Autonomous IT

In this episode, Jeremy Maldonado shares his experiences and insights on server management, highlighting the importance of learning from mistakes, the power of automation, and finding balance between Linux and Windows environments. He discusses the challenges and rewards of managing servers, the pivotal role of Ansible in streamlining operations, and the confidence required to maintain a reliable infrastructure. Jeremy encourages listeners to view setbacks as opportunities for growth while reminding us to be kind to ourselves throughout our professional journeys.

This episode originally aired March 6, 2025

The all-knowing IT pro is a myth. In this episode, Automox Senior Solutions Consultant Jeremy Maldonado breaks down why curiosity and asking for help are the real foundations of a successful IT career. He shares how he went from feeling nervous about asking questions to becoming a trusted resource for IT teams across industries, including hospitals, local governments, and school districts.

Jeremy also pulls back the curtain on what he does day to day on the Automox Professional Services team: reviewing IT admins' environments, evaluating patching schedules, and working collaboratively to fine-tune configurations. Rather than coming in as the all-knowing expert, he explains why the best results come from treating every engagement as a shared experience, where both sides learn from each other.

Whether you're early in your IT career or a seasoned admin, this episode is a reminder that growth starts with a question.

Topics covered:

- Why the all-knowing IT pro doesn't exist
- How curiosity drives career growth in IT
- What an Automox environment review looks like
- Tailoring patching best practices to different industries
- Finding room for improvement even when things work

NIST is falling behind on vulnerability scoring — and the gap is growing. In this episode, Peter and Steph break down what that means for IT and security teams relying on CVE data to prioritize patching, and how Automox is solving it.
We cover:
Why NIST's National Vulnerability Database has a growing backlog and what's causing it
How incomplete vulnerability data creates blind spots in your patch management program
Automox's new partnership with VulnCheck to deliver real-time vulnerability intelligence
What KEV (Known Exploitable Vulnerabilities) data is and why your leadership team cares about it
Expanding from fewer than 10 third-party apps to 70% coverage across 500+ supported applications
The rollout plan from third-party apps to macOS, Windows, and Linux
Whether you're running a mature vulnerability management program or just getting started, this episode lays out how the vulnerability data landscape is shifting and what you can do to stay ahead of real-world threats.

In this episode of Automox's Secure IT podcast, host Jason Kikta welcomes back Rich Casselberry, VP of IT security at AT&I, to discuss key insights from the CISO Blueprint. The conversation emphasizes the importance of a positive approach to security, the role of automation in IT practices, and the necessity of delegation to enhance efficiency. Rich shares real-world examples illustrating how a solution-oriented mindset can lead to better security outcomes and how automation can free up valuable time for IT professionals.

This episode originally aired January 16, 2025

February's Patch Tuesday includes two actively exploited vulnerabilities you need to patch now. Ryan Braunstein breaks down a denial of service flaw in Windows Remote Access Connection Manager that can black out your VPN infrastructure and leave remote endpoints unreachable. Seth Hoyt covers a pair of SmartScreen bypasses that let malicious files slip past Windows security prompts without warning.

Both vulnerabilities rely on user interaction to succeed, and phishing is getting harder to spot. Ryan and Seth discuss how AI is lowering the barrier to entry for attackers, making convincing phishing emails easier to generate and enabling single actors to operate like full teams.

What you'll learn:
• How attackers use VPN disruption as a distraction for larger attacks
• Why SmartScreen bypasses are a serious initial access vector
• Which endpoints to prioritize for patching
• How AI is changing the threat model for social engineering

Patch your systems. Train your users. Stay ahead.