Exploited: The Cyber Truth

RunSafe Security
  • 0.0 (0)
  • EDUCATION
  • UPDATED WEEKLY

Exploited: The Cyber Truth is a hard-hitting, no-fluff podcast exposing the realities of today’s cyber threat landscape and risks to critical infrastructure. Through candid conversations with top cybersecurity experts, industry leaders, and frontline defenders, the show breaks down recent high-profile vulnerabilities and exploits and covers innovative strategies used to stop them. To keep critical infrastructure safe, defenders need the upper hand. Tune in and get the cyber truth.

  1. AI vs. Vulnerabilities: Who Really Wins?

    6D AGO

    AI vs. Vulnerabilities: Who Really Wins?

    Artificial intelligence is transforming cybersecurity but not in the way many expect. While defenders are using AI to accelerate detection, triage, and threat hunting, adversaries are leveraging the same tools to scale reconnaissance, automate exploit development, and dramatically increase the speed of attack. In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security CEO Joe Saunders and Joe Slowik, Director of Cybersecurity Alerting Strategy at Dataminr, to discuss one critical question: Does AI actually reduce vulnerability risk or just accelerate the conflict? With a background including MITRE ATT&CK, Dragos, Los Alamos National Laboratory, and U.S. government offensive operations, Slowik offers a dual-lens perspective on how AI is reshaping both sides of cybersecurity. Together, they explore: How AI is increasing the velocity of vulnerability discovery and exploitationWhy attackers may benefit from “good enough” AI outputs, while defenders require precisionThe rise in CVEs and why more vulnerabilities doesn’t necessarily mean worse securityThe growing risk in OT, IoT, and unmanaged edge devicesWhy AI is a powerful tool—not a magic bullet—and what that means for defenders From enterprise security teams to critical infrastructure operators, this episode breaks down what security leaders must understand to stay ahead in an AI-accelerated threat landscape.

    34 min
  2. AI Wrote the Code—Who Owns the Risk?

    MAR 12

    AI Wrote the Code—Who Owns the Risk?

    In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security Founder and CEO Joseph M. Saunders and embedded systems expert Jacob Beningo to explore how AI is changing the software development lifecycle for embedded and firmware teams. Together, they unpack the risks and responsibilities that come with AI-generated code. While AI can accelerate development and automate tedious tasks, it can also introduce defects, expand the attack surface, and create a dangerous illusion of completeness. Unlike human engineers, AI cannot explain intent, reason about long-term system behavior, or take accountability when systems fail. Joe and Jacob discuss how engineering teams can safely integrate AI into development workflows without sacrificing security, reliability, or accountability, especially in systems that must operate safely for years in the field. In this episode, they explore: Why AI-generated code can introduce hidden vulnerabilities and complexityThe accountability challenge: who owns the risk when AI writes the code?How AI output should be treated as untrusted code by defaultWhy rigorous testing, validation, and security reviews still matterPractical ways engineering teams can use AI responsibly in embedded development For engineers, security leaders, and product teams navigating AI adoption in embedded systems, this episode offers practical insights into how to move faster with AI without weakening trust in the systems you build.

    32 min
  3. From NIST to Nation-State: Securing Embedded Systems through Compliance and Trust

    FEB 26

    From NIST to Nation-State: Securing Embedded Systems through Compliance and Trust

    In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security CEO Joe Saunders and Cordell Robinson, CEO of Brownstone Consulting, to explore how security frameworks like NIST 800-53 are evolving from paperwork exercises into real drivers of security maturity. From continuous monitoring and secure-by-design development to Software Bills of Materials (SBOMs) and vulnerability transparency, the conversation examines what it takes to build trust in embedded and operational technology (OT) systems, especially as regulators sharpen their focus and nation-state threats grow more sophisticated. Together, they explore: Why compliance should cover people, processes, and technology—not just policiesHow NIST frameworks are shifting from checklists to operational rigorThe growing importance of SBOMs in supply chain transparencyHow AI is reshaping both cyber defense and attacker capabilityWhat new regulatory pressure (including the EU Cyber Resilience Act) means for manufacturers Whether you build embedded systems, ship software to government agencies, or manage critical infrastructure, this episode offers practical insight into building compliance programs that strengthen security and earn trust.

    33 min
  4. The OT Mistakes Attackers Count On—And How to Fix Them Before They Do

    FEB 12

    The OT Mistakes Attackers Count On—And How to Fix Them Before They Do

    In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security CEO Joseph M. Saunders and OT/ICS security expert Mike Holcomb, founder of UTILSEC, for a candid discussion about the weaknesses attackers exploit inside industrial environments. Mike shares what he repeatedly finds during assessments of large OT and ICS networks: no effective firewall between IT and OT, flat networks with little segmentation, stale Windows domains, shared engineering credentials, exposed HMIs, and OT protocols that will accept commands from any reachable host. He explains how attackers move from IT into OT using familiar enterprise techniques before pivoting into PLCs, RTUs, safety systems, and historians. Joe outlines why secure-by-design practices, higher software quality, and “secure by demand” procurement are critical to long-term resilience—especially as cloud connectivity and AI accelerate modernization in industrial environments. Together, they explore: Why a missing or misconfigured IT/OT firewall remains the most common and dangerous gapHow micro-segmentation and unidirectional architectures reduce blast radiusThe risks of web-enabled HMIs and long-lived legacy systemsWhy monitoring PLC programming traffic and historian queries mattersHow the Cyber Resilience Act is reshaping accountability for OT vendors If you’re responsible for industrial operations, plant uptime, or product security, this episode shows how attackers actually move through OT environments—and how to eliminate the mistakes they depend on.

    31 min
  5. Balancing Speed and Security: The Open Source Dilemma in Embedded Development

    JAN 29

    Balancing Speed and Security: The Open Source Dilemma in Embedded Development

    In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security Founder and CEO Joseph M. Saunders and embedded systems expert Elecia White, host of Embedded.fm and author of Making Embedded Systems, to discuss the trade-offs of using open source in embedded development. The conversation goes beyond debates about “open vs. proprietary” to explore how a single library can quietly introduce sprawling dependency chains, unclear maintenance responsibilities, licensing obligations, and long-term security exposure,  especially in devices expected to operate for years or decades. Elecia and Joe share guidance for using open source intentionally, including how to set guardrails early, limit dependency blast radius, and design systems that can respond when vulnerabilities emerge, even when patching isn’t easy. Together, they cover: Why embedded teams don’t get burned by open source, they get burned by unexamined dependenciesHow transitive dependencies and “helpful” packages quietly expand attack surfaceWhy professionalism, documentation, and disclosure practices signal trustworthy projectsWhy build-time SBOMs matter more than after-the-fact analysisHow Secure by Design thinking reduces reliance on emergency patching For embedded engineers, product leaders, and security teams balancing delivery pressure with long-lived risk, this episode offers advice for using open source without inheriting future incidents.

    30 min
  6. Beyond Defense: Building Cyber Resilience in Autonomous and Connected Mobility

    JAN 15

    Beyond Defense: Building Cyber Resilience in Autonomous and Connected Mobility

    Autonomous and connected vehicles are reshaping transportation, but increased software complexity and connectivity introduce serious security and safety challenges that can’t be solved with traditional perimeter defenses. In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security Founder and CEO Joseph M. Saunders and Hemanth Tadepalli, Senior Cybersecurity & Compliance SME at May Mobility, for a practical discussion on what cyber resilience looks like inside real-world autonomous vehicle programs. Hemanth draws on his experience securing mobility systems at May Mobility, as well as prior work with Mandiant, Google, and AlixPartners, to explain how automotive organizations are adapting to software-defined vehicle architectures, regulatory pressure, and expanding attack surfaces. Joe shares his perspective on why mobility companies increasingly resemble software companies and what that means for engineering, governance, and operational security. Together, they explore: How connected and autonomous vehicle architectures expand the attack surfaceWhat cyber resilience means in day-to-day engineering and fleet operationsHow governance, threat intelligence, and software validation reduce riskRegulatory pressures shaping automotive security decisionsHow teams balance detection, response, and safety in autonomous systems Whether you’re building autonomous platforms, managing connected fleets, or securing safety-critical software, this episode offers a grounded look at what it takes to keep modern mobility systems trustworthy and safe.

    25 min
  7. 2026 ICS Security Predictions: What’s Next for Critical Infrastructure

    12/30/2025

    2026 ICS Security Predictions: What’s Next for Critical Infrastructure

    As industrial control systems become more connected, more Linux-based, and more exposed to IT-style threats, 2026 is shaping up to be a turning point for ICS security. In this end-of-year predictions episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security Founder & CEO Joseph M. Saunders and CTO Shane Fry to discuss what will define ICS and critical infrastructure security in 2026. The episode explores a bold prediction: We will see a major ICS breach originating from a web application vulnerability running directly on an embedded control device. As full Linux operating systems, Node.js apps, and web servers increasingly appear inside OT equipment, long-standing IT vulnerabilities are colliding with systems that are difficult—or impossible—to patch. Joe and Shane dig into why detection-only strategies fall short in constrained, long-lived devices, and why secure by design engineering, memory safety, and runtime protections are becoming essential. They also discuss the importance of accurate, build-time Software Bills of Materials, especially as regulations like the EU Cyber Resilience Act push manufacturers toward transparency, accountability, and provable supply-chain visibility. Together, they cover: Why ICS exploitation is shifting from theoretical to operationalHow web app and RCE vulnerabilities are creeping into OT devicesThe limits of detection-only security strategiesWhy memory safety and runtime protections reduce exploitable riskHow build-time SBOMs improve vulnerability tracking and trust

    32 min
  8. When Vehicles Aren’t Just Machines: Cybersecurity, Autonomy & What’s Next

    12/18/2025

    When Vehicles Aren’t Just Machines: Cybersecurity, Autonomy & What’s Next

    As vehicles evolve into always-connected, software-defined systems, cybersecurity decisions increasingly shape privacy, safety, and trust on the road. In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security CEO Joseph M. Saunders and special guest Sean McKeever, Global Product Cybersecurity Lead at Marelli, for a candid discussion on what it really means to secure modern vehicles. Sean brings deep industry experience to unpack how OEMs and suppliers are navigating data stewardship, autonomous testing, vehicle theft, and diverging global regulations. Together, Paul, Joe, and Sean explore: What constant connectivity means for driver privacy and data stewardshipThe risks of beta-testing autonomous systems on public roadsHow car theft has shifted from physical break-ins to software exploitationWhy U.S. and EU cybersecurity regulations take fundamentally different approachesThe importance of collaboration across OEMs, suppliers, and regulators From RF relay attacks to software-defined vehicles with decade-long lifecycles, this episode highlights why cybersecurity is no longer an add-on but a core design decision shaping the future of mobility.

    33 min
See All (42)

About

Exploited: The Cyber Truth is a hard-hitting, no-fluff podcast exposing the realities of today’s cyber threat landscape and risks to critical infrastructure. Through candid conversations with top cybersecurity experts, industry leaders, and frontline defenders, the show breaks down recent high-profile vulnerabilities and exploits and covers innovative strategies used to stop them. To keep critical infrastructure safe, defenders need the upper hand. Tune in and get the cyber truth.

Information

  • Creator
    RunSafe Security
  • Years Active
    2025 - 2026
  • Episodes
    42
  • Rating
    Clean
  • Copyright
    © 2025 Exploited: The Cyber Truth
  • Show Website
    Exploited: The Cyber Truth