Embedded systems power everything from critical infrastructure to defense systems, yet vulnerabilities in those systems often go unseen and unaddressed. In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security CEO Joe Saunders and special guests Mario Zuniga and Matt Janson of MITRE to discuss the “invisible attack surface” lurking within embedded and cyber-physical systems.

Drawing on their frontline experience in cyber operations and resiliency engineering, Mario and Matt explain why embedded systems demand a fundamentally different approach to cybersecurity. From limited patching capabilities and long system lifecycles to unique hardware and firmware attack vectors, traditional IT security models fall short in these environments.

Together, they discuss:

• Why embedded systems are often overlooked in cybersecurity strategies
• How attackers exploit firmware, hardware interfaces, and air-gapped environments
• The challenges of securing systems that must remain operational for decades
• The role of MITRE’s embedded threat matrix (ESTEEM) in mapping adversary behavior
• Why resilience—not just prevention—is key to defending critical infrastructure

From industrial control systems to national defense, this episode reveals what it takes to secure the technologies that quietly underpin modern society and why the time to act is now.

Artificial intelligence is transforming cybersecurity but not in the way many expect. While defenders are using AI to accelerate detection, triage, and threat hunting, adversaries are leveraging the same tools to scale reconnaissance, automate exploit development, and dramatically increase the speed of attack.

In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security CEO Joe Saunders and Joe Slowik, Director of Cybersecurity Alerting Strategy at Dataminr, to discuss one critical question: Does AI actually reduce vulnerability risk or just accelerate the conflict?

With a background including MITRE ATT&CK, Dragos, Los Alamos National Laboratory, and U.S. government offensive operations, Slowik offers a dual-lens perspective on how AI is reshaping both sides of cybersecurity.

Together, they explore:

• How AI is increasing the velocity of vulnerability discovery and exploitation
• Why attackers may benefit from “good enough” AI outputs, while defenders require precision
• The rise in CVEs and why more vulnerabilities doesn’t necessarily mean worse security
• The growing risk in OT, IoT, and unmanaged edge devices
• Why AI is a powerful tool—not a magic bullet—and what that means for defenders

From enterprise security teams to critical infrastructure operators, this episode breaks down what security leaders must understand to stay ahead in an AI-accelerated threat landscape.

In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security Founder and CEO Joseph M. Saunders and embedded systems expert Jacob Beningo to explore how AI is changing the software development lifecycle for embedded and firmware teams.

Together, they unpack the risks and responsibilities that come with AI-generated code. While AI can accelerate development and automate tedious tasks, it can also introduce defects, expand the attack surface, and create a dangerous illusion of completeness. Unlike human engineers, AI cannot explain intent, reason about long-term system behavior, or take accountability when systems fail.

Joe and Jacob discuss how engineering teams can safely integrate AI into development workflows without sacrificing security, reliability, or accountability, especially in systems that must operate safely for years in the field.

In this episode, they explore:

• Why AI-generated code can introduce hidden vulnerabilities and complexity
• The accountability challenge: who owns the risk when AI writes the code?
• How AI output should be treated as untrusted code by default
• Why rigorous testing, validation, and security reviews still matter
• Practical ways engineering teams can use AI responsibly in embedded development

For engineers, security leaders, and product teams navigating AI adoption in embedded systems, this episode offers practical insights into how to move faster with AI without weakening trust in the systems you build.