Nation-state actors aren’t trying to beat your EDR anymore. They’re just avoiding it.
Steve Elovitz from Unit 42 explains how advanced attackers are living on network devices, switches, and firewalls where endpoint detection doesn’t exist. They’re operating at the network layer on bare metal and hypervisors, staying completely invisible to traditional security tools.
This is one of the stealth tactics from the 2026 Unit 42 Global Incident Response Report, based on 750+ breach investigations.
If your security strategy assumes attackers will trigger your endpoint tools, you’re missing an entire class of threats that never touch endpoints at all.
From the full episode: Inside 750 Breaches with Unit 42
Listen to the full conversation: https://www.paloaltonetworks.com/podcasts/threat-vector
Read the 2026 Unit 42 Global Incident Response Report: https://www.paloaltonetworks.com/resources/research/unit-42-incident-response-report
#Cybersecurity #NationState #ThreatIntel
