Shut The Backdoor

A Compromised Customer - Balancing Risk and Response

"Security doesn't stop with one customer. You have to think about all of them." [01:18] Responding to customer compromises with care and context [02:46] Protecting all customers when one is compromised [03:41] How organizations learn about breaches in real time [05:45] Containing risk by pausing and managing connections [08:23] Adjusting response based on severity of compromise [12:18] Safely restoring connections after containment [15:15] Building runbooks and preparing for future incidents When a customer is compromised, the impact rarely stays contained to one organization. This conversation with Trevor Wilson explores how teams respond in real time, often with limited information and increasing pressure from other connected customers. He shares how organizations identify breaches, verify what's actually happening, and make fast decisions to contain risk without overreacting. Every step requires balance between speed and caution, which is why they stress the importance of preparation. Having things established such as clear roles and practiced responses helps teams move with confidence when incidents occur. Resources www.redoxengine.com [http://www.redoxengine.com/] Past Podcast Episodes [https://redoxengine.com/blog/category/podcast] https://redoxengine.com/solutions/platform-security [https://redoxengine.com/solutions/platform-security] Have feedback or a topic suggestion? Submit it using this linked form [https://forms.gle/BskTZTKZWouk4igBA]. Meghan McLeod mmcleod@redoxengine.com [mmcleod@redoxengine.com]

The Cyber Checkup - The Cracks in macOS

"If you're behind on updates, you're vulnerable." Episode Highlights [00:53] macOS security myths and built-in protection limits [01:40] How fake installers and malvertising trick users [02:39] Why trusted searches can still lead to malware [04:44] Adding proactive security beyond Apple defaults [06:06] Why personal devices create organizational risk Security engineer Zak Cowan joins the conversation to break down a malicious macOS campaign using fake installers and search result manipulation. The discussion challenges common assumptions about built-in Apple protections, highlights how users are tricked into installing malware, and explains why updates, monitoring, and personal device security all play a critical role in reducing risk. Article: Clickfix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers [https://thehackernews.com/2026/03/clickfix-campaigns-spread-macsync-macos.html] Resources Redoxengine.com [http://www.redoxengine.com/] Past Podcast Episodes [https://redoxengine.com/blog/category/podcast] https://redoxengine.com/solutions/platform-security [https://redoxengine.com/solutions/platform-security] Have feedback or a topic suggestion? Submit it using this linked form [https://forms.gle/BskTZTKZWouk4igBA]. Meghan McLeod mmcleod@redoxengine.com [mmcleod@redoxengine.com]

The Patch Plan - Enhancing Your Vulnerability Management Program

"Communication is one of the biggest parts of making vulnerability management work." Episode Highlights [00:44] Start with understanding your environment and technology stack [01:21] Prioritizing vulnerabilities based on risk and business impact [03:16] Tracking vulnerabilities without overwhelming engineering teams [05:58] Communication and collaboration to ensure vulnerabilities get fixed [08:40] Mitigating risk when patches or fixes are unavailable [11:17] Why vulnerability management must continuously evolve Building a vulnerability management program takes more than installing a scanner. Staff security engineers Trevor Wilson and Ethan Wolkowicz join the conversation to share what it actually takes to build and improve a vulnerability management program. The discussion covers how teams assess risk, prioritize fixes, work with engineering teams, and avoid overwhelming everyone with alerts. Vulnerability management is never finished. As this episode highlights, it must evolve as threats, tools, and compliance requirements change. Resources www.redoxengine.com [http://www.redoxengine.com/] Past Podcast Episodes [https://redoxengine.com/blog/category/podcast] https://redoxengine.com/solutions/platform-security [https://redoxengine.com/solutions/platform-security] Have feedback or a topic suggestion? Submit it using this linked form [https://forms.gle/BskTZTKZWouk4igBA]. Meghan McLeod mmcleod@redoxengine.com [mmcleod@redoxengine.com]

The Cyber Checkup - Leadership Transitions

"Security needs to continue to function regardless of that leader being there or not." Notable Moments [00:01] Leadership transitions in security are common [02:17] Preparing documentation and shared access early [04:53] Systems knowledge must outlive one person [07:17] New leadership brings fresh perspective [09:50] Build programs ready for eventual transition Leadership transitions in security are common. They are also critical moments for any organization. This episode explores how to prepare for CISO changes, why documentation and shared access matter, and how security teams can stay steady through uncertainty. It also highlights the opportunity that comes with fresh perspective and new leadership energy. Transitions are rarely perfect. But when security is built to function beyond any one individual, change becomes manageable. In some cases, it becomes a chance to reset, refine, and strengthen what is already in place. Resources www.redoxengine.com [http://www.redoxengine.com/] Past Podcast Episodes [https://redoxengine.com/blog/category/podcast] https://redoxengine.com/solutions/platform-security [https://redoxengine.com/solutions/platform-security] Have feedback or a topic suggestion? Submit it using this linked form [https://forms.gle/BskTZTKZWouk4igBA]. Matt Mock mmock@redoxengine.com [mmock@redoxengine.com] Meghan McLeod mmcleod@redoxengine.com [mmcleod@redoxengine.com]

The Adaptive Guard - AI's Edge in Cyber Defense

"Good security tools don't replace people. They help people focus on what actually matters." Notable Moments [02:22] AI as a Security Teammate [03:41] Cutting Through Alert Fatigue [07:16] Continuous Testing with AI Agents [11:33] Connecting the Dots Across Systems [16:51–20:36] Oversight, Governance, and the Human Role AI is often framed as a threat. This conversation flips that idea and explores how AI can support security teams dealing with constant noise and change. It looks at how AI helps surface real signals, reduce alert fatigue, and enable more continuous testing. It also addresses the need for oversight, access control, and clear boundaries. The focus stays on partnership. AI supports the work. Humans stay in control. Resources www.redoxengine.com [http://www.redoxengine.com/] Past Podcast Episodes [https://redoxengine.com/blog/category/podcast] https://redoxengine.com/solutions/platform-security [https://redoxengine.com/solutions/platform-security] Have feedback or a topic suggestion? Submit it using this linked form [https://forms.gle/BskTZTKZWouk4igBA]. Matt Mock mmock@redoxengine.com [mmock@redoxengine.com] Meghan McLeod mmcleod@redoxengine.com [mmcleod@redoxengine.com]