Threat Vector by Palo Alto Networks

Ingrid Parker, Director of Intel Response at Unit 42, has a background that doesn't fit the mold: art student, Army linguist, systems administrator deployed to Afghanistan, co-author of 11 Strategies of a World-Class Cybersecurity Operations Center. In this conversation, she and David dig into what it actually feels like to do threat intelligence at the highest levels — how you build the kind of thinking that lets you get inside an adversary's head, what you look for when you're hiring for that skill, and what the job quietly costs the people who do it well.

Related Episodes:


The Art of Threat Hunting — Ryan Chapman on how threat hunters develop instincts and expertise


Transform Your SOC and Get Ahead of the Threats — Clay Brothers on SOC transformation and what makes teams resilient


Designing Human-Centered Security Operations — Liz Pinder and Patrick Bayle on analyst burnout, focus, and what the SOC owes its people

#ThreatIntelligence #CyberDefense

About Threat Vector

Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends.

The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers.

Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization.

Palo Alto Networks

Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠⁠

AI is the most powerful tool defenders have ever had. It's also the most dangerous weapon attackers have ever had. Assaf Keren, CSO at Qualtrics and author of Lessons from the Frontlines, has seen AI reshape both sides of the threat equation. In this conversation, he gets specific about what happens when powerful tools fall into the wrong hands, and what leaders need to do before they get caught off-guard.

You'll learn:


How attackers are using AI to move faster, scale wider, and go deeper than ever before


Why the moment you deploy AI, your security posture fundamentally changes


What curiosity-driven leadership looks like when the threat landscape won't sit still


How to close the gap between the security team's understanding of AI and the rest of the organization


What Assaf learned from 25+ years on the frontlines that still applies in the AI era

#CyberSecurity #AIRisk

Related Episodes:


The Good, the Bad, the Ugly of AI


Inside AI Runtime Defense


Securing AI in the Enterprise

About Threat Vector

Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends.

The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers.

Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization.

Palo Alto Networks

Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠⁠

The FBI sees every breach. You see yours.

Adam Maddock, Section Chief of the FBI's Cyber Technical Analytics and Operations Section, and Jarrod Schlenker, Assistant Section Chief leading the FBI Cyber Division's private-sector engagement, join David Moulton to walk through Operation Winter SHIELD, the FBI's public campaign built on what investigators see repeated across hundreds and thousands of cases. Ten defenses. All of them rooted in real intrusions. Most of them still missing from too many organizations.

You'll learn:

Why SMS-based MFA is no longer enough, and what phishing-resistant authentication actually looks like in practice

How end-of-life SOHO routers and IoT devices become obfuscation infrastructure for attacks against targets that never knew they were involved

Why calling the FBI early in an incident changes what's possible, and what you lose if you wait

What the FBI means when it says industry is a "critical ally," not a passive recipient of intelligence

Why you don't need to have your act together before you call your local FBI field office, and why trying to might actually hurt the investigation

This episode is essential listening if you're: a CISO or security leader wondering what law enforcement actually needs from you, an executive who doesn't yet have a relationship with your local FBI field office, or a practitioner trying to understand which defensive investments move the needle most.

Resources:


Operation Winter SHIELD at fbi.gov

Operation Winter SHIELD One-Pager

Related Episodes:


Lessons from the Underground with Keith Mularski, former FBI special agent and Chief Global Ambassador at Qintel


Inside the Mind of State-Sponsored Cyberattackers with Lior Rochberger, Unit 42

Risk, Resilience, and Real Talk with Sam Ainscow

#Cybersecurity #CriticalInfrastructure

About Threat Vector

Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends.

The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers.

Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization.

Palo Alto Networks

Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠⁠

What does it take to go from staring at forensic images to sitting across from a CEO whose company is on fire?

Steve Elovitz has spent his entire career in the room when things go wrong. He started in forensics and eDiscovery at PwC, moved to Booz Allen doing government work, then spent a decade at Mandiant before joining Unit 42 to lead North America consulting and incident response. The throughline across all of it: empathy.

In this conversation, Steve reflects on what two decades of incident response actually teaches you about the people on the other side of a breach. The executives fighting for their jobs. The CISOs trying to communicate while everything's on fire. The analysts who need someone to have their backs.

You'll hear how Steve's understanding of the job evolved as he moved from technical analyst to executive advisor, what the shift from forensic imaging to real-time response felt like from inside it, why identity keeps showing up in nearly every postmortem, and what briefing a board looks like when you get 15 minutes instead of the hour you planned for.

Steve has advised Fortune 500 boards and C-suites through some of the most damaging breaches of the past two decades. His biggest lesson turned out to be the one no certification teaches.

This episode is essential listening if you're a security professional trying to grow from analyst to advisor, or a leader building a team that can sustain this kind of work over a career.

Related Episodes:

Speaking Security in Board Language 

Cybersecurity Metrics and Reporting to the Board 

Transform Your SOC and Get Ahead of the Threats

#IncidentResponse #Cybersecurity

About Threat Vector

Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends.

The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers.

Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization.

Palo Alto Networks

Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠⁠

Most people think nation-state cyberattacks are unpredictable. Allie Mellen wrote the book that proves they’re not.

Allie Mellen is the author of Code War: How Nations Hack, Spy, and Shape the Digital Battlefield and a leading industry analyst and former hacker. She advises Global 2000 organizations on detecting and responding to nation-state attacks. Her research career began as a hacker with work featured at Black Hat USA. She has partnered with multiple government agencies on election security and regularly briefs the Wall Street Journal, NPR, and the Washington Post.

Allie joined Threat Vector previously to break down the XDR landscape and what’s next for security operations. This time, the conversation goes somewhere different.

In this conversation with David Moulton, Allie breaks down the strategic logic behind attacks most defenders treat as random events.

You’ll learn:


Why nation-state attacks follow predictable strategic patterns, not chaos


How military doctrine and national history shape a country’s hacking behavior


What makes Stuxnet, WannaCry, NotPetya and the Sony Pictures hack so instructive


How to tell the difference between espionage, disruption and destruction campaigns


What defenders and executives can actually do with this knowledge

Allie has spent years studying threat actors from China, Russia, Iran, North Korea, Israel and the United States. Her analytical framework connects the dots between geopolitical objectives and the technical tradecraft security teams see on the wire every day.

This episode is essential listening if you’re a CISO translating threat intelligence into board-level strategy, a threat analyst trying to understand adversary intent, or a security leader who wants to think about the geopolitical forces shaping your threat landscape.

Related Episodes:


Inside the Mind of State-Sponsored Cyberattackers


Confronting China’s Expanding Cyber Threats


Lessons from the Underground


A Hacker's Insights on Your Privacy


Decoding XDR: Allie Mellen on What's Next

Mentioned in the Show:

Anthropic — "Disrupting the first reported AI-orchestrated cyber espionage campaign" https://assets.anthropic.com/m/ec212e6566a0d47/original/Disrupting-the-first-reported-AI-orchestrated-cyber-espionage-campaign.pdf Published November 2025. Anthropic's Threat Intelligence team report on threat actor GTG-1002, a Chinese state-sponsored group that used Claude Code to execute 80-90% of a cyber espionage campaign autonomously — reconnaissance, exploitation, lateral movement, credential harvesting, and exfiltration — across roughly 30 global targets.

Allie Mellen — Code War: How Nations Hack, Spy, and Shape the Digital Battlefield Read Allie's book, Code War, now: https://bit.ly/m/codewar

#NationStateCyber #ThreatIntelligence

About Threat Vector

Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends.

The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers.

Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization.

Palo Alto Networks

Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.⁠⁠