Don't Leave Them to Their Own Devices

7 snips

Oct 30, 2025

Asher Davila, Principal Security Researcher at Palo Alto Networks, dives deep into the alarming findings from the 2025 Device Security Enterprise Threat Report. Over 21% of connected devices have known vulnerabilities, with 32.5% unmanaged, creating serious security blind spots. He discusses common oversight with personal devices and the challenges posed by credential-based attacks. Asher emphasizes the importance of effective asset lifecycle governance and why zero trust approaches are hindered by management gaps. Proactive defenses are crucial for breaking the attack chain.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

INSIGHT

Device Diversity Creates Visibility Gaps

Large organizations average ~80 device types, creating complex inventory and visibility challenges.
Diversity of OSes, versions, and BYOD multiplies blind spots for administrators.

ADVICE

Focus On Common Blind-Spot Devices

Watch for smartphones, tablets, IP cameras, DVRs and VMs as common visibility blind spots.
Harden access, disable unused services, and apply segmentation or firewalls for these devices.

INSIGHT

Why Many AD Devices Lack EDR

About 39% of IT devices in Active Directory lack EDR/XDR coverage due to OS incompatibility, budget limits, and forgotten test servers.
These gaps create persistent blind spots that attackers can exploit.

Get the Snipd Podcast app to discover more snips from this episode

Get the app

In this episode of Threat Vector, host David Moulton speaks with Asher Davila, Principal Security Researcher at Palo Alto Networks, about the newly released 2025 Device Security Enterprise Threat Report. This data-rich report reveals that over 21% of connected enterprise devices have known vulnerabilities, and nearly 40% of devices registered in Active Directory lack proper EDR/XDR coverage. Even more concerning, 32.5% of all network-connected assets are unmanaged, creating a massive blind spot for defenders. Asher breaks down why understanding both managed and unmanaged device exposure is essential to securing modern environments. From weak segmentation to credential-based threats and lifecycle risks, this conversation delivers critical insights for security leaders seeking to gain control of their expanding device landscape.

Read the 2025 Device Security Threat Report.

Join the conversation on our social media channels:

Website:⁠ ⁠⁠⁠⁠https://www.paloaltonetworks.com/⁠
Threat Research:⁠ ⁠⁠⁠⁠https://unit42.paloaltonetworks.com/⁠⁠⁠⁠⁠
Facebook:⁠ ⁠⁠⁠⁠https://www.facebook.com/LifeatPaloAltoNetworks/⁠⁠⁠⁠⁠
LinkedIn:⁠ ⁠⁠⁠⁠https://www.linkedin.com/company/unit42/⁠⁠⁠⁠⁠
YouTube:⁠ ⁠@paloaltonetworks
Twitter:⁠ ⁠⁠⁠⁠⁠⁠https://twitter.com/PaloAltoNtwks⁠⁠⁠⁠

About Threat Vector

Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends.

The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers.

Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization.

Palo Alto Networks

Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠ ⁠http://paloaltonetworks.com.