Build-Time Protections vs. Post-Production Panic
- S1E22
- 35:10
- September 11th 2025
Is patching enough to secure critical systems? In this episode of Exploited: The Cyber Truth, host Paul Ducklin sits down with Joe Saunders, Founder and CEO of RunSafe Security, to challenge the idea that vulnerabilities can be solved after software ships.
Joe explains why embedded systems and critical infrastructure demand a different approach—one that builds protections in from the start. He unpacks:
- Why patching after deployment creates dangerous gaps for attackers
- How build-time memory safety and code-hardening disrupt exploitation
- The software supply chain risks of relying on incomplete SBOMs
- Real-world examples of how build-time defenses reduce costly downtime and post-production scrambles
If you’re leading a program of record, developing embedded systems, or managing software security, this conversation reveals why “Secure by Design” is the only way forward.
Exploited: The Cyber Truth
Exploited: The Cyber Truth is a hard-hitting, no-fluff podcast exposing the realities of today’s cyber threat landscape and risks to critical infrastructure. Through candid conversations with top cybersecurity experts, industry leaders, and frontline defenders, the show breaks down recent high-profile vulnerabilities and exploits and covers innovative strategies used to stop them. To keep critical infrastructure safe, defenders need the upper hand. Tune in and get the cyber truth.