Podcasts about patch management

Mythos found a 23-year-old vulnerability in FreeBSD that no human team had caught. Your 30-day patch cycle assumes years before it gets weaponized. Today that window is one day. Next year it will be one hour.Lieuwe Jan Koning, Co-founder & CTO at ON2IT, sits down with Rob Maas, Field CTO at ON2IT, to break down what Anthropic's Mythos actually found, why the public release (Fable) still frustrates security professionals, and whether the FABLE framework gives defenders a realistic path forward.Rob's verdict: there is truth in what Anthropic claims. It is not as catastrophic as the marketing suggests. But if your fundamentals are not in place, the time to fix that is now.00:00:00 Introduction00:00:46 What is Mythos? From Project Glasswing to Fable00:03:13 What Mythos actually found: FreeBSD, Palo Alto, real patches00:05:57 The zero-day clock: from years to one hour00:09:00 The FABLE framework and the CSA "Mythos Ready" paper00:15:24 Authentication, segmentation, and egress filtering00:20:51 Myth or reality: Rob's verdictSubscribe to Threat Talks and turn on notifications for deep dives into the world's most active cyber threats and hands-on exploitation techniques.

CISA's BOD 26-04 replaces severity-based patching with an exploit-evidence model and remediation clocks as short as three days, fleet-wide, no exceptions. Peter Pflaster and Jason Kikta unpack the four urgency signals, the 16-row decision tree, and the shift from "justify the patch" to "justify why you can't." They also cover what it means for contractors, cyber insurance, and the future of Patch Tuesday. If you own patching or vulnerability management, start here.

In episode one of our 2026 CDW Canadian Cybersecurity Study series, Ivo Wiens and Ben Boi‑Doku explore how cybersecurity has become a board‑level priority and why increased funding now comes with higher expectations. As budgets grow, leaders are demanding measurable proof of risk reduction, not just security activity. This episode breaks down practical ways to quantify cyber risk, from KRIs and vulnerability management to financial risk frameworks, helping security teams connect technical efforts to real business outcomes. To learn more, visit cdw.ca Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this episode of Autonomous IT, Live!, we break down the widening gap between exploitation speed and remediation reality. Disclosed vulnerabilities keep climbing, exploitation windows keep shrinking, and IT and security teams are expected to absorb more risk without more resources. The traditional playbook — manual patching, fragmented workflows, scheduled cycles — was built for a slower world that no longer exists.What you'll learn:Why threat actors consistently outpace defender response timesWhere manual patching and fragmented processes break down, even for mature teamsHow rising vulnerability volume and shrinking exploitation timelines are reshaping riskWhy working harder isn't the answer — and what actually needs to changeWho should listen: IT and security leaders responsible for vulnerability management, infrastructure teams running distributed or SaaS-heavy environments, and anyone focused on shrinking exposure windows and accelerating response.The gap between attacker speed and defender capability isn't closing on its own. This conversation is about what it takes to close it.This live show originally aired April 22, 2026. 

When Anthropic announced Project Glasswing, the headline was the capability: an AI model that found a 27-year-old flaw in OpenBSD and a 17-year-old remote code execution vulnerability in FreeBSD — fully autonomously, no human in the loop after the initial prompt. But the story underneath the capability is a structural one about who gets early intelligence, who sets the disclosure timeline, and what happens to every organization that wasn't in the room. In this edition of Lens Four, Sean Martin examines Project Glasswing through three lenses: the intelligence asymmetry it creates for security programs, what it reveals about the broken assumptions underneath CVE, CVSS, and NIST, and why the equity framing in Glasswing's messaging doesn't survive contact with the data.

When Anthropic announced Project Glasswing, the headline was the capability: an AI model that found a 27-year-old flaw in OpenBSD and a 17-year-old remote code execution vulnerability in FreeBSD — fully autonomously, no human in the loop after the initial prompt. But the story underneath the capability is a structural one about who gets early intelligence, who sets the disclosure timeline, and what happens to every organization that wasn't in the room. In this edition of Lens Four, Sean Martin examines Project Glasswing through three lenses: the intelligence asymmetry it creates for security programs, what it reveals about the broken assumptions underneath CVE, CVSS, and NIST, and why the equity framing in Glasswing's messaging doesn't survive contact with the data.

What if your IT team could troubleshoot and remediate endpoint issues without ever leaving their service desk? In this episode, Steph Rizzuto and Katherine Chipdey break down the new Automox + Zendesk integration. They cover what it does, why it matters, and how it's designed to cut meantime to remediation for IT teams. The integration surfaces real-time endpoint data directly inside Zendesk tickets. It also gives admins one-click actions like device restarts, patch deployment, and policy execution. Beyond reactive fixes, it flags automation gaps so fewer tickets get created in the first place. Plus, hear how the Splashtop remote desktop integration ties it all together when hands-on troubleshooting is needed. Whether you're running a lean IT team or managing thousands of endpoints, this one's worth a listen.

A single data breach now costs a business an average of $1.4 million, according to the annual IBM report. For a small or medium-sized business (SMB), this hit is often terminal—most companies that suffer a major breach struggle to stay in business longer than six months.In this episode, Matt "Heff" Heffelfinger, Director of SOC Operations at SecurityMetrics, joins us to discuss why many business owners are operating under a false sense of security. We dive into the "Insurance Trap," where carriers deny claims because basic security activities weren't performed, and outline the four critical areas where every small IT team should focus their limited resources.We're moving past the technical jargon of Security Operations Centers (SOC) to give you a practical, budget-friendly roadmap for cyber hygiene that actually protects your bottom line.Key Takeaways:The Insurance Reality Check: Why having a policy isn't enough if you aren't doing the "basics".The 4 Pillars of SMB Focus: Matt breaks down the essential tasks for a team of one: Access Control, Network Scanning, Patch Management, and Basic Cyber Hygiene.Automating Your Defense: How to make one IT person feel like an entire "battalion" using inexpensive automation tools.The 10% Rule: Why allocating 10% of your IT budget to cybersecurity is the tipping point for graduating from "check-the-box" compliance to real security.Anatomy of a SOC: What happens when threat hunters find an "Event of Interest," such as unauthorized traffic heading to Russia at 3:00 AM.The AI Threat: How bad guys are upscaling and automating their attacks, making SMBs easier targets than ever before.About Our Guest:Matt Hessel is a Utah-based cybersecurity professional and the Director of SOC Operations at SecurityMetrics. With a career spanning over 20 years—starting at the helpdesk at TJ Maxx and Marshalls during their historic 2006 breach—Matt brings a unique "boots on the ground" perspective to protecting small businesses.Resources Mentioned:SecurityMetrics SOC Services: https://www.securitymetrics.com/pulseIBM Cost of a Data Breach Report 2025: https://www.ibm.com/think/insights/data-matters/cost-of-a-data-breachSecurityMetrics Certifications:PCI QSA | ASV | PFI | HITRUST | Forensic InvestigatorA note from Jen: We built Practical Cybersecurity because we were tired of the fear-mongering in this industry. Security shouldn't be a secret club.If you're trying to figure out PCI compliance or need a pen test, my team at SecurityMetrics can help you out: https://www.securitymetrics.com/contact/lets-get-you-to-the-right-place But if you just want to learn how to protect yourself for free, start here:  https://academy.securitymetrics.com/ 

In this episode of Automox Insiders, host Maddie Regis chats with Adam Whitman, Manager of Solutions Engineering at Automox, about all things IT spring cleaning. From patch management and software audits to business continuity planning and endpoint hygiene, Adam shares practical, real-world tips for tidying up your tech stack and staying ahead of IT clutter. Along the way, he reflects on his career journey from marketing to IT leadership and reveals some personal spring cleaning confessions. Tune in for expert advice and a fresh perspective to help you refresh your IT environment this season.This podcast originally aired April 24, 2025

Show Notes For ten years, Ed Skoudis has curated one of the most anticipated sessions at RSAC Conference: SANS' "Five Most Dangerous New Attack Techniques: Crucial Tips for Defenders." The session has always been a hit -- standing room only on the main stage -- but this year, Ed says something has changed. Not one or two topics with an AI component. All five. Ed is deliberate about how the session comes together. He starts with people, not topics. He builds the panel around SANS instructors who bring front-line insight, and he starts the process six months out. This year's panel features returning panelist Heather Mahalik, Rob Teeley back for his second year, Joshua Wright in his second year -- this time carrying two topics and eight minutes instead of six -- and, making his first appearance on this stage, Robert M. Lee of Dragos, one of the world's foremost voices on ICS and OT security. The addition of "Crucial Tips for Defenders" to the title this year was intentional. Ed pushed every panelist to move beyond naming threats and toward prescribing action -- practical, implementable steps that a CISO can hand down and a practitioner can execute the next morning. For topics where prevention is impossible, the mandate shifted to detection and response. SANS publishes session notes to their website within minutes of the talk ending. The backdrop this year is a warning Ed calls unlike anything in his 30 years of attending RSA and DEF CON. At a recent AI cybersecurity conference in San Francisco, presenters from Google and Anthropic outlined what Google termed the "vuln apocalypse" -- an imminent surge in AI-discovered zero-day vulnerabilities at a scale and pace that patching pipelines are not designed to handle. Ed's own team at Counter Hack has already experienced this firsthand: a frontier AI model identified a critical zero-day in a widely used open source project in a matter of hours. The Anthropic presenter's claim was blunt: within months, AI will surpass all human vulnerability researchers combined. All of this lands at the center of what the RSAC session is designed to address -- not as a theoretical exercise, but as a set of actions defenders can take right now. The session runs Tuesday, March 24th at 3:55 PM on the main stage, with an interactive follow-on session Wednesday morning where attendees can go deeper with individual panelists. For anyone who wants to understand where the threat landscape is actually heading and what to do about it, Ed says this is the year you cannot afford to miss it. Guest Ed Skoudis, President, SANS Technology Institute; Founder & CEO, Counter Hack | On LinkedIn: https://www.linkedin.com/in/edskoudis Host Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/ Resources SANS Institute | https://www.sans.org RSA Conference 2026 is taking place April 28 - May 1, 2026 | Moscone Center, San Francisco -- Follow our coverage: https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/ More Redefining CyberSecurity Podcast episodes | https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq Keywords ed skoudis, sean martin, sans institute, sans technology institute, counter hack, rsac 2026, rsa conference, five most dangerous attack techniques, ai in cybersecurity, vulnerability research, zero-day vulnerabilities, patch management, penetration testing, defender tips, ics security, ai-powered attacks, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Podcast: OT Security Made SimpleEpisode: The Hard Reality of Patch Management in OT Networks | OT Security Made SimplePub date: 2026-03-17Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationJoin Klaus Mochalski and Westermo's CISO Niklas Mörth to explore why OT patch management differs from IT. Discover the challenges of safety, the importance of system baselines, and alternative mitigations like zero trust to keep your critical infrastructure secure.You can find more information on OT Security Made Simple at rhebo.com or send us your ideas, questions, or guest suggestions at podcast@rhebo.com. The podcast and artwork embedded on this page are from Klaus Mochalski, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Show Notes For ten years, Ed Skoudis has curated one of the most anticipated sessions at RSA Conference: SANS' "Five Most Dangerous New Attack Techniques: Crucial Tips for Defenders." The session has always been a hit -- standing room only on the main stage -- but this year, Ed says something has changed. Not one or two topics with an AI component. All five. Ed is deliberate about how the session comes together. He starts with people, not topics. He builds the panel around SANS instructors who bring front-line insight, and he starts the process six months out. This year's panel features returning panelist Heather Mahalik, Rob Teeley back for his second year, Joshua Wright in his second year -- this time carrying two topics and eight minutes instead of six -- and, making his first appearance on this stage, Robert M. Lee of Dragos, one of the world's foremost voices on ICS and OT security. The addition of "Crucial Tips for Defenders" to the title this year was intentional. Ed pushed every panelist to move beyond naming threats and toward prescribing action -- practical, implementable steps that a CISO can hand down and a practitioner can execute the next morning. For topics where prevention is impossible, the mandate shifted to detection and response. SANS publishes session notes to their website within minutes of the talk ending. The backdrop this year is a warning Ed calls unlike anything in his 30 years of attending RSA and DEF CON. At a recent AI cybersecurity conference in San Francisco, presenters from Google and Anthropic outlined what Google termed the "vuln apocalypse" -- an imminent surge in AI-discovered zero-day vulnerabilities at a scale and pace that patching pipelines are not designed to handle. Ed's own team at Counter Hack has already experienced this firsthand: a frontier AI model identified a critical zero-day in a widely used open source project in a matter of hours. The Anthropic presenter's claim was blunt: within months, AI will surpass all human vulnerability researchers combined. All of this lands at the center of what the RSAC session is designed to address -- not as a theoretical exercise, but as a set of actions defenders can take right now. The session runs Tuesday, March 24th at 3:55 PM on the main stage, with an interactive follow-on session Wednesday morning where attendees can go deeper with individual panelists. For anyone who wants to understand where the threat landscape is actually heading and what to do about it, Ed says this is the year you cannot afford to miss it. Guest Ed Skoudis, President, SANS Technology Institute; Founder & CEO, Counter Hack | On LinkedIn: https://www.linkedin.com/in/edskoudis Host Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/ Resources SANS Institute | https://www.sans.org RSA Conference 2026 is taking place April 28 - May 1, 2026 | Moscone Center, San Francisco -- Follow our coverage: https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/ More Redefining CyberSecurity Podcast episodes | https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq Keywords ed skoudis, sean martin, sans institute, sans technology institute, counter hack, rsac 2026, rsa conference, five most dangerous attack techniques, ai in cybersecurity, vulnerability research, zero-day vulnerabilities, patch management, penetration testing, defender tips, ics security, ai-powered attacks, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

A routine support ticket reveals a deeper truth about patch management. Your patching tool says "done," but your vulnerability scanner disagrees – so who's right? In this episode, Automox SVP of Customer Experience Charles Coaxum walks through a real customer case. Dozens of machines showed as patched in the dashboard but were flagged as vulnerable by the scanner. The culprit wasn't a bug or misconfiguration. It was the often-overlooked gap between patch execution and patch completion. Learn why pending reboots create silent compliance gaps. Discover how to identify endpoints stuck in limbo. And see how automation turns hours of manual investigation into a minutes-long fix.

Join Klaus Mochalski and Westermo's CISO Niklas Mörth to explore why OT patch management differs from IT. Discover the challenges of safety, the importance of system baselines, and alternative mitigations like zero trust to keep your critical infrastructure secure.You can find more information on OT Security Made Simple at rhebo.com or send us your ideas, questions, or guest suggestions at podcast@rhebo.com.

The all-knowing IT pro is a myth. In this episode, Automox Senior Solutions Consultant Jeremy Maldonado breaks down why curiosity and asking for help are the real foundations of a successful IT career. He shares how he went from feeling nervous about asking questions to becoming a trusted resource for IT teams across industries, including hospitals, local governments, and school districts.Jeremy also pulls back the curtain on what he does day to day on the Automox Professional Services team: reviewing IT admins' environments, evaluating patching schedules, and working collaboratively to fine-tune configurations. Rather than coming in as the all-knowing expert, he explains why the best results come from treating every engagement as a shared experience, where both sides learn from each other.Whether you're early in your IT career or a seasoned admin, this episode is a reminder that growth starts with a question.Topics covered:- Why the all-knowing IT pro doesn't exist- How curiosity drives career growth in IT- What an Automox environment review looks like- Tailoring patching best practices to different industries- Finding room for improvement even when things work

NIST is falling behind on vulnerability scoring — and the gap is growing. In this episode, Peter and Steph break down what that means for IT and security teams relying on CVE data to prioritize patching, and how Automox is solving it.We cover:Why NIST's National Vulnerability Database has a growing backlog and what's causing itHow incomplete vulnerability data creates blind spots in your patch management programAutomox's new partnership with VulnCheck to deliver real-time vulnerability intelligenceWhat KEV (Known Exploitable Vulnerabilities) data is and why your leadership team cares about itExpanding from fewer than 10 third-party apps to 70% coverage across 500+ supported applicationsThe rollout plan from third-party apps to macOS, Windows, and LinuxWhether you're running a mature vulnerability management program or just getting started, this episode lays out how the vulnerability data landscape is shifting and what you can do to stay ahead of real-world threats.

The CISA Known Exploited Vulnerabilities (KEV) catalog is one of the most referenced resources in vulnerability management, but how well do security teams actually understand what it tells them? In this Brand Highlight, Tod Beardsley, Vice President of Security Research at runZero and former CISA section chief who helped manage the KEV on a daily basis, breaks down what the catalog is designed to do and, just as importantly, what it is not.What is the KEV catalog and who is it really for? The KEV is mandated by Binding Operational Directive 22-01 (BOD 22-01), which tasks CISA with identifying vulnerabilities that are known to be exploited and have an available fix. Its primary audience is federal civilian executive branch agencies, but because the catalog is public, organizations everywhere use it as a prioritization signal. Beardsley notes that inclusion on the KEV requires a CVE ID, evidence of active exploitation, a patch or mitigation, and relevance to federal interests, meaning zero-day vulnerabilities and end-of-life systems without CVEs never appear.How should organizations think about KEV entries that are not equally dangerous? Beardsley explains that only about a third of KEV-listed vulnerabilities represent straight-shot remote code execution with no user interaction and no authentication required. The rest span a wide spectrum of severity. EPSS data reveals an inverse bell curve: many KEV entries have extremely low probabilities of exploitation in the next 30 days, while others cluster at the high end with commodity exploits widely available. This means treating every KEV entry as equally critical leads to wasted effort and alert fatigue.That gap between the catalog and real-world decision-making is exactly what KEVology addresses. The research, produced by Beardsley at runZero, enriches KEV data with CVSS metrics, EPSS scores, exploit tooling indicators, and ATT&CK mappings to help security teams filter and prioritize vulnerabilities based on what actually matters to their environment. Rather than prescribing a single priority list, KEVology treats the KEV as data to be analyzed, not doctrine to be followed blindly.To make this analysis accessible and interactive, runZero built KEV Collider, a free, daily-updated web application at runzero.com/kev-collider. The tool lets defenders sort, filter, and layer multiple risk signals across the entire KEV catalog. Because every filter combination is encoded in URL parameters, teams can bookmark and share custom views with colleagues instantly. Beardsley describes KEV Collider as an evergreen companion to the research, updating automatically as new vulnerabilities are added to the catalog each week.This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlightGUESTTod Beardsley, Vice President of Security Research at runZeroOn LinkedIn: https://www.linkedin.com/in/todb/RESOURCESLearn more about runZero: https://www.runzero.comKEVology research report: https://www.runzero.com/resources/kevology/KEV Collider: https://www.runzero.com/kev-collider/Are you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlightKEYWORDSTod Beardsley, runZero, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, KEVology, KEV Collider, CISA KEV, vulnerability management, exploit scoring, EPSS, CVSS, vulnerability prioritization, exposure management, BOD 22-01, known exploited vulnerabilities, cybersecurity risk, patch management Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

The CISA Known Exploited Vulnerabilities (KEV) catalog is one of the most referenced resources in vulnerability management, but how well do security teams actually understand what it tells them? In this Brand Highlight, Tod Beardsley, Vice President of Security Research at runZero and former CISA section chief who helped manage the KEV on a daily basis, breaks down what the catalog is designed to do and, just as importantly, what it is not.What is the KEV catalog and who is it really for? The KEV is mandated by Binding Operational Directive 22-01 (BOD 22-01), which tasks CISA with identifying vulnerabilities that are known to be exploited and have an available fix. Its primary audience is federal civilian executive branch agencies, but because the catalog is public, organizations everywhere use it as a prioritization signal. Beardsley notes that inclusion on the KEV requires a CVE ID, evidence of active exploitation, a patch or mitigation, and relevance to federal interests, meaning zero-day vulnerabilities and end-of-life systems without CVEs never appear.How should organizations think about KEV entries that are not equally dangerous? Beardsley explains that only about a third of KEV-listed vulnerabilities represent straight-shot remote code execution with no user interaction and no authentication required. The rest span a wide spectrum of severity. EPSS data reveals an inverse bell curve: many KEV entries have extremely low probabilities of exploitation in the next 30 days, while others cluster at the high end with commodity exploits widely available. This means treating every KEV entry as equally critical leads to wasted effort and alert fatigue.That gap between the catalog and real-world decision-making is exactly what KEVology addresses. The research, produced by Beardsley at runZero, enriches KEV data with CVSS metrics, EPSS scores, exploit tooling indicators, and ATT&CK mappings to help security teams filter and prioritize vulnerabilities based on what actually matters to their environment. Rather than prescribing a single priority list, KEVology treats the KEV as data to be analyzed, not doctrine to be followed blindly.To make this analysis accessible and interactive, runZero built KEV Collider, a free, daily-updated web application at runzero.com/kev-collider. The tool lets defenders sort, filter, and layer multiple risk signals across the entire KEV catalog. Because every filter combination is encoded in URL parameters, teams can bookmark and share custom views with colleagues instantly. Beardsley describes KEV Collider as an evergreen companion to the research, updating automatically as new vulnerabilities are added to the catalog each week.This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlightGUESTTod Beardsley, Vice President of Security Research at runZeroOn LinkedIn: https://www.linkedin.com/in/todb/RESOURCESLearn more about runZero: https://www.runzero.comKEVology research report: https://www.runzero.com/resources/kevology/KEV Collider: https://www.runzero.com/kev-collider/Are you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlightKEYWORDSTod Beardsley, runZero, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, KEVology, KEV Collider, CISA KEV, vulnerability management, exploit scoring, EPSS, CVSS, vulnerability prioritization, exposure management, BOD 22-01, known exploited vulnerabilities, cybersecurity risk, patch management Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this episode of Automate IT, Jeremy Maldonado dives into the world of data-driven endpoint management, breaking down what it means to go “beyond the spreadsheets.” He explores how visibility, intelligent reporting, asset intelligence, and risk scoring can transform how IT teams manage and secure their environments.Drawing from his own journey into the IT space, Jeremy unpacks practical strategies for improving compliance, prioritizing threats, and empowering IT teams to play offense, not just defense. Whether you're an IT pro or just endpoint-curious, this episode will give you fresh perspective on managing smarter, not harder.This episode originally aired May 1, 2025.

Rob Hughes — CISO at RSA and Champion of a Passwordless FutureNo Password Required Season 7:  Episode 1 - Rob HughesRob Hughes, the CISO at RSA, has more than 25 years of experience leading security and cloud infrastructure teams. In this episode, he reflects on his unconventional career path, from co-founding the original Geek.com and serving as its Chief Technologist during the early days of the internet, to leading security and systems design at Philips Home Monitoring.Jack Clabby of Carlton Fields, P.A. and Kayley Melton welcome Rob for a wide-ranging conversation on identity, leadership, and the realities of modern cybersecurity. Rob currently leads RSA's Security and Risk Office, overseeing cybersecurity, information security governance, and risk across both RSA's products and corporate environment.Rob explains his dream for a passwordless future. He unpacks why passwords remain one of the largest sources of cyber risk, how real-world incidents and password-spraying attacks have accelerated change, and why phishing-resistant technologies like passkeys may finally be reaching a tipping point.  The episode wraps with the Lifestyle Polygraph, where Rob lightens the conversation with stories about gaming with his kids, underrated horror films, and classic cars.Follow Rob on LinkedIn: https://www.linkedin.com/in/robert-hughes-816067a4/Chapters: 00:00 Introduction to No Password Required01:43 Meet Rob Hughes, CISO at RSA02:05 The Role of a CISO in a Security Company05:09 Transitioning to the CISO Role08:00 The Early Days of Geek.com12:14 Launching a Startup During the Dot Com Boom14:30 The Push for a Passwordless Future18:21 Tipping Point for Passwordless Adoption20:20 Ongoing Learning in Cybersecurity26:09 Managing Stress in High-Pressure Environments33:46 The Lifestyle Polygraph Begins34:15 Career Insights in Cybersecurity36:08 Dream Cars and Personal Preferences39:58 Underrated Horror Films41:19 Creating a Cybersecurity Monster

Automox announces its new partnership with Splashtop, bringing secure remote control directly into the Automox console. Host Peter Pflaster is joined by Italo Nava from Splashtop and Automox Product Manager Steph Rizzuto on launch day to break down the integration and what it means for IT teams.They discuss why remote access is still essential even when automation handles most of the work, the cost of switching between tools during urgent issues, and how Splashtop's 20 years of experience drives reliability and security. Steph also shares early access results, including average connection times under 10 seconds and a 95% success rate.

Happy New Year! In this episode, Automox cybersecurity experts Ryan Braunstein and Seth Hoyt break down the security vulnerabilities you need to know heading into 2026.First up: a ticking time bomb. Microsoft's 2011 Secure Boot certificates expire in June and October 2026, making this your top patching priority for the year. If your BIOS and OS aren't both updated, you're leaving the door wide open for rootkit attacks. Start auditing your hardware now. You have six months.Next up: a Windows Installer Elevation of Privilege Vulnerability that exploits a time-of-check to time-of-use (TOCTOU) race condition. Think of it like swapping wristbands after the bouncer checks you at the door.Finally, an actively exploited flaw in Desktop Window Manager that can leak sensitive information and even break out of sandboxes.Patch your systems. Patch your BIOS. See you next month.

 What if the biggest time-saving wins don't come from major projects—but from eliminating the small, repetitive tasks eating up your week?In this episode, Automox Solutions Consultant Jeremy Maldonado shares his New Year's resolution: reduce burnout by automating the manual work that drains IT teams. From device enrollment and patching policies to tracking down failures without babysitting your machines, Jeremy walks through practical ways to reclaim your time and mental energy.You'll learn:  - How to automate device setup the moment it comes online  - Best practice policy templates you can use out of the gate  - Scheduling patches around Patch Tuesday without touching your policies  - Using policy results reports and analytics to troubleshoot smarter  - Why "babysitting" patch day is a sign something needs to changeWhether you're new to Automox or looking to refine your workflow, this episode is a reminder: your time matters, and automation should give it back to you.

In this episode of Hands-On IT, host Landon Miles breaks down what MCP (Model Context Protocol) servers are, why they exist, and how they're transforming real-world IT automation.Before MCP, AI assistants struggled to interact with the tools, systems, and data IT teams rely on. With the rise of open-source MCP servers, models now have a standardized, permission-aware way to reach into infrastructure, pull context, and execute workflows safely.Landon also sits down with Henry Smith, who helped build the Automox MCP server prototype. Together, they explore:What MCP servers actually do and the problems they solveWhy the open-source model matters for IT teamsHow MCP provides a clean, consistent interface for tools and dataReal-world applications like report generation, patch policy creation, and audit log analysisHow Automox built its own MCP server using Fast MCPThe future of AI-driven IT operationsIf you're an IT admin, security engineer, or automation enthusiast, this episode provides a clear explanation and a practical look at MCP servers in action.Links: Automox MCP Blog: https://www.automox.com/blog/automox-mcpAutomox MCP Git Repo: https://github.com/AutomoxCommunity/automox-mcp

Dive into the creative world behind OTTOBOX: Patch or Perish, Automox's first-ever video game. In this episode of Automox Insiders, host Maddie Regis chats with Senior Brand Manager Jonah Phillips about transforming patch management into an interactive gaming experience. From retro music production to villain design inspired by real IT challenges, discover how Automox blends creativity, technology, and cybersecurity culture into one epic adventure.

In this episode of the Autonomous IT, host Landon Miles dives deep into the world of vulnerabilities, exploits, and the psychology behind cyberattacks. From the story of Log4j and its massive global impact to the difference between hackers and attackers, this episode explores how and why breaches happen—and what can be done to stop them.Joining Landon is Jason Kikta, Chief Technology Officer and Chief Information Security Officer at Automox, Marine Corps veteran, and former leader at U.S. Cyber Command. Together, they break down attacker motivations, how to recognize threat patterns, and why understanding your own network better than your adversaries is the key to effective defense.Key Takeaways:The five stages of a vulnerability: introduction, discovery, disclosure, exploitation, and patching.Why Log4j became one of the most devastating vulnerabilities in modern history.How to identify attacker types and motivations.The mindset and methodology of effective defense.Why “good IT starts with good security.”Whether you're a cybersecurity professional, IT leader, or just curious about how cyberattacks really work, this episode offers practical insights from the front lines of digital defense.

In this episode of Product Talk, host Peter Pflaster sits down with Automox Staff Security Engineer Henry Smith to discuss what it really means to be secure by default. Together, they explore how Automox builds security into the foundation of its products, from engineering practices to company culture.You'll learn how Automox's “no security tax” philosophy gives every customer access to enterprise-grade protection — without hidden costs or trade-offs. Henry also shares his journey from IT support to cybersecurity engineering, offering practical advice for anyone looking to grow a career in IT or security.Tune in to hear how Automox approaches product security, fosters trust between engineering and security teams, and collaborates with industry peers to keep customers safe.

Jeremy Maldonado breaks down cybersecurity fundamentals from a real-world IT operations perspective. From phishing and social engineering to patching best practices and zero trust, Jeremy shares practical insights to help you protect your organization — starting with your own behavior.He covers:Why the human factor is still your biggest vulnerabilityThe basics of zero trust in everyday communicationSocial engineering red flags to watch forHow to think strategically about patch prioritizationWhy most orgs still struggle with timely patchingTips for human-controlled automation using the Automox consoleWhether you're new to cybersecurity or want to tighten your patching strategy, this episode gives you a tactical refresh on where to focus your attention.

What is a CVE – and why does it matter to your patching process? Landon Miles breaks down CVEs, CVSS scores, and CNAs – covering how they work together, what to prioritize, and how to respond. Learn how to assess risk, spot active exploits, and streamline remediation with clear, actionable steps.

In this episode, Automox CISO Jason Kikta strips away the noise and focuses on the three core pillars of secure IT operations: asset inventory, patch management, and identity and access management (IAM).Jason shares firsthand stories from U.S. Cyber Command and explains why getting the basics right isn't optional — it's essential. Whether you're building a modern security program or tightening existing controls, this episode delivers clear guidance on where to focus and why.

In this episode of Product Talk, host Peter Pflaster sits down with JoLynn Dixon, Senior Director of Product Management at Automox, to discuss the future of autonomous endpoint management (AEM) and how Automox is shaping the path forward.JoLynn shares her background in product leadership, the vision behind AEM, and why prioritizing customer feedback is central to Automox's roadmap. You'll also hear how Automox is:Delivering automation that reduces mean time to patch to just 17 daysImproving the end-user experience with recent agent and tray updatesExpanding OS coverage with day zero macOS supportBuilding an ecosystem that integrates seamlessly with IT's existing toolsIf you're an IT professional looking to cut risk, save time, and modernize endpoint management, this episode gives you a front-row seat to how Automox is leading the charge.

In this episode, Jason Kikta discusses the critical relationship between IT and security, emphasizing that great security begins with a solid IT foundation. He explores the importance of establishing a baseline for normalcy, the role of user safety in preventing security breaches, and the need to understand insider threats. Jason concludes with discussing the 'big three' of cybersecurity, which are: Network Inventory: Knowing what's on your network is crucial. This involves having a comprehensive inventory of all devices and systems connected to the network.Configuration and Patching: Keeping systems configured correctly and up-to-date with patches is essential to prevent vulnerabilities that could be exploited by malicious actors.Identity and Authentication Protection: Ensuring robust identity and authentication measures are in place to protect against unauthorized access and maintain the integrity of user accounts.This episode originally aired October 10, 2024

⬥GUEST⬥Andy Ellis, Legendary CISO [https://howtociso.com] | On LinkedIn: https://www.linkedin.com/in/csoandy/⬥HOST⬥Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com⬥EPISODE NOTES⬥In this episode of Redefining CyberSecurity, host Sean Martin speaks with Andy Ellis, former CSO at Akamai and current independent advisor, about the shifting expectations of security leadership in today's SaaS-powered, AI-enabled business environment.Andy highlights that many organizations—especially mid-sized startups—struggle not because they lack resources, but because they don't know how to contextualize what security means to their business goals. Often, security professionals aren't equipped to communicate with executives or boards in a way that builds shared understanding. That's where advisors like Andy step in: not to provide a playbook, but to help translate and align.One of the core ideas discussed is the reframing of security as an enabler rather than a gatekeeper. With businesses built almost entirely on SaaS platforms and outsourced operations, IT and security should no longer be siloed. Andy encourages security teams to “own the stack”—not just protect it—by integrating IT management, vendor oversight, and security into a single discipline.The conversation also explores how AI and automation empower employees at every level to “vibe code” their own solutions, shifting innovation away from centralized control. This democratization of tech raises new opportunities—and risks—that security teams must support, not resist. Success comes from guiding, not gatekeeping.Andy shares practical ways CISOs can build influence, including a deceptively simple yet powerful technique: ask every stakeholder what security practice they hate the most and what critical practice is missing. These questions uncover quick wins that earn political capital—critical fuel for driving long-term transformation.From his “First 91 Days” guide for CISOs to his book 1% Leadership, Andy offers not just theory but actionable frameworks for influencing culture, improving retention, and measuring success in ways that matter.Whether you're a CISO, a founder, or an aspiring security leader, this episode will challenge how you think about the role security plays in business—and what it means to lead from the middle.⬥SPONSORS⬥LevelBlue: https://itspm.ag/attcybersecurity-3jdk3ThreatLocker: https://itspm.ag/threatlocker-r974⬥RESOURCES⬥Inspiring Post: https://www.linkedin.com/posts/csoandy_how-to-ciso-the-first-91-days-ugcPost-7330619155353632768-BXQT/Book: “How to CISO: The First 91-Day Guide” by Andy Ellis — https://howtociso.com/library/first-91-days-guide/Book: “1% Leadership: Master the Small Daily Habits that Build Exceptional Teams” — https://www.amazon.com/1-Leadership-Daily-Habits-Exceptional/dp/B0BSV7T2KZ⬥ADDITIONAL INFORMATION⬥✨ More Redefining CyberSecurity Podcast: 

In this episode, the hosts of Command Control Power discuss a range of IT management topics including the challenges of scheduling in summer, handling client updates with Electrona's Patch and Addigy's prebuilt apps, and the intricacies of using Microsoft Outlook. They explore the benefits and drawbacks of these different tools, including how to streamline updates and ensure clients' systems are running smoothly. The conversation also dives into hands-on experiences and technical steps for deploying effective IT solutions, backed by insights from their experiences and interactions with support teams. Additionally, new features like mobile application management in Intune are highlighted for their potential to enhance device security without full MDM enrollment. The episode wraps up with a discussion on the usefulness of different menu bar apps and support methods.   00:00 Introduction and Catching Up 00:11 Client Visits and Scheduling Challenges 01:42 SonicWall Upgrade Troubles 07:27 Beta Software Experiences 09:12 Patch and Software Updates 24:14 Understanding Prebuilt Apps and Configuration Profiles 24:59 Consolidating Management Platforms 25:46 Exploring New Products and Trials 26:31 Patch Management and Menu Bar Customization 29:33 Client Interaction and Support Strategies 38:33 Intune and Mobile Application Management 40:51 Outlook vs. Apple Mail 49:41 Wrapping Up and Patreon Support

⬥GUEST⬥Andy Ellis, Legendary CISO [https://howtociso.com] | On LinkedIn: https://www.linkedin.com/in/csoandy/⬥HOST⬥Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com⬥EPISODE NOTES⬥In this episode of Redefining CyberSecurity, host Sean Martin speaks with Andy Ellis, former CSO at Akamai and current independent advisor, about the shifting expectations of security leadership in today's SaaS-powered, AI-enabled business environment.Andy highlights that many organizations—especially mid-sized startups—struggle not because they lack resources, but because they don't know how to contextualize what security means to their business goals. Often, security professionals aren't equipped to communicate with executives or boards in a way that builds shared understanding. That's where advisors like Andy step in: not to provide a playbook, but to help translate and align.One of the core ideas discussed is the reframing of security as an enabler rather than a gatekeeper. With businesses built almost entirely on SaaS platforms and outsourced operations, IT and security should no longer be siloed. Andy encourages security teams to “own the stack”—not just protect it—by integrating IT management, vendor oversight, and security into a single discipline.The conversation also explores how AI and automation empower employees at every level to “vibe code” their own solutions, shifting innovation away from centralized control. This democratization of tech raises new opportunities—and risks—that security teams must support, not resist. Success comes from guiding, not gatekeeping.Andy shares practical ways CISOs can build influence, including a deceptively simple yet powerful technique: ask every stakeholder what security practice they hate the most and what critical practice is missing. These questions uncover quick wins that earn political capital—critical fuel for driving long-term transformation.From his “First 91 Days” guide for CISOs to his book 1% Leadership, Andy offers not just theory but actionable frameworks for influencing culture, improving retention, and measuring success in ways that matter.Whether you're a CISO, a founder, or an aspiring security leader, this episode will challenge how you think about the role security plays in business—and what it means to lead from the middle.⬥SPONSORS⬥LevelBlue: https://itspm.ag/attcybersecurity-3jdk3ThreatLocker: https://itspm.ag/threatlocker-r974⬥RESOURCES⬥Inspiring Post: https://www.linkedin.com/posts/csoandy_how-to-ciso-the-first-91-days-ugcPost-7330619155353632768-BXQT/Book: “How to CISO: The First 91-Day Guide” by Andy Ellis — https://howtociso.com/library/first-91-days-guide/Book: “1% Leadership: Master the Small Daily Habits that Build Exceptional Teams” — https://www.amazon.com/1-Leadership-Daily-Habits-Exceptional/dp/B0BSV7T2KZ⬥ADDITIONAL INFORMATION⬥✨ More Redefining CyberSecurity Podcast: 

Apple @ Work is exclusively brought to you by Mosyle, the only Apple Unified Platform. Mosyle is the only solution that integrates in a single professional-grade platform all the solutions necessary to seamlessly and automatically deploy, manage & protect Apple devices at work. Over 45,000 organizations trust Mosyle to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with Apple. In this episode of Apple @ Work, Arek Dreyer and Matt Day from Kandji join the show to discuss their new Vulnerability Response function. Listen and subscribe Apple Podcasts Overcast Spotify Pocket Casts Castro RSS Listen to Past Episodes

Join Automox cybersecurity experts Ryan Braunstein and Mat Lee for August 2025's Patch [FIX] Tuesday, covering a Hyper-V privilege escalation, an Azure Virtual Machines spoofing flaw, and four serious SQL Server vulnerabilities. Learn how attackers could chain virtualization and cloud exploits, why crafted VHDX files and spoofed certificates are dangerous, and the ongoing threat of SQL injection. Includes recommendations for hardening databases, improving certificate management, and reducing lateral movement risks in virtualized environments.

In this episode of Automox Insiders, Maddie Regis speaks with Ryan Jeziorski, a Solutions Engineer at Automox, about the importance of IT adaptability and resilience. Ryan shares his diverse career background, his current role at Automox, and insights on how organizations can maintain uninterrupted services while adapting to changes in technology. He emphasizes the significance of continuous learning and patch management as key strategies for IT professionals. The conversation concludes with a fun game about companies that have successfully adapted their business models over time.This episode originally aired January 9, 2025

In this episode of Heroes of IT, Ashley sit down with Milton Webster to explore how his team transformed their IT operations using Automox. From reducing endpoint risk scores in record time to implementing automated Windows 11 upgrades with Worklets, Milton shares real-world wins and challenges from the frontlines of IT. Learn how a culture of proactive patching helped his organization boost security and sleep easier at night. If you're navigating risk management, remote device updates, or end-user satisfaction, this conversation is packed with practical insight.

June's Patch [FIX] Tuesday unpacks a lighter-than-usual Windows patch cycle — but don't get too comfortable. Join Automox cybersecurity experts as they break down high-risk vulnerabilities across macOS and Windows, including:A chained SSH vulnerability (CVE-2025-26465 & CVE-2025-26466) that allows memory exhaustion and bypasses host key verificationA WebDAV remote code execution flaw (CVE-2025-33053) actively exploited in the wildMultiple macOS threats, from sandbox escapes to keychain access and privilege escalationThe team also shares patching strategies, mitigation tips, and password hygiene advice you'll want to follow.

Join us for a stroll down patch memory lane! Ivanti's Chris Goettl invites an old colleague to the show -- Eric Schultze, a former software development leader at Amazon, Microsoft, and Shavlik Technologies -- to look back on the early days of Patch Tuesday and how patch management has evolved over the decades since. Join the conversation online on LinkedIn (linkedin.com/company/Ivanti)

Now in its 18th year, the Verizon Business DBIR is one of the industry's longest standing and leading reports on the current cybersecurity landscape. This year's report analyzes more than 22,000 security incidents with victims spanning 139 countries, examining significant growth in third-party involvement in breaches, increases in ransomware and examines the average amounts paid and amount of time to patch vulnerabilities, among many other findings. Segment Resources: - https://www.verizon.com/about/news/2025-data-breach-investigations-report - https://www.verizon.com/business/resources/reports/dbir This segment is sponsored by Verizon Business! To read the full Verizon Business 2025 Data Breach Investigations Report, please visit https://securityweekly.com/verizonrsac. Over the past two decades, the browser has evolved from a simple web rendering engine to the primary gateway through which users interact with the internet, be it for work, leisure or transactions. In other words, browsers are becoming the new endpoint. Yet, despite the exponential growth of browser-native attacks, traditional security solutions continue to focus on endpoint and network, leaving a large gaping hole when it comes to browser security. SquareX has started the Year of Browser Bugs (YOBB), a yearlong initiative to draw attention to the lack of security research and rigor in what remains one of the most understudied attack vectors - the browser. Learn more about SquareX's Browser Detection and Response solution at https://securityweekly.com/squarexrsac Last Mile Reassembly Attacks: https://www.sqrx.com/lastmilereassemblyattacks Polymorphic Extensions technical blog: https://labs.sqrx.com/polymorphic-extensions-dd2310006e04 There is a growing overlap between endpoint and cloud environments, creating new security challenges. ThreatLocker has recently released innovative solutions designed to protect organizations operating in this space. These include Cloud Control, Cloud Detect, Patch Management, and other advanced security tools tailored to bridge the gap between endpoint and cloud protection. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlockerrsac to learn more about them! Jason Mical, Field CTO, discusses Devo and Detecteam's integrated solution, which proactively improves security posture by identifying and closing detection gaps. The integration combines Devo's comprehensive threat detection, investigation, and response capabilities with Detecteam's autonomic detection lifecycle platform to continuously validate and improve detection capabilities based on real-world attack scenarios. Solution demo: https://www.devo.com/interactive-demos/devo-detecteam-engineering-confidence-in-threat-detection/ This segment is sponsored by Devo . Visit https://securityweekly.com/devorsac to learn more about them! While the value of identity security remains largely untapped, SailPoint's latest Horizons of Identity Security report reveals that organizations with mature identity programs can bend their identity security-to-value curve and recognize disproportionately higher returns. These programs unlock new value pools and can help address emerging challenges, such as securing machine and AI agent identities. The 2024-25 Horizons of Identity Security report: https://www.sailpoint.com/identity-library/horizons-identity-security-3 Take the identity security maturity assessment: https://www.sailpoint.com/identity-security-adoption Learn more about SailPoint's Customer Experience Portfolio: https://www.sailpoint.com/customer-success/customer-experience-portfolio This segment is sponsored by SailPoint. Visit https://securityweekly.com/sailpointrsac to learn more about them! Identity has long been the soft underbelly of cybersecurity—but with AI, non-human identities (NHIs), and autonomous agents on the rise, it's now front and center for security teams, the C-suite, and boardrooms alike. Adversaries aren't just hacking systems anymore—they're hijacking identities to slip through the cracks and move undetected in systems. For too long, identity security was treated as interchangeable with IAM—but that mindset is exactly what left critical gaps exposed. Listen to our interview with Hed Kovetz as he unpacks why identity has become today's most urgent battleground in cyber. He'll what you can do about it with an identity security playbook that gives you the upper hand. https://resources.silverfort.com/identity-security-playbook/home https://www.silverfort.com/blog/shining-the-spotlight-on-the-rising-risks-of-non-human-identities/ This segment is sponsored by Silverfort. Visit https://securityweekly.com/silverfortrsac to learn more about Silverfort's IDEAL approach to identity security! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-405

Now in its 18th year, the Verizon Business DBIR is one of the industry's longest standing and leading reports on the current cybersecurity landscape. This year's report analyzes more than 22,000 security incidents with victims spanning 139 countries, examining significant growth in third-party involvement in breaches, increases in ransomware and examines the average amounts paid and amount of time to patch vulnerabilities, among many other findings. Segment Resources: - https://www.verizon.com/about/news/2025-data-breach-investigations-report - https://www.verizon.com/business/resources/reports/dbir This segment is sponsored by Verizon Business! To read the full Verizon Business 2025 Data Breach Investigations Report, please visit https://securityweekly.com/verizonrsac. Over the past two decades, the browser has evolved from a simple web rendering engine to the primary gateway through which users interact with the internet, be it for work, leisure or transactions. In other words, browsers are becoming the new endpoint. Yet, despite the exponential growth of browser-native attacks, traditional security solutions continue to focus on endpoint and network, leaving a large gaping hole when it comes to browser security. SquareX has started the Year of Browser Bugs (YOBB), a yearlong initiative to draw attention to the lack of security research and rigor in what remains one of the most understudied attack vectors - the browser. Learn more about SquareX's Browser Detection and Response solution at https://securityweekly.com/squarexrsac Last Mile Reassembly Attacks: https://www.sqrx.com/lastmilereassemblyattacks Polymorphic Extensions technical blog: https://labs.sqrx.com/polymorphic-extensions-dd2310006e04 There is a growing overlap between endpoint and cloud environments, creating new security challenges. ThreatLocker has recently released innovative solutions designed to protect organizations operating in this space. These include Cloud Control, Cloud Detect, Patch Management, and other advanced security tools tailored to bridge the gap between endpoint and cloud protection. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlockerrsac to learn more about them! Jason Mical, Field CTO, discusses Devo and Detecteam's integrated solution, which proactively improves security posture by identifying and closing detection gaps. The integration combines Devo's comprehensive threat detection, investigation, and response capabilities with Detecteam's autonomic detection lifecycle platform to continuously validate and improve detection capabilities based on real-world attack scenarios. Solution demo: https://www.devo.com/interactive-demos/devo-detecteam-engineering-confidence-in-threat-detection/ This segment is sponsored by Devo . Visit https://securityweekly.com/devorsac to learn more about them! While the value of identity security remains largely untapped, SailPoint's latest Horizons of Identity Security report reveals that organizations with mature identity programs can bend their identity security-to-value curve and recognize disproportionately higher returns. These programs unlock new value pools and can help address emerging challenges, such as securing machine and AI agent identities. The 2024-25 Horizons of Identity Security report: https://www.sailpoint.com/identity-library/horizons-identity-security-3 Take the identity security maturity assessment: https://www.sailpoint.com/identity-security-adoption Learn more about SailPoint's Customer Experience Portfolio: https://www.sailpoint.com/customer-success/customer-experience-portfolio This segment is sponsored by SailPoint. Visit https://securityweekly.com/sailpointrsac to learn more about them! Identity has long been the soft underbelly of cybersecurity—but with AI, non-human identities (NHIs), and autonomous agents on the rise, it's now front and center for security teams, the C-suite, and boardrooms alike. Adversaries aren't just hacking systems anymore—they're hijacking identities to slip through the cracks and move undetected in systems. For too long, identity security was treated as interchangeable with IAM—but that mindset is exactly what left critical gaps exposed. Listen to our interview with Hed Kovetz as he unpacks why identity has become today's most urgent battleground in cyber. He'll what you can do about it with an identity security playbook that gives you the upper hand. https://resources.silverfort.com/identity-security-playbook/home https://www.silverfort.com/blog/shining-the-spotlight-on-the-rising-risks-of-non-human-identities/ This segment is sponsored by Silverfort. Visit https://securityweekly.com/silverfortrsac to learn more about Silverfort's IDEAL approach to identity security! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-405

Now in its 18th year, the Verizon Business DBIR is one of the industry's longest standing and leading reports on the current cybersecurity landscape. This year's report analyzes more than 22,000 security incidents with victims spanning 139 countries, examining significant growth in third-party involvement in breaches, increases in ransomware and examines the average amounts paid and amount of time to patch vulnerabilities, among many other findings. Segment Resources: - https://www.verizon.com/about/news/2025-data-breach-investigations-report - https://www.verizon.com/business/resources/reports/dbir This segment is sponsored by Verizon Business! To read the full Verizon Business 2025 Data Breach Investigations Report, please visit https://securityweekly.com/verizonrsac. Over the past two decades, the browser has evolved from a simple web rendering engine to the primary gateway through which users interact with the internet, be it for work, leisure or transactions. In other words, browsers are becoming the new endpoint. Yet, despite the exponential growth of browser-native attacks, traditional security solutions continue to focus on endpoint and network, leaving a large gaping hole when it comes to browser security. SquareX has started the Year of Browser Bugs (YOBB), a yearlong initiative to draw attention to the lack of security research and rigor in what remains one of the most understudied attack vectors - the browser. Learn more about SquareX's Browser Detection and Response solution at https://securityweekly.com/squarexrsac Last Mile Reassembly Attacks: https://www.sqrx.com/lastmilereassemblyattacks Polymorphic Extensions technical blog: https://labs.sqrx.com/polymorphic-extensions-dd2310006e04 There is a growing overlap between endpoint and cloud environments, creating new security challenges. ThreatLocker has recently released innovative solutions designed to protect organizations operating in this space. These include Cloud Control, Cloud Detect, Patch Management, and other advanced security tools tailored to bridge the gap between endpoint and cloud protection. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlockerrsac to learn more about them! Jason Mical, Field CTO, discusses Devo and Detecteam's integrated solution, which proactively improves security posture by identifying and closing detection gaps. The integration combines Devo's comprehensive threat detection, investigation, and response capabilities with Detecteam's autonomic detection lifecycle platform to continuously validate and improve detection capabilities based on real-world attack scenarios. Solution demo: https://www.devo.com/interactive-demos/devo-detecteam-engineering-confidence-in-threat-detection/ This segment is sponsored by Devo . Visit https://securityweekly.com/devorsac to learn more about them! While the value of identity security remains largely untapped, SailPoint's latest Horizons of Identity Security report reveals that organizations with mature identity programs can bend their identity security-to-value curve and recognize disproportionately higher returns. These programs unlock new value pools and can help address emerging challenges, such as securing machine and AI agent identities. The 2024-25 Horizons of Identity Security report: https://www.sailpoint.com/identity-library/horizons-identity-security-3 Take the identity security maturity assessment: https://www.sailpoint.com/identity-security-adoption Learn more about SailPoint's Customer Experience Portfolio: https://www.sailpoint.com/customer-success/customer-experience-portfolio This segment is sponsored by SailPoint. Visit https://securityweekly.com/sailpointrsac to learn more about them! Identity has long been the soft underbelly of cybersecurity—but with AI, non-human identities (NHIs), and autonomous agents on the rise, it's now front and center for security teams, the C-suite, and boardrooms alike. Adversaries aren't just hacking systems anymore—they're hijacking identities to slip through the cracks and move undetected in systems. For too long, identity security was treated as interchangeable with IAM—but that mindset is exactly what left critical gaps exposed. Listen to our interview with Hed Kovetz as he unpacks why identity has become today's most urgent battleground in cyber. He'll what you can do about it with an identity security playbook that gives you the upper hand. https://resources.silverfort.com/identity-security-playbook/home https://www.silverfort.com/blog/shining-the-spotlight-on-the-rising-risks-of-non-human-identities/ This segment is sponsored by Silverfort. Visit https://securityweekly.com/silverfortrsac to learn more about Silverfort's IDEAL approach to identity security! Show Notes: https://securityweekly.com/esw-405

In this episode of Automate IT, Jeremy Maldonado dives into the world of data-driven endpoint management—breaking down what it means to go “beyond the spreadsheets.” He explores how visibility, intelligent reporting, asset intelligence, and risk scoring can transform how IT teams manage and secure their environments.  Drawing from his own journey into the IT space, Jeremy unpacks practical strategies for improving compliance, prioritizing threats, and empowering IT teams to play offense — not just defense. Whether you're an IT pro or just endpoint-curious, this episode will give you fresh perspective on managing smarter, not harder.

Spring is in the air, and it's time to give your IT environment the deep clean it deserves! In this episode of Hands-On IT, host Landon Miles shares nine essential spring cleaning tips to help IT pros declutter, optimize, and future-proof their systems. From cleaning workspaces and dusting off hardware to reviewing patch policies, auditing backups, and addressing tech debt, Landon walks you through practical steps that will boost efficiency, enhance security, and set you up for a smoother year ahead. Tune in and learn how a little proactive maintenance today can save you countless hours of reactive troubleshooting tomorrow!Clean Your Desk and WorkspaceDust Off Your Hardware and Check for WearUntangle and Manage CablesReview Patch PoliciesPurge Old Accounts and Review Software ContractsDeclutter Local Systems and StorageAudit and Test Your BackupsReview Digital and Hardware Tech DebtUpdate Your Documentation and Refresh Policies

In this Brand Story episode, Sean Martin and Marco Ciappelli sit down with Rob Allen, Chief Product Officer at ThreatLocker, to unpack how the company is reshaping endpoint security through a unique, control-first approach. Rob shares how ThreatLocker is challenging long-held assumptions about trust, visibility, and control in enterprise environments—and why the traditional “trust but verify” model is no longer good enough.From Default Permit to Default DenyThreatLocker's philosophy centers on a fundamental shift: moving from a default permit posture to a default deny stance. This approach, according to Rob, doesn't hinder operations—it creates boundaries that allow organizations to function safely and efficiently. It's not about locking systems down; it's about granting permissions with precision, so users can operate without even noticing security is present.Product Innovation Driven by Real FeedbackThe conversation highlights how customer input—and CEO Danny Jenkins' relentless presence at industry events—drives product development. New solutions like Web Control and Patch Management are designed as logical extensions of existing tools, allowing security teams to reduce risk without creating friction for end users. The addition of a software store, suggested by enterprise customers, gives users clarity on what's approved while reducing IT support tickets.Insights and the Detect DashboardRob also explains how ThreatLocker is unlocking the value of big data. With billions of data points collected every hour, their new Insights platform aggregates and analyzes cross-customer trends to better inform security decisions. Combined with the Detect Dashboard, teams now gain not only visibility but actionable intelligence—supported by polished visuals and streamlined workflows.More Than Just Tech—It's Peace of MindWhile the technology is impressive, Rob says the most rewarding feedback is simple: “ThreatLocker helps me sleep at night.” For many customers, that level of confidence is priceless. And in unexpected situations—like a blue-screen incident caused by third-party software—ThreatLocker has even been used to mitigate impacts in creative ways.Whether you're leading a global IT team or managing a growing MSP, this episode will make you think differently about how security fits into your operational strategy. Tune in to hear how ThreatLocker is turning bold ideas into real-world control.Learn more about ThreatLocker: https://itspm.ag/threatlocker-r974Note: This story contains promotional content. Learn more.Guest: Rob Allen, Chief Product Officer at ThreatLockerOn LinkedIn | https://www.linkedin.com/in/threatlockerrob/ResourcesLearn more and catch more stories from ThreatLocker: https://www.itspmagazine.com/directory/threatlockerAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

➡ Allow what you need, block everything else with ThreatLocker: threatlocker.com In this episode, I speak with Slava Konstantinov, ThreatLocker's MacOS Lead Architect, about their zero-trust approach to endpoint security and their latest cybersecurity innovations. We talk about: • ThreatLocker’s Zero Trust Approach to Cybersecurity:How ThreatLocker enforces a default deny security model, ensuring only explicitly allowed applications and actions can run, reducing attack surfaces and unauthorized access. • Key ThreatLocker Products and Features:How ThreatLocker’s solutions—Application Control, Storage Control, Ring Fencing, Network Control, and ThreatLocker Detect—help organizations enhance security through granular policy enforcement. • New & Upcoming ThreatLocker Features:How new solutions like Patch Management, Web Control, Insights, and Cloud Detect will provide even greater security, automation, and compliance for businesses managing complex IT environments. Chapters:00:00 - Intro to ThreatLocker and Zero Trust Security01:24 - How ThreatLocker’s Application Control Blocks Unauthorized Software06:52 - Storage Control: Preventing Unauthorized Data Access and USB Threats08:19 - Ring Fencing: Controlling App Permissions and Network Access12:37 - Elevation Control: Granting Admin Privileges Without Risk16:23 - Network Control: Restricting Internet and Internal Network Access19:26 - AI-Driven Security Policies: The Future of ThreatLocker Management24:07 - Mac vs. Windows Security: Key Differences and Challenges29:49 - ThreatLocker’s Expansion: New Products and Future Plans32:32 - Where to Learn More About ThreatLocker’s Security SolutionsBecome a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

Recorded during ThreatLocker Zero Trust World 2025 in Orlando, this episode of the On Location series features an engaging conversation with Alex Benton, Special Projects at ThreatLocker. Benton shares insights from his Metasploit lab, a beginner-friendly session that demonstrates the power of tools like Metasploit and Nmap in cybersecurity. The lab's objective is clear: to illustrate how easily unpatched systems can be exploited and reinforce the critical need for consistent patch management.Understanding the Metasploit LabBenton explains how participants in the lab learned to execute a hack manually before leveraging Metasploit's streamlined capabilities. The manual process involves identifying vulnerable machines, gathering IP addresses, examining open ports, and assessing software vulnerabilities. With Metasploit, these steps become as simple as selecting an exploit and running it, underscoring the tool's efficiency.A key demonstration in the lab involved Eternal Blue, the exploit associated with the WannaCry virus in 2017. Benton emphasizes how Metasploit simplifies this complex attack, highlighting the importance of maintaining patched systems to prevent similar vulnerabilities.The Real-World Implications of Unpatched SystemsThe discussion dives into the risks posed by cybercriminals who use tools like Metasploit to automate attacks. Benton points out that malicious actors often analyze patch notes to identify potential vulnerabilities and create scripts to exploit unpatched systems quickly. The conversation touches on the dark web's role in providing detailed information about exposed systems, making it even easier for attackers to target vulnerable machines.Lessons from WannaCryThe episode revisits the WannaCry incident, where a vulnerability in Windows systems led to a global cybersecurity crisis. Benton recounts how outdated systems and the absence of a strong security culture created an environment ripe for exploitation. He also shares the story of cybersecurity researchers, including Marcus Hutchins, who played pivotal roles in mitigating the virus's impact by identifying and activating its kill switch.Tune in to Learn MoreThis episode offers valuable insights into cybersecurity practices, the dangers of unpatched environments, and the tools that both ethical hackers and cybercriminals use. Listen in to gain a deeper understanding of how to secure your systems and why proactive security measures are more crucial than ever.Guest: Alex Benton, Special Projects at ThreatLocker | On LinkedIn: https://www.linkedin.com/in/alex-benton-b805065/Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine:  https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsThreatLocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from ZTW 2025 coverage: https://www.itspmagazine.com/zero-trust-world-2025-cybersecurity-and-zero-trust-event-coverage-orlando-floridaRegister for Zero Trust World 2025: https://itspm.ag/threat5mu1____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More