Why More Security Tools = Less Security with Jonathan Poon, Head of Threat & Vulnerability Management at Zoom

Why More Security Tools = Less Security with Jonathan Poon, Head of Threat & Vulnerability Management at Zoom

In this episode of Patch Me If You Can™, Jonathan Poon, Head of Threat & Vulnerability Management at Zoom, reveals why adding more security tools often creates more problems than it solves. Jonathan also shares practical strategies for: conducting data audits across your security stack, building a "data oversight committee" to eliminate redundancies, and developing the empathy skills needed to translate technical risks into business language that actually drives action.

RBAC is Broken (Here's Why) with Dmitri Altum, GitLab, ex-Ramp

In this episode of Patch Me If You Can™, Arek Dreyer sits down with Dmitri Altum, Staff Security Engineer at GitLab, who breaks down why Role Based Access Control (RBAC) is failing modern businesses. Dmitri shares his experience building dynamic identity systems that analyze user behavior rather than relying on static job titles, especially as AI blurs traditional role boundaries. He also demonstrates how his team achieved 93% automated approval rates with just 3 second response times, proving that security and speed don't have to pull in opposite directions.

Standard Users in an Admin World with Collin Elliott, Capital One

In this episode of Patch Me If You Can™, Arek Dreyer sits down with Collin Elliott, Senior Platform Engineer at Capital One, to unpack the challenges of balancing strong security with a smooth user experience in endpoint management. They explore topics such as the shift to least privilege, the tools and strategies that help, and why leadership buy-in and thoughtful automations are keys to success.

Why 99% Hit Defer Every Time with Robert Hammen, SAP, ex-SpaceX

In this episode of Patch Me If You Can™, Arek Dreyer sits down with Robert Hammen, Principal Mac Consultant at SAP and former IT Systems Engineer at SpaceX, to dig into various topics, including the world of enterprise patch management. They dig into the complexities and opportunities of patch management at scale. The big question: Why does patching still feel so painful, and what strategies actually drive better compliance and security without alienating end users?

Mac Malware: The Cat & Mouse Game with Patrick Wardle

In this episode of Patch Me If You Can™, Arek Dreyer sits down with Patrick Wardle, a leading figure in macOS security. Patrick, who founded the Objective-See Foundation and the Objective by the Sea security conference, brings years of frontline experience from organizations like NASA and the NSA. He’s also the author of the Art of Mac Malware book series and has created several widely used open-source macOS security tools, giving him a unique perspective on both defending and attacking modern Mac systems.