TLP - The Digital Forensics Podcast
Episodes
Episode 24: Voice AI Under Attack: Hackers Exploit AI Call Agents | Traffic Light Protocol Podcast
16 Sep 2025
Contributed by Lukas
Send a textVoice AI is moving fast — but so are the attackers.In this episode of the Traffic Light Protocol Podcast, Clint and Myles break down how ...
Episode 23:AI Voice Agent Security: Voice AI Under Siege: SIP Spoofing, Cost Drain, and How to Fight Back
05 Sep 2025
Contributed by Lukas
Send a textIn this episode of Traffic Light Protocol, we kick off our AI series with a hard look at how voice AI agents are being targeted; and how fa...
Episode 22:AI Chat Forensics: How to Find, Investigate, and Analyse Evidence from ChatGPT, Claude & Gemini
22 Jun 2025
Contributed by Lukas
Send a textUnlock the secrets behind digital forensic investigations into AI chat platforms like ChatGPT, Claude, and Google's Gemini in this ins...
Episode 21: How IRCO is Changing DFIR: The AI Copilot for Real-Time Cyber Investigations
10 Jun 2025
Contributed by Lukas
Send a textLink to IRCO- Incident Response Copilot on Chat GPThttps://chatgpt.com/g/g-68033ce1b26481919b26df0737241bac-irco-incident-response-co-pil...
Episode 20:What Makes an Elite Incident Response Team: Mindset, Mastery, and Real-World DFIR Lessons
04 Jun 2025
Contributed by Lukas
Send a textDrawing inspiration from observing military special forces and over five years of hands-on DFIR experience, Clint explores the mindset, hab...
Episode 19: AI Data Poisoning: How Bad Actors Corrupt Machine Learning Systems for Under $60
26 May 2025
Contributed by Lukas
Send a textClint Marsden breaks down a critical cybersecurity report from intelligence agencies including the CSA, NSA, and FBI about the growing thre...
Audiobook - Mastering Sysmon. Deploying, Configuring, and Tuning in 10 easy steps
28 Feb 2025
Contributed by Lukas
Send a textThis episode features the complete narration of my ebook: Mastering Sysmon – Deploying, Configuring, and Tuning in 10 Easy Steps, providi...
Episode 17 - Building a CTF
27 Feb 2025
Contributed by Lukas
Send a textSo You Want to Build Your Own DFIR CTF? Ever wanted to build your own Digital Forensics and Incident Response (DFIR) Capture the Flag (CTF...
Episode 16 - Mastering the Basics: Key Strategies for Cyber Investigations
27 Feb 2025
Contributed by Lukas
Send a textKicking off 2025, we're getting back to basics with something every cyber investigator needs to master—starting an investigation the...
Episode 15 -Windows event log analysis with Hayabusa. The Sigma-based log analysis tool
15 Oct 2024
Contributed by Lukas
Send a textKey Takeaways:Introduction to Hayabusa: Hayabusa is an open-source Windows Event Log Analysis Tool used for processing EVTX logs to detect ...
Episode 14 - AI and the future of log analysis, bug detection, forensics and AI ethical considerations with Jonathan Thompson
22 Sep 2024
Contributed by Lukas
Send a textIn this episode of Traffic Light Protocol, Clint Marsden is joined by Jonathan Thompson, a developer and AI enthusiast currently studying a...
Episode 13-ELK EDR and Sandboxing, Home grown CTF environments, DFIR Automation & Forensics in the cloud, with Jacob Wilson
20 Aug 2024
Contributed by Lukas
Send a textEpisode 13 is another giant episode with a focus on what its like be in the mud working on real life forensic investigations. Jacob and Cli...
Episode 12 - You're forced to decide: Cyber Generalist or Cyber Specialist?
13 Aug 2024
Contributed by Lukas
Send a textQuotes:“In the fast-paced world of DFIR, you are a mission critical system. Your job isn’t just to uncover what happened during an inci...
Episode 11 - Velociraptor, Containerisation and Infrastructure Deployed as Code with Myles Agnew
29 Jul 2024
Contributed by Lukas
Send a textIn this episode of Traffic Light Protocol, we sit down with Myles, a cybersecurity veteran with over 15 years of Cyber experience and backg...
Episode 10 - Detecting and Preventing Phishing Attacks
17 Jul 2024
Contributed by Lukas
Send a textQuotes:"Phishing targets the human element, the 'wetware,' often the weakest link in any security chain." - Clint Marsd...
Episode 9 -Unmasking APT40 (Leviathan): Tactics, Challenges, and Defense Strategies
12 Jul 2024
Contributed by Lukas
Send a textEpisode Title: "Unmasking APT40: Tactics, Challenges, and Defense Strategies"Key Takeaways:APT40 is a sophisticated Chinese state...
Episode 8 - Hidden digital forensic logging for Cybersecurity on Any Budget: Practical Strategies for Enhanced Detection and Prevention Using Sysmon, Blocking Data Exfil with group policy and printer forensics
07 Jul 2024
Contributed by Lukas
Send a textIn this episode, Clint Marsden goes straight into 4 practical strategies that enable better forensics and stop data exfiltration, no matter...
Episode 7 - Defending Against Scattered Spider: Understanding Their Tactics, Techniques, and Procedures
25 Jun 2024
Contributed by Lukas
Send a textIn todays episode of TLP - Traffic Light Protocol, Clint Marsden talks about Defending Against Scattered Spider: Understanding Their Tactic...
Episode 6 - Responding to ransomware - is your VPN a target? Plus ransomware risk mitigation with Phil Ngo
20 Jun 2024
Contributed by Lukas
Send a text In this episode, we speak with Phil Ngo, a Primary Investigator in Accenture's global cyber response team. As a primary investigato...
Episode 5 - NIST SP 800-61 Computer Security Incident Handling Guide (Post-Incident Activity)
12 Jun 2024
Contributed by Lukas
Send a textThis is the biggest episode from a content perspective so far. I'm excited to share it with you.Episode Highlights:How to run post-inc...
Episode 4 - NIST SP 800-61 Computer Security Incident Handling Guide (Containment,Eradication and Recovery)
07 Jun 2024
Contributed by Lukas
Send a text Show Notes: Episode on Containment, Eradication, and RecoveryIn this episode of Traffic Light Protocol, Clint Marsden explores the cont...
Episode 3 - (Part 2) NIST SP 800-61 Computer Security Incident Handling Guide (Detection)
31 May 2024
Contributed by Lukas
Send a textIn this conclusion of the Detection phase, Clint wraps up Incident Prioritisation. This includes Functional impacts of the incident, inform...
Episode 3 - NIST SP 800-61 Computer Security Incident Handling Guide (Detection)
28 May 2024
Contributed by Lukas
Send a textIn this 45 minute episode Clint covers a lot of ground based on the Detection phase of NIST 800-61.Attack vectors for digital security inci...
Episode 2 - NIST SP 800-61 Computer Security Incident Handling Guide (Preparation)
17 May 2024
Contributed by Lukas
Send a textIn this Episode Clint Marsden talks about the first phase of Computer Security Incident Handling according to NIST. Listen to real world ex...
Episode 1 - Digital forensics trends and preparations, learning from real life case studies & DFIR training for getting started
16 May 2024
Contributed by Lukas
Send a textIn this first episode we kick off with Clint Marsden, the host of Traffic Light Protocol (TLP) where he talks about what its like to work i...