Exploited: The Cyber Truth
Exploited: The Cyber Truth
RunSafe Security
Exploited: The Cyber Truth is a hard-hitting, no-fluff podcast exposing the realities of today’s cyber threat landscape and risks to critical infrastructure. Through candid conversations with top cybersecurity experts, industry leaders, and frontline defenders, the show breaks down recent high-profile vulnerabilities and exploits and covers innovative strategies used to stop them. To keep critical infrastructure safe, defenders need the upper hand. Tune in and get the cyber truth.
2026 ICS Security Predictions: What’s Next for Critical Infrastructure
As industrial control systems become more connected, more Linux-based, and more exposed to IT-style threats, 2026 is shaping up to be a turning point for ICS security. In this end-of-year predictions episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security Founder & CEO Joseph M. Saunders and CTO Shane Fry to discuss what will define ICS and critical infrastructure security in 2026. The episode explores a bold prediction: We will see a major ICS breach originating from a web application vulnerability running directly on an embedded control device. As full Linux operating systems, Node.js apps, and web servers increasingly appear inside OT equipment, long-standing IT vulnerabilities are colliding with systems that are difficult—or impossible—to patch. Joe and Shane dig into why detection-only strategies fall short in constrained, long-lived devices, and why secure by design engineering, memory safety, and runtime protections are becoming essential. They also discuss the importance of accurate, build-time Software Bills of Materials, especially as regulations like the EU Cyber Resilience Act push manufacturers toward transparency, accountability, and provable supply-chain visibility. Together, they cover: Why ICS exploitation is shifting from theoretical to operationalHow web app and RCE vulnerabilities are creeping into OT devicesThe limits of detection-only security strategiesWhy memory safety and runtime protections reduce exploitable riskHow build-time SBOMs improve vulnerability tracking and trust
Dec 30, 2025
31 min
When Vehicles Aren’t Just Machines: Cybersecurity, Autonomy & What’s Next
As vehicles evolve into always-connected, software-defined systems, cybersecurity decisions increasingly shape privacy, safety, and trust on the road. In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security CEO Joseph M. Saunders and special guest Sean McKeever, Global Product Cybersecurity Lead at Marelli, for a candid discussion on what it really means to secure modern vehicles. Sean brings deep industry experience to unpack how OEMs and suppliers are navigating data stewardship, autonomous testing, vehicle theft, and diverging global regulations. Together, Paul, Joe, and Sean explore: What constant connectivity means for driver privacy and data stewardshipThe risks of beta-testing autonomous systems on public roadsHow car theft has shifted from physical break-ins to software exploitationWhy U.S. and EU cybersecurity regulations take fundamentally different approachesThe importance of collaboration across OEMs, suppliers, and regulators From RF relay attacks to software-defined vehicles with decade-long lifecycles, this episode highlights why cybersecurity is no longer an add-on but a core design decision shaping the future of mobility.
Dec 18, 2025
32 min
When Open Source Gets You Into Hot Water: Copyleft Risk in Embedded Systems
Open source accelerates development in embedded systems, but hidden license obligations can quickly create legal and operational risk. In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security Founder and CEO Joseph M. Saunders and Salim Blume, Director of Security Applications, for a look at how copyleft risk emerges and why compliance in embedded products is more challenging than many teams expect. Salim breaks down how restrictive licenses, such as GPL and AGPL, can force the disclosure of proprietary code, interrupt product shipments, or create exposure long after devices are deployed in the field. Joe shares why accurate SBOMs, automated license checks, and enforcing policy at build time are critical to preventing surprises in downstream products. The discussion also touches on the ongoing Vizio case, where the TV manufacturer faces litigation that could compel public release of source code under the GPL, highlighting how open source obligations can surface years after products hit the market. Together, Paul, Joe, and Salim explore: How copyleft obligations can require source-code disclosureWhy embedded environments complicate license complianceReal-world cases where unnoticed GPL dependencies caused major issues, such as Vizio’s GPL lawsuit and Cisco’s WRT54G router familyThe growing implications of AGPL for SaaS and connected servicesHow build-time SBOMs and automated controls reduce long-term risk Whether you're building connected devices, managing software supply chain compliance, or protecting proprietary IP, this episode offers practical guidance to reduce copyleft risk before it becomes a costly problem.
Dec 11, 2025
29 min
The Asymmetric Advantage: How Cybersecurity Can Outpace Adversaries
In this episode of Exploited: The Cyber Truth, host Paul Ducklin sits down with RunSafe Founder and CEO Joseph M. Saunders to explore why the future of cyber defense depends on disrupting attacker economics rather than racing to keep up with every new threat. Joe breaks down how organizations can gain an asymmetric advantage by reducing exploitability across entire classes of vulnerabilities, especially persistent memory safety flaws that continue to expose critical systems. He shares why adding lightweight, automated protections at build time is one of the fastest ways to shift the cost curve onto attackers without forcing massive code rewrites or slowing development teams down. Together, Paul and Joe discuss: Why attackers’ resource advantage requires a new defensive mindsetThe power of “patchless” protection in embedded and OT environmentsWhy memory safety flaws persist and how to neutralize them at scaleThe risks of AI-generated code and how to prevent silent vulnerabilitiesHow Secure by Design practices improve resilience for critical infrastructure If you're responsible for securing embedded systems, OT assets, or long-lived devices where patch cycles are slow and risk is high, this episode offers a new mindset that gives defenders the upper hand.
Dec 4, 2025
27 min
Smarter Vulnerability Management in OT Systems: Building Resilience
As OT environments face rising geopolitical tensions, ransomware threats, and aging infrastructure, vulnerability management has never been more complex. In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security CEO Joe Saunders and Stuxnet expert Ralph Langner, Founder and CEO of Langner, Inc. Ralph shares from his decades of firsthand experience defending industrial control systems and explains why traditional CVE-focused vulnerability management falls short in OT. He breaks down the three major categories of OT vulnerabilities—design flaws, feature abuse, and configuration errors—and reveals why competent attackers often ignore CVEs entirely. Joe highlights how memory-based vulnerabilities continue to threaten critical systems and why eliminating entire vulnerability classes can create an asymmetric advantage for defenders. Together, Ralph and Joe explore: Why most OT equipment remains insecure by design and why replacement will take decadesHow features, not bugs, often become the real attack vectorThe growing role of ransomware and IT-side weaknesses in OT compromisesPractical steps OT defenders can take today to incrementally improve resilienceThe value of class-level protections, better architectures, and secure development processes Whether you secure energy infrastructure, manufacturing systems, or mixed IT/OT networks, this episode delivers experience-driven guidance for strengthening cyber-physical resilience.
Nov 20, 2025
28 min
Clean Files, Safe Operations: Defending Federal and OT Systems from AI-Driven Threats
AI is fueling both innovation and new attack tactics. In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security Founder and CEO Joseph M. Saunders and Kelly Davis, Senior Solutions Architect at Glasswall, to uncover how AI-powered malware is slipping through traditional detection in federal and defense environments—and what can be done about it. Kelly breaks down how “clean file” strategies are redefining cybersecurity by ensuring only safe, verified content enters critical systems. Joe connects these insights to operational technology (OT), where malicious code can disrupt industrial operations, safety systems, and even national infrastructure. Together, they explore: How AI is changing both attack and defense in cybersecurityWhy detection-based security is too slow—and how AI is widening the gapHow Content Disarm and Reconstruction (CDR) strengthens federal and defense workflowsHow federal agencies can adopt file-level defenses using pilots, boundary controls, and workflow APIsThe parallels between clean files in IT and secure binaries in OT Whether you’re defending national assets or securing industrial systems, this episode reveals why prevention—not detection—is the smartest defense in the AI era.
Nov 13, 2025
26 min
Designing Security into Life-Critical Devices: Where Innovation Meets Regulation
As healthcare becomes increasingly connected, cybersecurity is now as critical to patient safety as the devices themselves. In this episode of Exploited: The Cyber Truth, host Paul Ducklin sits down with RunSafe Security Founder and CEO Joseph M. Saunders to explore how medical device manufacturers can design protection into every phase of product development—from concept to deployment and beyond. Joe discusses how medical device manufacturers are aligning innovation with evolving FDA and CISA cybersecurity expectations, embedding secure-by-design principles, and redefining engineering culture to treat security as part of product quality and not just compliance. Listeners will learn: Why Secure by Design is critical for building safe, resilient medical devices from the startHow FDA guidance has pushed manufacturers to treat cybersecurity as part of product design and is reshaping compliance in healthcareWhat a Software Bill of Materials (SBOM) is and why generating it at build time gives the clearest picture of software riskWhy openness about software components helps reduce risk, even when it feels counterintuitiveHow standardizing development practices makes devices safer, lowers costs, and leaves more room for innovation For those developing life-critical devices or managing medtech risk, this episode explores how building security into every stage of design and development protects patients and sustains innovation in connected care.
Nov 6, 2025
27 min
How Generative AI Is Addressing Warfighter Challenges
When we think of generative AI in defense, many think of how it will be used on the frontlines. But it actually serves a much wider purpose in helping warfighters plan, prepare, and execute missions. In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security Founder and CEO Joseph M. Saunders and Arthur Reyenger, Generative AI Strategy Executive at Ask Sage, Inc., to explore how generative AI is transforming defense missions—from planning to execution. They discuss how AI-driven decision support, predictive analytics, and digital twins are giving defense teams faster insights and tactical advantages while maintaining trust, security, and control. The conversation looks at examples of how AI is accelerating acquisition processes, strengthening cybersecurity, and even supporting front-line logistics aboard Navy vessels. Together, Joe and Arthur discuss: How generative AI accelerates decision-making and mission readinessThe role of commercial off-the-shelf (COTS) AI in defense innovationWhy responsible AI and human oversight remain criticalHow secure, scalable platforms are redefining operational impact Whether you’re in defense, cybersecurity, or technology leadership, this episode sheds light on how generative AI is helping warfighters stay one step ahead.
Oct 30, 2025
30 min
What the 2025 SBOM Minimum Elements Mean for Software Supply Chain Security
CISA and DHS have raised the bar for software transparency with the first major update to the Minimum Elements for an SBOM since 2021—expanding what every software supplier must disclose. But what does this really mean for developers, embedded system teams, and security leaders trying to protect critical infrastructure? In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security’s Kelli Schwalm and CEO Joseph Saunders to unpack the technical and strategic impact of the 2025 SBOM draft. Kelli explains key additions like component hashes, generation context, and transitive dependencies, and how they improve accuracy and traceability. Joe connects the dots to the bigger picture—how richer SBOMs enable resilience, transparency, and safer disclosure practices across the software supply chain. Together, they explore: Why new SBOM data fields (like hashes and license metadata) matter for risk mitigationThe ongoing challenges of SBOMs for embedded and C/C++ systemsHow stronger visibility supports secure vulnerability disclosure and complianceWhy SBOMs are evolving from check-box compliance to core resilience tools Whether you manage embedded software, oversee product security, or shape compliance policy, this episode reveals how the 2025 SBOM Minimum Elements is set to reshape software assurance for years to come.
Oct 23, 2025
33 min
Collaboration in Cyberspace with Madison Horn
Safeguarding critical infrastructure demands more than just technology—it requires unity. In this episode of Exploited: The Cyber Truth, host Paul Ducklin sits down with RunSafe Security CEO Joseph M. Saunders and Madison Horn, National Security & Critical Infrastructure Advisor at World Wide Technology, to explore how collaboration across government and industry is shaping a stronger, more secure future. Madison shares insights from her work bridging the gap between policymakers and technologists, highlighting what “best-in-class” public-private partnerships look like and why security by design is a shared responsibility. Together, Madison and Joe unpack how AI, geopolitics, and legacy systems intersect in today’s cyber threat landscape and what it will take to build lasting resilience. From aligning economic incentives to enabling secure-by-design innovation, this discussion underscores one essential truth: protecting critical infrastructure isn’t just a technical mission—it’s a collective one. In this episode, you’ll learn: How collaboration between government and industry drives national cyber resilienceWhat “best-in-class” public-private partnerships look like in practiceThe challenges of protecting legacy systems that were never built to be onlineHow AI and emerging technologies are reshaping cyber defense and regulationWhy secure-by-design principles must become a shared responsibilityWhere current policies succeed—and where leaders can push for meaningful change
Oct 16, 2025
29 min
Load more