"If you're behind on updates, you're vulnerable."

Episode Highlights

[00:53] macOS security myths and built-in protection limits
[01:40] How fake installers and malvertising trick users
[02:39] Why trusted searches can still lead to malware
[04:44] Adding proactive security beyond Apple defaults
[06:06] Why personal devices create organizational risk

Security engineer Zak Cowan joins the conversation to break down a malicious macOS campaign using fake installers and search result manipulation. The discussion challenges common assumptions about built-in Apple protections, highlights how users are tricked into installing malware, and explains why updates, monitoring, and personal device security all play a critical role in reducing risk.

Resources

Redoxengine.com

Past Podcast Episodes

https://redoxengine.com/solutions/platform-security

Have feedback or a topic suggestion? Submit it using this linked form.

"Communication is one of the biggest parts of making vulnerability management work."

Episode Highlights

[00:44] Start with understanding your environment and technology stack

[01:21] Prioritizing vulnerabilities based on risk and business impact

[03:16] Tracking vulnerabilities without overwhelming engineering teams

[05:58] Communication and collaboration to ensure vulnerabilities get fixed

[08:40] Mitigating risk when patches or fixes are unavailable

[11:17] Why vulnerability management must continuously evolve

Building a vulnerability management program takes more than installing a scanner. Staff security engineers Trevor Wilson and Ethan Wolkowicz join the conversation to share what it actually takes to build and improve a vulnerability management program. The discussion covers how teams assess risk, prioritize fixes, work with engineering teams, and avoid overwhelming everyone with alerts. Vulnerability management is never finished. As this episode highlights, it must evolve as threats, tools, and compliance requirements change.

Resources

www.redoxengine.com

Past Podcast Episodes

https://redoxengine.com/solutions/platform-security

Have feedback or a topic suggestion? Submit it using this linked form.

"Security needs to continue to function regardless of that leader being there or not."

Notable Moments

[00:01] Leadership transitions in security are common
[02:17] Preparing documentation and shared access early
[04:53] Systems knowledge must outlive one person
[07:17] New leadership brings fresh perspective
[09:50] Build programs ready for eventual transition

Leadership transitions in security are common. They are also critical moments for any organization. This episode explores how to prepare for CISO changes, why documentation and shared access matter, and how security teams can stay steady through uncertainty. It also highlights the opportunity that comes with fresh perspective and new leadership energy.

Transitions are rarely perfect. But when security is built to function beyond any one individual, change becomes manageable. In some cases, it becomes a chance to reset, refine, and strengthen what is already in place.

Resources

www.redoxengine.com

Past Podcast Episodes

https://redoxengine.com/solutions/platform-security

Have feedback or a topic suggestion? Submit it using this linked form.

Matt Mock mmock@redoxengine.com