Shut The Backdoor

The hidden perimeter - Securing the future of Mythos AI

"Companies have been very quick to implement AI but not necessarily understand the true risks or the necessary guardrails that have to be in place." Episode Chapters [00:46] Understanding Mythos and Agentic Systems [02:18] A Double-Edged Sword for Vulnerability Management [03:44] The Death of the 7-Day Patch Cycle [05:58] Addressing the AI Governance Gap [07:07] Is the Sky Falling? How Organizations Should Respond [09:44] Best Strategies for Healthcare Organizations AI is changing rapidly. It is moving from a tool that humans must direct into an autonomous force that can reason and execute workflows on its own. In this episode, Redox Security Advisor Ben Doyle joins the conversation for a dive deep into Mythos, a powerful AI-native technology that has caught the attention of the security world. Mythos represents an incredible asset for automated vulnerability discovery and advanced pen testing. However, it also introduces major new risks for the healthcare sector. Ben breaks down how Mythos autonomously chains together known and novel exploits. It operates at a speed no human team can match, discovering tens of thousands of vulnerabilities in just its first few weeks of testing. We discuss why traditional patch management timelines and SLAs are no longer safe. We also look at how major cloud hyperscalers are responding to this tech, and outline the exact steps healthcare organizations need to take right now. Learn how to upgrade your internal governance, shrink your external asset inventory, and protect vital patient data in the age of autonomous AI. Resources www.redoxengine.com [http://www.redoxengine.com/] Past Podcast Episodes [https://redoxengine.com/blog/category/podcast] https://redoxengine.com/solutions/platform-security [https://redoxengine.com/solutions/platform-security] Have feedback or a topic suggestion? Submit it using this linked form [https://forms.gle/BskTZTKZWouk4igBA]. Meghan McLeod mmcleod@redoxengine.com [mmcleod@redoxengine.com]

A compromised customer - Balancing risk and response

"Security doesn't stop with one customer. You have to think about all of them." [01:18] Responding to customer compromises with care and context [02:46] Protecting all customers when one is compromised [03:41] How organizations learn about breaches in real time [05:45] Containing risk by pausing and managing connections [08:23] Adjusting response based on severity of compromise [12:18] Safely restoring connections after containment [15:15] Building runbooks and preparing for future incidents When a customer is compromised, the impact rarely stays contained to one organization. This conversation with Trevor Wilson explores how teams respond in real time, often with limited information and increasing pressure from other connected customers. He shares how organizations identify breaches, verify what's actually happening, and make fast decisions to contain risk without overreacting. Every step requires balance between speed and caution, which is why they stress the importance of preparation. Having things established such as clear roles and practiced responses helps teams move with confidence when incidents occur. Resources www.redoxengine.com [http://www.redoxengine.com/] Past Podcast Episodes [https://redoxengine.com/blog/category/podcast] https://redoxengine.com/solutions/platform-security [https://redoxengine.com/solutions/platform-security] Have feedback or a topic suggestion? Submit it using this linked form [https://forms.gle/BskTZTKZWouk4igBA]. Meghan McLeod mmcleod@redoxengine.com [mmcleod@redoxengine.com]

The Cyber Checkup - The Cracks in macOS

"If you're behind on updates, you're vulnerable." Episode Highlights [00:53] macOS security myths and built-in protection limits [01:40] How fake installers and malvertising trick users [02:39] Why trusted searches can still lead to malware [04:44] Adding proactive security beyond Apple defaults [06:06] Why personal devices create organizational risk Security engineer Zak Cowan joins the conversation to break down a malicious macOS campaign using fake installers and search result manipulation. The discussion challenges common assumptions about built-in Apple protections, highlights how users are tricked into installing malware, and explains why updates, monitoring, and personal device security all play a critical role in reducing risk. Article: Clickfix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers [https://thehackernews.com/2026/03/clickfix-campaigns-spread-macsync-macos.html] Resources Redoxengine.com [http://www.redoxengine.com/] Past Podcast Episodes [https://redoxengine.com/blog/category/podcast] https://redoxengine.com/solutions/platform-security [https://redoxengine.com/solutions/platform-security] Have feedback or a topic suggestion? Submit it using this linked form [https://forms.gle/BskTZTKZWouk4igBA]. Meghan McLeod mmcleod@redoxengine.com [mmcleod@redoxengine.com]

The Patch Plan - Enhancing Your Vulnerability Management Program

"Communication is one of the biggest parts of making vulnerability management work." Episode Highlights [00:44] Start with understanding your environment and technology stack [01:21] Prioritizing vulnerabilities based on risk and business impact [03:16] Tracking vulnerabilities without overwhelming engineering teams [05:58] Communication and collaboration to ensure vulnerabilities get fixed [08:40] Mitigating risk when patches or fixes are unavailable [11:17] Why vulnerability management must continuously evolve Building a vulnerability management program takes more than installing a scanner. Staff security engineers Trevor Wilson and Ethan Wolkowicz join the conversation to share what it actually takes to build and improve a vulnerability management program. The discussion covers how teams assess risk, prioritize fixes, work with engineering teams, and avoid overwhelming everyone with alerts. Vulnerability management is never finished. As this episode highlights, it must evolve as threats, tools, and compliance requirements change. Resources www.redoxengine.com [http://www.redoxengine.com/] Past Podcast Episodes [https://redoxengine.com/blog/category/podcast] https://redoxengine.com/solutions/platform-security [https://redoxengine.com/solutions/platform-security] Have feedback or a topic suggestion? Submit it using this linked form [https://forms.gle/BskTZTKZWouk4igBA]. Meghan McLeod mmcleod@redoxengine.com [mmcleod@redoxengine.com]

The Cyber Checkup - Leadership Transitions

"Security needs to continue to function regardless of that leader being there or not." Notable Moments [00:01] Leadership transitions in security are common [02:17] Preparing documentation and shared access early [04:53] Systems knowledge must outlive one person [07:17] New leadership brings fresh perspective [09:50] Build programs ready for eventual transition Leadership transitions in security are common. They are also critical moments for any organization. This episode explores how to prepare for CISO changes, why documentation and shared access matter, and how security teams can stay steady through uncertainty. It also highlights the opportunity that comes with fresh perspective and new leadership energy. Transitions are rarely perfect. But when security is built to function beyond any one individual, change becomes manageable. In some cases, it becomes a chance to reset, refine, and strengthen what is already in place. Resources www.redoxengine.com [http://www.redoxengine.com/] Past Podcast Episodes [https://redoxengine.com/blog/category/podcast] https://redoxengine.com/solutions/platform-security [https://redoxengine.com/solutions/platform-security] Have feedback or a topic suggestion? Submit it using this linked form [https://forms.gle/BskTZTKZWouk4igBA]. Matt Mock mmock@redoxengine.com [mmock@redoxengine.com] Meghan McLeod mmcleod@redoxengine.com [mmcleod@redoxengine.com]