Threat Vector by Palo Alto Networks

AI is the most powerful tool defenders have ever had. It's also the most dangerous weapon attackers have ever had. Assaf Keren, CSO at Qualtrics and author of Lessons from the Frontlines, has seen AI reshape both sides of the threat equation. In this conversation, he gets specific about what happens when powerful tools fall into the wrong hands, and what leaders need to do before they get caught off-guard. You'll learn: How attackers are using AI to move faster, scale wider, and go deeper than ever before Why the moment you deploy AI, your security posture fundamentally changes What curiosity-driven leadership looks like when the threat landscape won't sit still How to close the gap between the security team's understanding of AI and the rest of the organization What Assaf learned from 25+ years on the frontlines that still applies in the AI era #CyberSecurity #AIRisk Related Episodes: The Good, the Bad, the Ugly of AI Inside AI Runtime Defense Securing AI in the Enterprise About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠⁠

The FBI sees every breach. You see yours. Adam Maddock, Section Chief of the FBI's Cyber Technical Analytics and Operations Section, and Jarrod Schlenker, Assistant Section Chief leading the FBI Cyber Division's private-sector engagement, join David Moulton to walk through Operation Winter SHIELD, the FBI's public campaign built on what investigators see repeated across hundreds and thousands of cases. Ten defenses. All of them rooted in real intrusions. Most of them still missing from too many organizations. You'll learn: Why SMS-based MFA is no longer enough, and what phishing-resistant authentication actually looks like in practice How end-of-life SOHO routers and IoT devices become obfuscation infrastructure for attacks against targets that never knew they were involved Why calling the FBI early in an incident changes what's possible, and what you lose if you wait What the FBI means when it says industry is a "critical ally," not a passive recipient of intelligence Why you don't need to have your act together before you call your local FBI field office, and why trying to might actually hurt the investigation This episode is essential listening if you're: a CISO or security leader wondering what law enforcement actually needs from you, an executive who doesn't yet have a relationship with your local FBI field office, or a practitioner trying to understand which defensive investments move the needle most. Resources: Operation Winter SHIELD at fbi.gov Operation Winter SHIELD One-Pager Related Episodes: Lessons from the Underground with Keith Mularski, former FBI special agent and Chief Global Ambassador at Qintel Inside the Mind of State-Sponsored Cyberattackers with Lior Rochberger, Unit 42 Risk, Resilience, and Real Talk with Sam Ainscow #Cybersecurity #CriticalInfrastructure About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠⁠

What does it take to go from staring at forensic images to sitting across from a CEO whose company is on fire? Steve Elovitz has spent his entire career in the room when things go wrong. He started in forensics and eDiscovery at PwC, moved to Booz Allen doing government work, then spent a decade at Mandiant before joining Unit 42 to lead North America consulting and incident response. The throughline across all of it: empathy. In this conversation, Steve reflects on what two decades of incident response actually teaches you about the people on the other side of a breach. The executives fighting for their jobs. The CISOs trying to communicate while everything's on fire. The analysts who need someone to have their backs. You'll hear how Steve's understanding of the job evolved as he moved from technical analyst to executive advisor, what the shift from forensic imaging to real-time response felt like from inside it, why identity keeps showing up in nearly every postmortem, and what briefing a board looks like when you get 15 minutes instead of the hour you planned for. Steve has advised Fortune 500 boards and C-suites through some of the most damaging breaches of the past two decades. His biggest lesson turned out to be the one no certification teaches. This episode is essential listening if you're a security professional trying to grow from analyst to advisor, or a leader building a team that can sustain this kind of work over a career. Related Episodes: Speaking Security in Board Language  Cybersecurity Metrics and Reporting to the Board  Transform Your SOC and Get Ahead of the Threats #IncidentResponse #Cybersecurity About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠⁠

Most people think nation-state cyberattacks are unpredictable. Allie Mellen wrote the book that proves they’re not. Allie Mellen is the author of Code War: How Nations Hack, Spy, and Shape the Digital Battlefield and a leading industry analyst and former hacker. She advises Global 2000 organizations on detecting and responding to nation-state attacks. Her research career began as a hacker with work featured at Black Hat USA. She has partnered with multiple government agencies on election security and regularly briefs the Wall Street Journal, NPR, and the Washington Post. Allie joined Threat Vector previously to break down the XDR landscape and what’s next for security operations. This time, the conversation goes somewhere different. In this conversation with David Moulton, Allie breaks down the strategic logic behind attacks most defenders treat as random events. You’ll learn: Why nation-state attacks follow predictable strategic patterns, not chaos How military doctrine and national history shape a country’s hacking behavior What makes Stuxnet, WannaCry, NotPetya and the Sony Pictures hack so instructive How to tell the difference between espionage, disruption and destruction campaigns What defenders and executives can actually do with this knowledge Allie has spent years studying threat actors from China, Russia, Iran, North Korea, Israel and the United States. Her analytical framework connects the dots between geopolitical objectives and the technical tradecraft security teams see on the wire every day. This episode is essential listening if you’re a CISO translating threat intelligence into board-level strategy, a threat analyst trying to understand adversary intent, or a security leader who wants to think about the geopolitical forces shaping your threat landscape. Related Episodes: Inside the Mind of State-Sponsored Cyberattackers Confronting China’s Expanding Cyber Threats Lessons from the Underground A Hacker's Insights on Your Privacy Decoding XDR: Allie Mellen on What's Next Mentioned in the Show: Anthropic — "Disrupting the first reported AI-orchestrated cyber espionage campaign" https://assets.anthropic.com/m/ec212e6566a0d47/original/Disrupting-the-first-reported-AI-orchestrated-cyber-espionage-campaign.pdf Published November 2025. Anthropic's Threat Intelligence team report on threat actor GTG-1002, a Chinese state-sponsored group that used Claude Code to execute 80-90% of a cyber espionage campaign autonomously — reconnaissance, exploitation, lateral movement, credential harvesting, and exfiltration — across roughly 30 global targets. Allie Mellen — Code War: How Nations Hack, Spy, and Shape the Digital Battlefield Read Allie's book, Code War, now: https://bit.ly/m/codewar #NationStateCyber #ThreatIntelligence About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠⁠

What happens when your security analyst isn't a person? Elad Koren, Vice President of Product Management for Cortex Cloud at Palo Alto Networks, returns to Threat Vector to pull back the curtain on what an agentic-first security experience actually looks like in practice. This isn't a vision deck. The agents are already running. When Elad joined the show for Why Proactive Security Can't Wait, he made the case that reactive security can no longer keep up with adversaries who move from initial compromise to data theft in under five hours. This episode picks up where that conversation ended, with host David Moulton and Elad discussing the tools built to close that gap. You'll learn: What "agentic-first analyst experience" means and why it changes the SOC fundamentally How Cortex is deploying autonomous agents across the platform and what they actually do What XDL 2.0 is and why defenders need to understand it now How product leaders are making security faster without making it reckless Elad brings over two decades of experience in security, spanning RSA, PerimeterX, Salt Security, and now leading product for Cortex Cloud at Palo Alto Networks. He holds a CISSP and a patent in autonomous risk monitoring. This episode is essential listening if you're: a security leader evaluating agentic AI tools, a product-minded practitioner curious how AI is reshaping cloud defense, or a CISO trying to figure out what's hype and what's already in production. #AI #Cloud #autonomous Related Episodes: Why Proactive Security Can't Wait Securing the Future of AI Agents Transform Your SOC and Get Ahead of the Threats #AIAgents #CloudSecurity About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠⁠