to quantum-resistant cryptography now. Join the conversation on our social media channels: Website:⁠ ⁠⁠⁠⁠https://www.paloaltonetworks.com/⁠ Threat Research:⁠ ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠⁠ Facebook:⁠ ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠⁠ LinkedIn:⁠ ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠⁠ YouTube:⁠ ⁠@paloaltonetworks Twitter:⁠ ⁠⁠⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠⁠ About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠ ⁠http://paloaltonetworks.com⁠
• Follow the Crypto 21.05.2026 35min

  Every threat actor leaves a financial signature. Ransomware operators, state-sponsored hackers, fraud networks — they all need to move money, and when they do, the blockchain records it permanently. Jackie Burns Koven leads cyber threat intelligence at Chainalysis, where she tracks how criminal and nation-state actors use cryptocurrency to fund attacks, launder proceeds, and pay for the tools and infrastructure that power the underground economy. Before Chainalysis, she worked in the U.S. Intelligence Community on nuclear proliferation. She also serves on the Ransomware Task Force, the cross-sector coalition working to disrupt the financial ecosystem that makes ransomware profitable. In this conversation recorded live at the Links conference in New York, guest host Michael Sikorski, CTO of Unit 42, talks with Jackie about how blockchain intelligence works as a threat intelligence discipline, why open-source cryptocurrency is more exposed than most defenders realize, and what the financial signatures of threat actors can reveal that traditional IOCs cannot. You’ll learn: How blockchain intelligence connects wallets to threat actors, criminal networks, and nation-state operations Why cryptocurrency is relevant to every organization, even those that don’t pay ransoms or custody crypto What North Korea’s $2 billion in stolen cryptocurrency tells us about the scale of state-sponsored crypto crime How financial signatures can track a threat actor across rebrands, gang changes, and evolving crime types What most CTI analysts are missing by not having a blockchain tracing capability in their toolkit This episode is essential listening if you’re a threat intelligence analyst, incident responder, or security leader trying to understand the financial infrastructure that funds the attacks hitting your industry. Related Episodes: Muddled Libra: From Spraying to Preying in 2025 Lessons from the Underground #ThreatIntelligence #Ransomware About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠⁠⁠
• The Human Side of Threat Intelligence 14.05.2026 34min

  Ingrid Parker, Director of Intel Response at Unit 42, has a background that doesn't fit the mold: art student, Army linguist, systems administrator deployed to Afghanistan, co-author of 11 Strategies of a World-Class Cybersecurity Operations Center. In this conversation, she and David dig into what it actually feels like to do threat intelligence at the highest levels — how you build the kind of thinking that lets you get inside an adversary's head, what you look for when you're hiring for that skill, and what the job quietly costs the people who do it well. Related Episodes: The Art of Threat Hunting — Ryan Chapman on how threat hunters develop instincts and expertise Transform Your SOC and Get Ahead of the Threats — Clay Brothers on SOC transformation and what makes teams resilient Designing Human-Centered Security Operations — Liz Pinder and Patrick Bayle on analyst burnout, focus, and what the SOC owes its people #ThreatIntelligence #CyberDefense About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠⁠
• AI in the Wrong Hands 07.05.2026 39min

  AI is the most powerful tool defenders have ever had. It's also the most dangerous weapon attackers have ever had. Assaf Keren, CSO at Qualtrics and author of Lessons from the Frontlines, has seen AI reshape both sides of the threat equation. In this conversation, he gets specific about what happens when powerful tools fall into the wrong hands, and what leaders need to do before they get caught off-guard. You'll learn: How attackers are using AI to move faster, scale wider, and go deeper than ever before Why the moment you deploy AI, your security posture fundamentally changes What curiosity-driven leadership looks like when the threat landscape won't sit still How to close the gap between the security team's understanding of AI and the rest of the organization What Assaf learned from 25+ years on the frontlines that still applies in the AI era #CyberSecurity #AIRisk Related Episodes: The Good, the Bad, the Ugly of AI Inside AI Runtime Defense Securing AI in the Enterprise About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠⁠
• Operation Winter SHIELD: What the FBI Wants Industry to Do Now 30.04.2026 37min

  The FBI sees every breach. You see yours. Adam Maddock, Section Chief of the FBI's Cyber Technical Analytics and Operations Section, and Jarrod Schlenker, Assistant Section Chief leading the FBI Cyber Division's private-sector engagement, join David Moulton to walk through Operation Winter SHIELD, the FBI's public campaign built on what investigators see repeated across hundreds and thousands of cases. Ten defenses. All of them rooted in real intrusions. Most of them still missing from too many organizations. You'll learn: Why SMS-based MFA is no longer enough, and what phishing-resistant authentication actually looks like in practice How end-of-life SOHO routers and IoT devices become obfuscation infrastructure for attacks against targets that never knew they were involved Why calling the FBI early in an incident changes what's possible, and what you lose if you wait What the FBI means when it says industry is a "critical ally," not a passive recipient of intelligence Why you don't need to have your act together before you call your local FBI field office, and why trying to might actually hurt the investigation This episode is essential listening if you're: a CISO or security leader wondering what law enforcement actually needs from you, an executive who doesn't yet have a relationship with your local FBI field office, or a practitioner trying to understand which defensive investments move the needle most. Resources: Operation Winter SHIELD at fbi.gov Operation Winter SHIELD One-Pager Related Episodes: Lessons from the Underground with Keith Mularski, former FBI special agent and Chief Global Ambassador at Qintel Inside the Mind of State-Sponsored Cyberattackers with Lior Rochberger, Unit 42 Risk, Resilience, and Real Talk with Sam Ainscow #Cybersecurity #CriticalInfrastructure About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠⁠
• Breach School 23.04.2026 34min

  What does it take to go from staring at forensic images to sitting across from a CEO whose company is on fire? Steve Elovitz has spent his entire career in the room when things go wrong. He started in forensics and eDiscovery at PwC, moved to Booz Allen doing government work, then spent a decade at Mandiant before joining Unit 42 to lead North America consulting and incident response. The throughline across all of it: empathy. In this conversation, Steve reflects on what two decades of incident response actually teaches you about the people on the other side of a breach. The executives fighting for their jobs. The CISOs trying to communicate while everything's on fire. The analysts who need someone to have their backs. You'll hear how Steve's understanding of the job evolved as he moved from technical analyst to executive advisor, what the shift from forensic imaging to real-time response felt like from inside it, why identity keeps showing up in nearly every postmortem, and what briefing a board looks like when you get 15 minutes instead of the hour you planned for. Steve has advised Fortune 500 boards and C-suites through some of the most damaging breaches of the past two decades. His biggest lesson turned out to be the one no certification teaches. This episode is essential listening if you're a security professional trying to grow from analyst to advisor, or a leader building a team that can sustain this kind of work over a career. Related Episodes: Speaking Security in Board Language  Cybersecurity Metrics and Reporting to the Board  Transform Your SOC and Get Ahead of the Threats #IncidentResponse #Cybersecurity About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠⁠
• How Nations Hack, Spy, and Win 16.04.2026 38min

  Most people think nation-state cyberattacks are unpredictable. Allie Mellen wrote the book that proves they’re not. Allie Mellen is the author of Code War: How Nations Hack, Spy, and Shape the Digital Battlefield and a leading industry analyst and former hacker. She advises Global 2000 organizations on detecting and responding to nation-state attacks. Her research career began as a hacker with work featured at Black Hat USA. She has partnered with multiple government agencies on election security and regularly briefs the Wall Street Journal, NPR, and the Washington Post. Allie joined Threat Vector previously to break down the XDR landscape and what’s next for security operations. This time, the conversation goes somewhere different. In this conversation with David Moulton, Allie breaks down the strategic logic behind attacks most defenders treat as random events. You’ll learn: Why nation-state attacks follow predictable strategic patterns, not chaos How military doctrine and national history shape a country’s hacking behavior What makes Stuxnet, WannaCry, NotPetya and the Sony Pictures hack so instructive How to tell the difference between espionage, disruption and destruction campaigns What defenders and executives can actually do with this knowledge Allie has spent years studying threat actors from China, Russia, Iran, North Korea, Israel and the United States. Her analytical framework connects the dots between geopolitical objectives and the technical tradecraft security teams see on the wire every day. This episode is essential listening if you’re a CISO translating threat intelligence into board-level strategy, a threat analyst trying to understand adversary intent, or a security leader who wants to think about the geopolitical forces shaping your threat landscape. Related Episodes: Inside the Mind of State-Sponsored Cyberattackers Confronting China’s Expanding Cyber Threats Lessons from the Underground A Hacker's Insights on Your Privacy Decoding XDR: Allie Mellen on What's Next Mentioned in the Show: Anthropic — "Disrupting the first reported AI-orchestrated cyber espionage campaign" https://assets.anthropic.com/m/ec212e6566a0d47/original/Disrupting-the-first-reported-AI-orchestrated-cyber-espionage-campaign.pdf Published November 2025. Anthropic's Threat Intelligence team report on threat actor GTG-1002, a Chinese state-sponsored group that used Claude Code to execute 80-90% of a cyber espionage campaign autonomously — reconnaissance, exploitation, lateral movement, credential harvesting, and exfiltration — across roughly 30 global targets. Allie Mellen — Code War: How Nations Hack, Spy, and Shape the Digital Battlefield Read Allie's book, Code War, now: https://bit.ly/m/codewar #NationStateCyber #ThreatIntelligence About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠⁠
• Attackers Have Agents. Do You? 09.04.2026 44min

  What happens when your security analyst isn't a person? Elad Koren, Vice President of Product Management for Cortex Cloud at Palo Alto Networks, returns to Threat Vector to pull back the curtain on what an agentic-first security experience actually looks like in practice. This isn't a vision deck. The agents are already running. When Elad joined the show for Why Proactive Security Can't Wait, he made the case that reactive security can no longer keep up with adversaries who move from initial compromise to data theft in under five hours. This episode picks up where that conversation ended, with host David Moulton and Elad discussing the tools built to close that gap. You'll learn: What "agentic-first analyst experience" means and why it changes the SOC fundamentally How Cortex is deploying autonomous agents across the platform and what they actually do What XDL 2.0 is and why defenders need to understand it now How product leaders are making security faster without making it reckless Elad brings over two decades of experience in security, spanning RSA, PerimeterX, Salt Security, and now leading product for Cortex Cloud at Palo Alto Networks. He holds a CISSP and a patent in autonomous risk monitoring. This episode is essential listening if you're: a security leader evaluating agentic AI tools, a product-minded practitioner curious how AI is reshaping cloud defense, or a CISO trying to figure out what's hype and what's already in production. #AI #Cloud #autonomous Related Episodes: Why Proactive Security Can't Wait Securing the Future of AI Agents Transform Your SOC and Get Ahead of the Threats #AIAgents #CloudSecurity About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠⁠
• 39 Seconds to Breach 02.04.2026 41min

  Can your organization survive a breach in 39 seconds? That's how fast attackers are moving now, and if your defenses are still running at human speed, you're already behind. ⁠Wendi Whitmore⁠, Chief Security Intelligence Officer at Palo Alto Networks, returns to Threat Vector for a candid conversation with ⁠David Moulton⁠ about what it actually takes to build resilience in an era where AI is accelerating both the threat and the defense. Wendi brings more than two decades of experience leading incident response and threat intelligence at organizations including Mandiant, CrowdStrike, IBM X-Force, and Unit 42. She's an inaugural member of the DHS Cyber Safety Review Board and serves on cybersecurity advisory boards at Duke University and the University of San Diego. You'll learn: Why fighting AI with AI is the only viable response to today's attack speeds, including exfiltration happening in under a minute How Volt Typhoon and Salt Typhoon represent two fundamentally different threat objectives, and what that means for your defense posture What "cybersecurity for AI" means versus "AI for cybersecurity," and why organizations need both How the best incident response leaders translate between deep technical analysis and boardroom communication under pressure Why curiosity, not certifications, is the trait that separates great security practitioners from the rest Wendi is one of the most respected voices in national cybersecurity strategy, with a track record that spans major breaches, critical infrastructure defense, and the Paris Olympics. Her perspective on building teams, aligning talent to mission, and defending against nation-state actors at scale is grounded in real-world investigation, not theory. This episode is essential listening if you're: a security leader trying to align your AI strategy with your risk posture, a practitioner wondering how to make the case for faster detection and response investment, or someone building or managing a threat intelligence or incident response team. Related Episodes: ⁠Confronting China's Expanding Cyber Threats with Wendi Whitmore⁠ — Wendi's first appearance on Threat Vector, focused on Chinese nation-state activity and critical infrastructure targeting. ⁠Transform Your SOC and Get Ahead of the Threats⁠ — A deep dive on SOC transformation, AI-driven detection, and what it means to modernize your security operations center. ⁠The Art of Threat Hunting⁠ — How human analysts and AI work together to find what attackers are trying to hide. #CyberResilience #AIinCybersecurity About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠⁠
• The Four Horsemen of Agentic Risk 26.03.2026 36min

  Your AI agent just wiped an entire email inbox and said sorry. That's not a hypothetical. It already happened. Sailesh Mishra, Product Marketing at Palo Alto Networks and founder of SydeLabs (acquired by Protect AI), has spent years at the frontier of AI security, from scaling autonomous vehicle programs at Uber's Advanced Technologies Group to building and selling an AI red-teaming startup. He has a clear-eyed view of what autonomous agents can do, what they can be made to do, and what organizations are dangerously unprepared for. You'll learn: - Why the "lethal trifecta" of AI risk gains a fourth, more dangerous dimension when agents have persistent memory - How attackers can plant a logic bomb inside an agent's memory using entirely benign inputs, then trigger it later - What "identity" means for a piece of software, and why scoping agent behavior is the single most impactful security control - Why indirect prompt injection is already happening in the wild, not just in research papers - The two questions every CISO must answer before authorizing an autonomous agent deployment This episode is essential listening if you're a CISO evaluating your first autonomous agent deployment, a developer building agentic systems today, or a security practitioner trying to get ahead of a threat landscape that is moving faster than anyone expected. Related Reading: - OpenClaw (formerly Moltbot, Clawdbot) May Signal the Next AI Security Crisis - ​​The Moltbook Case and How We Need to Think about Agent Security Related Episodes: - Securing the Future of AI Agents - Inside AI Runtime Defense - Securing AI in the Enterprise #AIAgents #AISecurity About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠
• Inside Ransomware Negotiations: Trust Criminals or Walk Away? 19.03.2026 30min

  What happens when you're face-to-face with a ransomware gang demanding millions—and every decision could determine whether your company survives? Jeremy D. Brown, Consulting Director at Palo Alto Networks Unit 42 with nearly seven years negotiating with cyber criminals, reveals the hidden world of ransomware negotiations. With hundreds of negotiations under his belt, Jeremy knows which groups honor their promises, which ones to never pay, and exactly what mistakes can cost you everything. You'll learn: - Why contacting a threat actor doesn't mean you have to pay (the #1 misconception that paralyzes victims) - How to extract critical forensic intelligence from attackers during initial contact - The fatal mistakes organizations make that destroy their negotiation leverage - Which ransomware groups are sanctioned entities that will land you in legal trouble if you pay - Why being polite to criminals actually gets you better outcomes than hostility Jeremy has negotiated with everyone from aggressive groups who email your executives to methodical operators following strict playbooks. He's seen organizations with backups walk away and others pay millions for decryption keys. Managing over 100 incidents, Jeremy has tracked how double extortion evolved from rare to standard practice, and now watches single extortion (data theft without encryption) surge again. This episode is essential for CISOs who need a negotiation plan before the crisis hits, incident responders building their skillset, and executives who must understand that ransomware response is about far more than just paying or not paying. #IncidentResponse #Ransomware Related Episodes: - Mastering the Basics: Cyber Hygiene and Risk Management - Crisis in the Kitchen About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠
• Who Holds Power When AI Compresses Decision Time? 12.03.2026 39min

  What if the choices we make about AI security today determine who holds power tomorrow? Erica L. Shoemate brings over a decade of experience from the FBI and U.S. Intelligence Community, followed by senior leadership roles at Twitter, Amazon, and Meta shaping AI policy, cyber strategy, and regulatory readiness. As founder of The EN Strategy Group, she operates at the intersection where national security, emerging technology, and human-centered design collide. In this episode, David Moulton and Erica explore how AI is fundamentally reshaping the security landscape, from compressed decision-making timelines and asymmetric threat capabilities to the erosion of trust that creates strategic vulnerabilities. You'll learn: - Why AI governance can't be an afterthought—and how building policy alongside innovation creates competitive advantage, not friction - How the "new security order" is lowering disruption costs while amplifying ambiguity, enabling smaller actors to generate outsized impact - Why human-centered design isn't about empathy as a value—it's about operational clarity that prevents cognitive overload from becoming a security risk - The framework for balancing innovation and restraint: treating policy as guardrails, not brakes, while red-teaming AI systems before deployment - How trust functions as a national security asset—and why overconfidence is the fastest way to lose it Erica brings rare perspective from both classified intelligence operations and private sector AI deployment at scale. She challenges the assumption that speed and security are trade-offs, arguing instead that ethical AI systems are more durable, more resilient, and ultimately more profitable than those built without accountability. With AI compressing the timeline from detection to decision to response, the margin for error has never been smaller. This conversation reveals why the choices security leaders make right now—about governance, diversity, transparency, and human oversight—will define who is protected, who is exposed, and who maintains strategic advantage in an AI-driven future. This episode is essential listening if you're: - A CISO or security leader deploying AI-enabled systems who needs to balance innovation velocity with governance rigor - A policy professional struggling to keep pace with AI deployment timelines and seeking frameworks that enable rather than block - Anyone responsible for building trust in AI systems—whether with users, regulators, or boards—who recognizes transparency as competitive advantage Related Episodes: - Securing AI in the Enterprise with Tanya Shastri - Deep dive into AI governance frameworks and platformization strategies - How to Scale Responsible AI in the Enterprise with Noelle Russell - Building AI systems with fairness, accuracy, and security as foundational design choices - From Policy to Cyber Interference with Tom Bossert - Bridging national security policy and operational cybersecurity #AISecurity #CyberGovernance About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠
• Zero Trust Without the Hype 05.03.2026 29min

  In this episode of Threat Vector, host David Moulton speaks with LeeAnne Pelzer, Senior Consulting Director, and Brandon Hogle, Consulting Director, both with Palo Alto Networks Unit 42. Together, they explore how organizations can move from Zero Trust theory to practice.Zero Trust is the foundation of modern cybersecurity, but turning principles into measurable outcomes remains a challenge for many enterprises. Pelzer and Hogle share how Unit 42’s Zero Trust Advisory helps organizations assess their cybersecurity maturity, identify visibility gaps, and create tailored roadmaps that connect security architecture with business outcomes.The conversation dives into the common pitfalls that derail Zero Trust, including visibility gaps, operational complexity, and misalignment, and explores how to overcome them with clarity, collaboration, and continuous verification. For security leaders driving transformation, this episode offers a pragmatic look at how to cut through complexity and make Zero Trust achievable. About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠
• Unit 42's Iran Threat Brief: What We're Seeing 04.03.2026 33min

  Unit 42 is tracking more than 60 active hacktivist groups and Iran-linked threat actors right now. What are they actually doing, what should you believe, and what should you do about it? In this episode of Threat Vector, David Moulton sits down with Justin Moore, Senior Manager of Threat Intelligence Research at Unit 42, and Andy Piazza, Senior Director of Threat Intelligence at Unit 42, to walk through the Unit 42 Iran Threat Brief and what the observed activity means for defenders. You'll learn: - What Unit 42 is actually observing from groups like Handala Hack, FAD Team, and Dark Storm, and what claims remain unverified - Why Iran's reduced internet connectivity changes the threat picture in ways that aren't obvious - What dispersed operators and proxy groups mean for organizations far outside the Middle East - Which defensive actions matter most against the TTPs and IOCs Unit 42 has documented - How to handle hacktivist claims that may be exaggerated or false Justin Moore brings nine years of intelligence officer experience plus senior threat intel roles at Mandiant, Google, and TikTok before joining Unit 42. Andy Piazza has more than 20 years in security operations and threat intelligence, including leading IBM X-Force's global threat intel team. Read the threat brief from Unit 42:  - Escalation of Cyber Risk Related to Iran (March 2026) - Escalation of Cyber Risk Related to Iran (June 2025) This episode is essential listening if you're: a CISO assessing current exposure, a threat analyst tracking Iran-linked groups, or a security leader who needs to explain the actual observed risk to your board. Related Episodes: - Inside the Mind of State-Sponsored Cyberattackers - Frenemies With Benefits - From Policy to Cyber Interference #Cybersecurity #ThreatIntelligence About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠
• The Billion Dollar Hiring Scam Funding North Korea 26.02.2026 38min

  North Korea has turned your hiring pipeline into a revenue machine. And most organizations have no idea. Evan Gordenker, Director of AI Security and DPRK Operations at Unit 42, has led more than 160 investigations into sophisticated threat actors, including the North Korean IT worker networks quietly embedded inside global companies. He joins David Moulton to unpack how this operation actually works, why common assumptions about remote work leave organizations exposed, and what security and HR teams can do to detect and disrupt it. You'll learn: - How DPRK operatives use deepfakes, fabricated identities, and real accomplice networks to pass interviews and land jobs at global companies - Why "we don't hire remote" is a dangerous assumption that no longer holds - What signals HR and SOC teams should look for, before and after someone is hired - How the threat has evolved from quiet wage theft to active extortion of former employers - What government collaboration and cross-border intelligence sharing can realistically accomplish Evan contributed to the UN Sanctions Monitoring Team report on North Korean operations and brings a rare combination of technical depth and geopolitical fluency to this problem. Having lived and worked across the US, EU, and Japan, he brings cultural context that matters when investigating a threat with global reach. His investigations have produced some of the most detailed profiles of DPRK operators in the security community. This episode is essential listening if you're: a security leader building out your insider threat program, an HR or talent acquisition leader who hasn't yet connected with your security team, or a threat intelligence analyst tracking how nation-state programs fund themselves. Related Episodes: - From Code to Compromise — Covers North Korean threat actors using fake job interviews to target developers via malicious IDE extensions. A strong companion to this episode's look at the broader IT worker scheme. -Inside the Mind of State-Sponsored Cyberattackers — A deeper look at how nation-state operations are structured and why they're so hard to disrupt. #NationStateThreat #InsiderRisk About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠
• Inside 750 Breaches with Unit 42 19.02.2026 42min

  Your security budget is funding the wrong defenses. Steve Elovitz leads Unit 42's North America consulting and incident response practice, where his team helps prevent, and ultimately answers the call when organizations face their worst day. After analyzing 750+ major breaches in a single year, he's seen exactly which security investments save companies and which ones fail when attackers strike. The data is uncomfortable: 90% of breaches succeed not because attackers are sophisticated, but because of misconfigurations or gaps in security coverage. You'll discover: - Why your detection window just shrunk to 1.2 hours (and what autonomous containment actually means when every minute counts) - The single identity control that separated organizations recovering in days from those shut down for weeks—with the same attacker, same techniques, different outcome - How to stop wasting money on tools that can't see the SaaS integrations and OAuth tokens attackers are already exploiting in your environment - Which gaps in your security posture are preventable right now, before they become next quarter's incident response bill - The defensive investment that delivers ROI in real breach scenarios, not just compliance checkboxes With 15+ years leading incident response teams at Mandiant, PriceWaterhouseCoopers, and Booz Allen Hamilton, Steve has helped security teams make critical decisions under pressure when ransomware is encrypting, data is walking out the door, and the board is demanding answers. He knows which controls actually stop sophisticated threat actors and which ones just look good in budget presentations. This episode is essential listening if you: - Need to defend your security roadmap with evidence from actual breach investigations, not vendor promises - Want to understand why identity keeps appearing in every postmortem and what to do about it before you're the case study - Are tired of "best practices" that don't map to how attackers actually succeed against real organizations Related Episodes: - Muddled Libra: From Spraying to Preying in 2025 - Learn which conditional access policies actually stopped the threat actor Unit 42 calls their toughest fight - Transform Your SOC and Get Ahead of the Threats - Discover how organizations build SOCs that partner effectively with IR teams instead of slowing down containment - Inside Jingle Thief: Cloud Fraud Unwrapped - Understand why your MFA deployment isn't protecting you from identity compromise the way you think it is #IncidentResponse If you think you may have been compromised or have an urgent matter, please contact Unit 42 Incident Response team or call North America Toll-Free: 866.486.4842 (866.4.UNIT42), EMEA: +31.20.299.3130, UK: +44.20.3743.3660, APAC: +65.6983.8730, or Japan: +81.50.1790.0200. About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.
• When Security Friction Becomes the Backdoor 12.02.2026 33min

  Security that slows people down is security that gets bypassed. Birat Niraula leads security for Google Enterprise Network, where he oversees protection across on-premise, network infrastructure, enterprise, and cloud environments. In this episode of Threat Vector, host David Moulton explores a critical truth that most security leaders miss: the difference between friction that protects and friction that creates risk. You'll learn: - Why bad security UX isn't just annoying—it's a vulnerability that creates backdoors - How to identify friction that protects (like MFA and jump hosts) versus friction that makes teams bypass controls - Why DevOps teams inject backdoors into production when security slows them down too much - How AI is becoming the new cloud rush—teams deploying models without understanding security risks - The Chrome browser principle: best security is seamless security that users don't have to think about - Why embedding security teams in design processes beats the "sledgehammer approach" of blanket policies - How to use AI agents as security sidekicks to scale beyond what your team can manually review Birat shares hard-won lessons from securing enterprises at massive scale—from building 24/7 SOCs to leading multi-cloud architecture at Goldman Sachs to now protecting Google's infrastructure. But this conversation isn't about his resume. It's about the fundamental tradeoffs security leaders face: velocity versus protection, automation versus human judgment, and when to embrace friction versus when friction becomes the enemy. This episode is essential listening if you're: leading enterprise security programs, struggling with teams that route around your controls, managing DevOps or cloud security, implementing security that doesn't block business velocity, or trying to understand where AI security is heading. Related Episodes: - Securing the Modern Workforce - Why Security Platformization Is the Future of Cyber Resilience - Shifting Security Left #Cloud #SecurityUX #DevSecOps
• Security Success Stories You Haven't Heard 05.02.2026 31min

  What separates organizations that truly excel at cybersecurity from those that just spend money on it? In this episode of Threat Vector, host David Moulton sits down with Isaias Telhado, Senior Cybersecurity Customer Success Engineer at Palo Alto Networks, to explore what cybersecurity success actually looks like. With over 25 years in IT and security leadership across Nestlé, Zscaler, and now Palo Alto Networks, Isaiah has seen firsthand what transforms organizations from vulnerable and reactive to confident and resilient. You'll learn: - Why the "castle and moat" security model creates massive blind spots that leave you vulnerable from the inside - The museum analogy that finally makes Zero Trust architecture click - How AI is shifting security teams from reactive firefighting to strategic threat forecasting - What "crypto agility" means and why quantum readiness matters today, not tomorrow - The cultural shifts that separate mature security programs from expensive tool collections Isaias shares a powerful case study of a major financial institution that transformed from a devastating data breach caused by misconfiguration to a proactive, cloud-native security posture. The outcome? Incidents dropped dramatically, and the security team's confidence soared—proving security can be a business driver, not a blocker. Beyond technology, Isaiah reveals why collaboration across IT, legal, operations, and business leadership is essential—and why the best security awareness programs are bidirectional, not just pushing policies onto users. With insights on breaking down silos, measuring what matters, and avoiding common pitfalls that slow security maturity even in well-funded organizations, this conversation delivers practical wisdom for security leaders at any stage of their journey. This episode is essential listening if you're: implementing Zero Trust architecture, managing cloud migration while maintaining security, breaking down organizational silos between security and business units, struggling to prove ROI on security investments, or preparing your organization for AI-powered threats and quantum computing risks. Related Episodes: - Why Security Platformization Is the Future of Cyber Resilience - Securing the Modern Workforce - Unlocking Cybersecurity ROI with Platformization #ZeroTrust #CloudSecurity About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.
• Is Your AI Well-Engineered Enough to Be Trusted? 29.01.2026 38min

  Can you trust your AI systems with your business, or are they just another attack surface waiting to be exploited? Aaron Isaksen leads AI Research and Engineering at Palo Alto Networks, where he advances state-of-the-art AI in cybersecurity. In this episode of Threat Vector, host ⁠David Moulton⁠ sits down with ⁠Dr. Aaron Isaksen⁠ to explore why engineering excellence must precede ethical AI debates, how adversarial AI is reshaping cybersecurity, and what it actually takes to build AI systems resilient enough to operate in hostile environments. You'll learn: Why well-engineered AI must be the prerequisite before discussing AI ethics How prompt injection attacks are becoming the "SQL injection of the AI era," and why they may never be fully solved What defending the Black Hat USA NOC with AI-powered security taught about real-world AI resilience How machine learning transforms attack surface management from manual inventory chaos to automated risk reduction Why game development experience creates better cybersecurity AI researchers (and what curiosity has to do with it) Before Palo Alto Networks, Aaron spent 15+ years building products across wildly different domains. From co-founding mobile gaming companies and funding independent game developers through Indie Fund, to leading ML engineering at ASAPP where his teams prototyped state-of-the-art neural networks for NLP. With a PhD from NYU (automated software design), a Master's from MIT (light field rendering), and a BS from UC Berkeley, Aaron brings a unique perspective: AI security isn't about philosophical debates. It's about rigorous engineering, continuous red teaming, and building systems that can withstand determined adversaries. This episode is essential listening if you're: deploying AI in production systems, building security programs around generative AI tools, leading attack surface management initiatives, trying to separate AI security theater from actual resilience, or wondering whether your AI agents can operate safely on the open web. #AI Related Episodes: Identity: The Kill Switch for AI Agents Securing AI in the Enterprise Inside AI Runtime Defense About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.