Threat Vector by Palo Alto Networks

Your security budget is funding the wrong defenses. Steve Elovitz leads Unit 42's North America consulting and incident response practice, where his team helps prevent, and ultimately answers the call when organizations face their worst day. After analyzing 750+ major breaches in a single year, he's seen exactly which security investments save companies and which ones fail when attackers strike. The data is uncomfortable: 90% of breaches succeed not because attackers are sophisticated, but because of misconfigurations or gaps in security coverage. You'll discover: - Why your detection window just shrunk to 1.2 hours (and what autonomous containment actually means when every minute counts) - The single identity control that separated organizations recovering in days from those shut down for weeks—with the same attacker, same techniques, different outcome - How to stop wasting money on tools that can't see the SaaS integrations and OAuth tokens attackers are already exploiting in your environment - Which gaps in your security posture are preventable right now, before they become next quarter's incident response bill - The defensive investment that delivers ROI in real breach scenarios, not just compliance checkboxes With 15+ years leading incident response teams at Mandiant, PriceWaterhouseCoopers, and Booz Allen Hamilton, Steve has helped security teams make critical decisions under pressure when ransomware is encrypting, data is walking out the door, and the board is demanding answers. He knows which controls actually stop sophisticated threat actors and which ones just look good in budget presentations. This episode is essential listening if you: - Need to defend your security roadmap with evidence from actual breach investigations, not vendor promises - Want to understand why identity keeps appearing in every postmortem and what to do about it before you're the case study - Are tired of "best practices" that don't map to how attackers actually succeed against real organizations Related Episodes: - Muddled Libra: From Spraying to Preying in 2025 - Learn which conditional access policies actually stopped the threat actor Unit 42 calls their toughest fight - Transform Your SOC and Get Ahead of the Threats - Discover how organizations build SOCs that partner effectively with IR teams instead of slowing down containment - Inside Jingle Thief: Cloud Fraud Unwrapped - Understand why your MFA deployment isn't protecting you from identity compromise the way you think it is #IncidentResponse If you think you may have been compromised or have an urgent matter, please contact Unit 42 Incident Response team or call North America Toll-Free: 866.486.4842 (866.4.UNIT42), EMEA: +31.20.299.3130, UK: +44.20.3743.3660, APAC: +65.6983.8730, or Japan: +81.50.1790.0200. About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.

What separates organizations that truly excel at cybersecurity from those that just spend money on it? In this episode of Threat Vector, host David Moulton sits down with Isaias Telhado, Senior Cybersecurity Customer Success Engineer at Palo Alto Networks, to explore what cybersecurity success actually looks like. With over 25 years in IT and security leadership across Nestlé, Zscaler, and now Palo Alto Networks, Isaiah has seen firsthand what transforms organizations from vulnerable and reactive to confident and resilient. You'll learn: - Why the "castle and moat" security model creates massive blind spots that leave you vulnerable from the inside - The museum analogy that finally makes Zero Trust architecture click - How AI is shifting security teams from reactive firefighting to strategic threat forecasting - What "crypto agility" means and why quantum readiness matters today, not tomorrow - The cultural shifts that separate mature security programs from expensive tool collections Isaias shares a powerful case study of a major financial institution that transformed from a devastating data breach caused by misconfiguration to a proactive, cloud-native security posture. The outcome? Incidents dropped dramatically, and the security team's confidence soared—proving security can be a business driver, not a blocker. Beyond technology, Isaiah reveals why collaboration across IT, legal, operations, and business leadership is essential—and why the best security awareness programs are bidirectional, not just pushing policies onto users. With insights on breaking down silos, measuring what matters, and avoiding common pitfalls that slow security maturity even in well-funded organizations, this conversation delivers practical wisdom for security leaders at any stage of their journey. This episode is essential listening if you're: implementing Zero Trust architecture, managing cloud migration while maintaining security, breaking down organizational silos between security and business units, struggling to prove ROI on security investments, or preparing your organization for AI-powered threats and quantum computing risks. Related Episodes: - Why Security Platformization Is the Future of Cyber Resilience - Securing the Modern Workforce - Unlocking Cybersecurity ROI with Platformization #ZeroTrust #CloudSecurity About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.

Can AI agents be trusted when 80% of today's breaches start with compromised identities? Carey Frey, Chief Security Officer at TELUS, joins Threat Vector host David Moulton to tackle the most overlooked security challenge in the AI revolution: identity. With 20+ years protecting everything from Canada's Communication Security Establishment to one of North America's largest telecommunications companies, Carey brings hard-won wisdom about why identity isn't just important—it's the foundation that determines whether agentic AI becomes a force multiplier or an attack surface disaster. You'll learn: Why 95% of organizations haven't thought about AI agent identity (and what happens when they deploy anyway) The single data layer CISOs need to build before AI agents can operate safely at scale How threat actors have already abandoned malware for something far simpler—and why AI makes it exponentially worse What "delegated authority" means for AI agents and why Gmail's EA permissions model points the way forward The maturity model that tells you if your identity foundation will crumble under agentic AI Carey leads security programs protecting TELUS's global assets while delivering managed cybersecurity services to 450+ customers across Canada. As a member of the Security Innovation Network (SINet), he co-authored practitioner guidance defining what "AI-native identity fabric" actually means—and why solving identity before deploying agents isn't optional. His insights bridge 20 years of government intelligence work with real-world enterprise security at telecommunications scale. Read Carey's work on identity and AI: The AI Revolution: Identity Will Unleash Its Full Power SINet Identity Working Group Strategic Guide This episode is essential listening if you're: evaluating AI agent platforms, struggling with fragmented IAM systems across cloud and on-prem, implementing Zero Trust for non-human identities, or trying to understand why identity suddenly became the CISO's #1 priority after being the "third rail" for decades. Related Episodes: Transform Your SOC And Get Ahead Of The Threats Securing AI in the Enterprise How to Scale Responsible AI in the Enterprise Join the conversation on our social media channels: Website:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.paloaltonetworks.com/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Threat Research:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Facebook:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ YouTube:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@paloaltonetworks⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Twitter:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.

AI security is no longer optional, it’s urgent. In this episode of Threat Vector, David Moulton sits down with Ian Swanson, former CEO of Protect AI and now the AI Security Leader at Palo Alto Networks. Ian shares how securing the AI supply chain has become the next frontier in cybersecurity and why every enterprise building or integrating AI needs to treat it like any other software pipeline—rife with dependencies, blind spots, and adversaries ready to exploit them. They also explore "vibe coding" the practice of developers relying on instinct and intuition rather than rigorous review when coding with or around LLMs. It's a fun name for a very real risk. Whether you're a CISO, a developer, or anyone helping shape AI in your organization, this conversation is your guide to locking down AI before it locks you out. Join the conversation on our social media channels: Website:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.paloaltonetworks.com/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Threat Research:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Facebook:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ YouTube:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@paloaltonetworks⁠⁠⁠⁠⁠⁠⁠⁠⁠ Twitter:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠

While our team is out on winter break, please enjoy this encore episode of Threat Vector . Join⁠ David Moulton⁠, Senior Director of Thought Leadership for Unit 42, as he sits down with⁠ Kyle Wilhoit⁠,Technical Director of Threat Research at Unit 42, for an intimate conversation about the evolution of hacker culture and cybersecurity. From picking up ⁠2600: The Hacker Quarterly⁠ magazines at Barnes & Noble and building beige boxes to leading threat research at Palo Alto Networks, Kyle shares his personal journey into the security community. This conversation explores how AI and automation are lowering barriers for attackers, the professionalization of cybersecurity, and what's been lost and gained in the industry's maturation. Kyle offers practical advice for newcomers who don't fit the traditional mold, emphasizing the importance of curiosity, soft skills, and intellectual humility. Kyle Wilhoit is a seasoned cybersecurity researcher, with more than 15 years of experience studying cybercrime and nation-state threats. He's a frequent speaker at global conferences like Black Hat, FIRST, and SecTor, and has authored two industry-respected books: ⁠Hacking Exposed Industrial Control Systems⁠ and ⁠Operationalizing Threat Intelligence⁠. As a long-standing member of the Black Hat US Review Board and an adjunct instructor, Kyle is deeply involved in shaping both cutting-edge research and the next generation of cybersecurity professionals.⁠ ⁠ ⁠Connect with Kyle on LinkedIn⁠ Previous appearances on Threat Vector: Inside DeepSeek’s Security Flaws (Mar 31, 2025) ⁠https://www.paloaltonetworks.com/resources/podcasts/threat-vector-inside-deepseeks-security-flaws⁠ War Room Best Practices (Nov 07, 2024)⁠https://www.paloaltonetworks.com/resources/podcasts/threat-vector-war-room-best-practices⁠ Cybersecurity in the AI Era: Insights from Unit 42's Kyle Wilhoit, Director of Threat Research (Jan 11, 2024)⁠https://www.paloaltonetworks.com/resources/podcasts/threat-vector-cybersecurity-in-the-ai-era-insights-from-unit-42s-kyle-wilhoit-director-of-threat-research⁠ Learn more about Unit 42's threat research at ⁠https://unit42.paloaltonetworks.com/⁠. Related episodes: For more conversations about AI's impact on cybersecurity, career development in security, and insights from Unit 42 researchers, explore past episodes at⁠ https://www.paloaltonetworks.com/podcasts/threat-vector⁠. Join the conversation on our social media channels: Website:⁠ http://www.paloaltonetworks.com/⁠ Threat Research:⁠ ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠⁠ Facebook:⁠ ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠⁠ LinkedIn:⁠ ⁠⁠⁠⁠⁠https://www.linkedin.com/company/palo-alto-networks/ YouTube:⁠ ⁠⁠⁠⁠⁠@paloaltonetworks Twitter:⁠ ⁠⁠⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠⁠ About Threat Vector Threat Vector, Palo Alto Networks podcast, is your premier destination for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile. ⁠⁠http://paloaltonetworks.com⁠

In this episode of Threat Vector, host Michael Heller, Managing Editor for Cortex and Unit 42 and Executive Producer of the podcast, sits down with long-time security leaders Greg Conti and Tom Cross to unpack the hacker mindset and the idea of “dark capabilities” inside modern technology companies. Greg, Principal at Kopidion Cybersecurity and a former Army Cyber Institute founder, and Tom, Head of Threat Research at GetReal and Senior Associate at Kopidion, explain why the real risk is not just what a product is supposed to do, but everything it is technically capable of doing in the hands of insiders, governments, or determined adversaries. Drawing on their DEF CON trainings in adversarial thinking and recent talks on effects based operations for tech companies, they explore how security leaders can systematically map their organization’s hidden capabilities, stress test them with an “if we decided to be evil” lens, and then build the technical and institutional guardrails that keep both people and platforms aligned with ethical and strategic goals. This conversation is especially important for decision makers tasked with securing the workforce in an era of AI, pervasive sensors, and increasingly blurred lines between defense and offense. Join the conversation on our social media channels: Website:⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.paloaltonetworks.com/⁠⁠⁠⁠⁠⁠⁠⁠ Threat Research:⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Facebook:⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn:⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ YouTube:⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@paloaltonetworks⁠⁠⁠⁠⁠⁠⁠ Twitter:⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠

We dive into a nostalgic yet revealing journey through classic hacker films, from WarGames to The Net and beyond, to assess what they got right, what they wildly imagined, and what those stories say about culture, fears, and cyber reality today. David Moulton, Senior Director of Thought Leadership for Unit 42 talks with Ben Hasskamp, Global Content Leader at Palo Alto Networks, who has been writing deeply on this intersection of media, tech, and risk. Together, we’ll examine how cinematic depictions of hacking have shaped public perception, influenced policy, and sometimes eerily foreshadowed modern cyber threats. Expect a blend of film critique, security insight, and cultural reflection. Join the conversation on our social media channels: Website:⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.paloaltonetworks.com/⁠⁠⁠⁠⁠⁠ Threat Research:⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Facebook:⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn:⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ YouTube:⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@paloaltonetworks⁠⁠⁠⁠⁠ Twitter:⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠⁠⁠⁠⁠⁠ About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠