Threat Vector by Palo Alto Networks

Sailesh Mishra, AI security practitioner and founder with experience at Uber's Advanced Technologies Group and AI startups. He explores autonomous agents that act, not just answer. He warns about agents with persistent memory, logic-bomb style attacks, and indirect prompt injection in the wild. He stresses scoping agent identity and monitoring every tool call to catch time-shifted, stateful threats.

Jeremy D. Brown, Consulting Director at Unit 42 with extensive ransomware negotiation and incident response experience. He recounts how initial contact yields forensic clues and which attacker playbooks are most common. He explains timing, who should be at the table, why politeness helps, and which groups are too risky or sanctioned to engage.

Erica L. Shoemate, former FBI and U.S. intelligence leader turned AI and policy strategist, explores how AI compresses decision timelines and reshapes security. She discusses governance built alongside innovation. Short, sharp takes cover human-centered design to avoid cognitive overload, the strategic role of trust, and why policy should be guardrails rather than brakes.

Brandon Hogle, Consulting Director experienced in Zero Trust architecture across commercial, federal, and defense; LeeAnne Pelzer, Senior Consulting Director who operationalizes Zero Trust for business outcomes. They discuss why Zero Trust often stalls, visibility and asset inventory gaps, outcome-driven quick wins, dynamic access by user and device context, breaking silos for shared outcomes, and pragmatic steps to sustain Zero Trust over time.

Andy Piazza, Senior Director of Threat Intelligence with 20+ years in ops, and Justin Moore, Senior Manager with intelligence and rapid‑response experience, walk through Unit 42’s Iran threat brief. They discuss active hacktivist groups and which claims are unverified. They explain how Iran’s outages shift activity worldwide. They highlight dispersed operators, TTPs to watch, and immediate defensive priorities.

Evan Gordenker, Director-level investigator of DPRK operations and AI security, reveals how North Korea embeds fabricated identities and accomplice networks into legitimate hiring pipelines. He discusses deepfakes, interview stand-ins, and AI-assisted deception. He also covers how roles are chosen, facilitator infrastructures, detection gaps in HR and security, and the shift from wage theft to extortion.

Steve Elovitz, incident response leader for Unit 42 with 15+ years at Mandiant, PwC, and Booz Allen, breaks down what 750+ breaches reveal. He discusses shrinking detection windows and autonomous containment. Identity as the top attack surface and overprivileged SaaS integrations get focus. High-ROI defensive priorities like segmentation, identity hardening, and visibility are highlighted.

Birat Niraula, a security leader who protects enterprise, network, on-prem, and cloud systems. He digs into how poor security UX creates backdoors. He contrasts protective friction like MFA with harmful friction that drives workarounds. He warns of AI repeating cloud security mistakes and urges embedding seamless security in design to keep velocity without adding risk.

What separates organizations that truly excel at cybersecurity from those that just spend money on it? In this episode of Threat Vector, host David Moulton sits down with Isaias Telhado, Senior Cybersecurity Customer Success Engineer at Palo Alto Networks, to explore what cybersecurity success actually looks like. With over 25 years in IT and security leadership across Nestlé, Zscaler, and now Palo Alto Networks, Isaiah has seen firsthand what transforms organizations from vulnerable and reactive to confident and resilient. You'll learn: - Why the "castle and moat" security model creates massive blind spots that leave you vulnerable from the inside - The museum analogy that finally makes Zero Trust architecture click - How AI is shifting security teams from reactive firefighting to strategic threat forecasting - What "crypto agility" means and why quantum readiness matters today, not tomorrow - The cultural shifts that separate mature security programs from expensive tool collections Isaias shares a powerful case study of a major financial institution that transformed from a devastating data breach caused by misconfiguration to a proactive, cloud-native security posture. The outcome? Incidents dropped dramatically, and the security team's confidence soared—proving security can be a business driver, not a blocker. Beyond technology, Isaiah reveals why collaboration across IT, legal, operations, and business leadership is essential—and why the best security awareness programs are bidirectional, not just pushing policies onto users. With insights on breaking down silos, measuring what matters, and avoiding common pitfalls that slow security maturity even in well-funded organizations, this conversation delivers practical wisdom for security leaders at any stage of their journey. This episode is essential listening if you're: implementing Zero Trust architecture, managing cloud migration while maintaining security, breaking down organizational silos between security and business units, struggling to prove ROI on security investments, or preparing your organization for AI-powered threats and quantum computing risks. Related Episodes: - Why Security Platformization Is the Future of Cyber Resilience - Securing the Modern Workforce - Unlocking Cybersecurity ROI with Platformization #ZeroTrust #CloudSecurity About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.

Can you trust your AI systems with your business, or are they just another attack surface waiting to be exploited? Aaron Isaksen leads AI Research and Engineering at Palo Alto Networks, where he advances state-of-the-art AI in cybersecurity. In this episode of Threat Vector, host ⁠David Moulton⁠ sits down with ⁠Dr. Aaron Isaksen⁠ to explore why engineering excellence must precede ethical AI debates, how adversarial AI is reshaping cybersecurity, and what it actually takes to build AI systems resilient enough to operate in hostile environments. You'll learn: Why well-engineered AI must be the prerequisite before discussing AI ethics How prompt injection attacks are becoming the "SQL injection of the AI era," and why they may never be fully solved What defending the Black Hat USA NOC with AI-powered security taught about real-world AI resilience How machine learning transforms attack surface management from manual inventory chaos to automated risk reduction Why game development experience creates better cybersecurity AI researchers (and what curiosity has to do with it) Before Palo Alto Networks, Aaron spent 15+ years building products across wildly different domains. From co-founding mobile gaming companies and funding independent game developers through Indie Fund, to leading ML engineering at ASAPP where his teams prototyped state-of-the-art neural networks for NLP. With a PhD from NYU (automated software design), a Master's from MIT (light field rendering), and a BS from UC Berkeley, Aaron brings a unique perspective: AI security isn't about philosophical debates. It's about rigorous engineering, continuous red teaming, and building systems that can withstand determined adversaries. This episode is essential listening if you're: deploying AI in production systems, building security programs around generative AI tools, leading attack surface management initiatives, trying to separate AI security theater from actual resilience, or wondering whether your AI agents can operate safely on the open web. #AI Related Episodes: Identity: The Kill Switch for AI Agents Securing AI in the Enterprise Inside AI Runtime Defense About Threat Vector Threat Vector by Palo Alto Networks is your premier podcast for security thought leadership. Join us as we explore pressing cybersecurity threats, robust protection strategies, and the latest industry trends. The podcast features in-depth discussions with industry leaders, Palo Alto Networks experts, and customers, providing crucial insights for security decision-makers. Whether you're looking to stay ahead of the curve with innovative solutions or understand the evolving cybersecurity landscape, Threat Vector equips you with the knowledge needed to safeguard your organization. Palo Alto Networks Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile.⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠http://paloaltonetworks.com.