
In this episode of the Endace Packet Forensic Files, Michael chats with with Cody Spooner, Principal Sales Engineer and DFIR expert at Corelight, about an interesting topic: the subtleties and differences of “Enablers" vs "Behaviors” of a cybersecurity compromise. Cody explains that when most people think of threat hunting or incident response investigations, they picture analysts looking for signs of malicious activity. In reality there are critical subtle differences between the “behavior o...
May 28
18 min

In this episode of the @Endace, Packet Forensic Files, Michael Morris chats with Andrew Cook, CTO of Recon InfoSec and host of the Thursday Defensive Podcast about Incident Investigation and Response, and Threat Hunting . Andrew has a wealth of experience in high-pressure cyberdefense environments and shares some of the key lessons he's learned along the way, as well as passing some great advice. This episode is a must-listen for cybersecurity professionals who want to learn more abou...
Mar 3
37 min

In this episode of the @Endace, Packet Forensic Files, Michael Morris chats with Steve Fink, CTO and CISO of Secure Yeti and architect of the SOCs for Black Hat, RSA Conference, and Cisco Live, for an in-depth look at building effective Security Operations Centers (SOCs). With 26 years of cybersecurity experience, Fink shares strategies for leveraging packet data, integrating AI for automation, fostering vendor collaboration, and ensuring scalability and resilience. This expert-...
Nov 7, 2025
25 min

Why NDR is Evolving—And What Enterprises Should Demand From It In this episode of the @Endace Packet Forensic Files, Michael Morris is joined by Jack Chan, VP of Product and Field CTO at Fortinet, to unpack what makes a truly effective Network Detection and Response (NDR) solution. Jack shares his perspective on why visibility, historical context, and deep threat hunting capabilities matter more than flashy features. They explore how AI and machine learning are transforming NDR—helping ...
Oct 1, 2025
25 min

What does it take to run a world-class Security Operations Center (SOC) in today’s high-stakes, high-speed cybersecurity landscape? In this episode of the @Endace, Packet Forensic Files, Michael Morris chats with Jessica (Bair) Oppenheimer, Cisco's Director of Security Operations, for an in-depth look at next-generation Security Operations Centers (SOCs). Jessica shares her expertise from securing high-stakes events like the Paris 2024 Olympics, NFL Super Bowl, Black Hat, and RSAC Conf...
Aug 12, 2025
27 min

In this episode of the @Endace Packet Forensics Files, I talk to Jean-Paul Bergeaux, Federal CTO at GuidePoint Security. We unravel the complex world of federal cybersecurity and discuss the critical importance of certifications, the game-changing M-21-31 directives, and how packet capture data is revolutionizing threat detection. We also uncover the potential risks and opportunities presented by generative AI in the cybersecurity landscape. From SolarWinds lessons to the emerging...
Jun 11, 2025
22 min

How Generative AI and Machine Learning are Revolutionizing Cybersecurity In this episode of the Endace Packet Forensic Files, Michael Morris explores how advanced technologies like AI and machine learning are transforming security operations with James Spiteri. With extensive experience in cybersecurity and security operations, including leading SOC teams and developing innovative solutions for AI and machine learning, James offers unparalleled insights. He delves into the growing sophistica...
Feb 26, 2025
31 min

Unlock the Power of Network Packet Data in Cybersecurity In this episode of the Endace Packet Forensics Files, Michael Morris dives into the critical role of network packet data in cybersecurity with Matt Bromiley, a seasoned threat-hunting expert. Matt shares why robust detection systems and proactive threat hunting are essential, and how network data serves as the “glue” that ties together evidence in cybersecurity investigations. The challenges of managing large data volumes, the growing ...
Nov 7, 2024
38 min

Ransomware has shifted from simple, isolated attacks to coordinated, human-operated campaigns that target entire organizations. In this episode of the Endace Packet Forensics Files, Michael Morris talks with Ryan Chapman, SANS Instructor and expert in Digital Forensic and Incident Response (DFIR) about these evolving threats. Ryan explains how attackers are becoming more methodical and sophisticated, focusing on disabling EDR/XDR solutions to evade detection and leaving organiza...
Aug 26, 2024
28 min

In this episode, I chat with Taran Singh, VP of Product Management at Keysight Technologies, about network observability. Taran explains its importance within the zero-trust architecture and discusses the challenges organizations face in achieving clear network visibility. He highlights the role of historical data analysis in cybersecurity and outlines Keysight's approach to network visibility. Don’t miss this insightful discussion on network observability and its signifi...
May 16, 2024
17 min
Load more
