Emerging Threats in 2026: Inside Proofpoint’s Detection Playbook
Thu Jan 29 2026
Send us fan mail!
Hello to all our Cyber Pals! Host Selena Larson and co-host, Tim Kromphardt, chat with Rich Gonzalez, Director of Emerging Threats at Proofpoint, to kick off 2026 with a behind-the-scenes look at how emerging threats are detected, tracked, and turned into real-world protections for defenders.
They explore what it really takes to keep pace with an always-on threat landscape, from rapid response to newly released proof-of-concepts, to why certain vulnerabilities like Log4j continue to dominate attacker activity years later. The conversation also digs into alert fatigue, the realities of SOC burnout, and where automation and AI can genuinely help versus where trust, accuracy, and human judgment still matter most.
In this episode, they cover:
How Proofpoint’s Emerging Threats team monitors global attacker behavior and delivers fast, high-confidence detectionsWhat happens behind the scenes when a proof-of-concept drops (especially during holidays)Why some CVEs remain “evergreen” targets and never truly go awayThe balance between speed and accuracy in rule writing without overwhelming SOC teamsWhere AI and machine learning are being used today to reduce tedious work and improve triageThe risks of over-automation, hallucinations, and untrusted intelligence in security workflowsWhat’s coming in 2026, including more frequent rule releases and more detection coverage
This episode offers a candid, practitioner-driven view of modern threat detection—highlighting why adaptability, transparency, and human expertise remain essential as defenders head into 2026.
More
Send us fan mail! Hello to all our Cyber Pals! Host Selena Larson and co-host, Tim Kromphardt, chat with Rich Gonzalez, Director of Emerging Threats at Proofpoint, to kick off 2026 with a behind-the-scenes look at how emerging threats are detected, tracked, and turned into real-world protections for defenders. They explore what it really takes to keep pace with an always-on threat landscape, from rapid response to newly released proof-of-concepts, to why certain vulnerabilities like Log4j continue to dominate attacker activity years later. The conversation also digs into alert fatigue, the realities of SOC burnout, and where automation and AI can genuinely help versus where trust, accuracy, and human judgment still matter most. In this episode, they cover: How Proofpoint’s Emerging Threats team monitors global attacker behavior and delivers fast, high-confidence detectionsWhat happens behind the scenes when a proof-of-concept drops (especially during holidays)Why some CVEs remain “evergreen” targets and never truly go awayThe balance between speed and accuracy in rule writing without overwhelming SOC teamsWhere AI and machine learning are being used today to reduce tedious work and improve triageThe risks of over-automation, hallucinations, and untrusted intelligence in security workflowsWhat’s coming in 2026, including more frequent rule releases and more detection coverage This episode offers a candid, practitioner-driven view of modern threat detection—highlighting why adaptability, transparency, and human expertise remain essential as defenders head into 2026.