In this episode of Exploited: The Cyber Truth, host Paul Ducklin sits down with Joe Saunders, Founder & CEO of RunSafe Security, to unpack the real meaning behind “Secure by Design”—and why it’s more than just the latest industry buzzword. As cyber threats escalate in scale and sophistication, building security into software from the start has become not only best practice but a national imperative.

Joe shares why RunSafe signed CISA’s Secure by Design pledge and the bold steps the company is taking to meet its goals, including a transition from C++ to Rust to eliminate entire classes of memory safety vulnerabilities. He also explains how organizations can implement Secure by Design principles—without overhauling their entire codebase—using techniques like runtime exploit prevention.

In this episode:

• Why “Secure by Design” is the future of software development
• What the CISA pledge means—and why RunSafe joined it
• How transitioning to Rust addresses deep-rooted memory safety issues
• Practical ways to harden existing systems without starting from scratch
• How Secure by Design supports national security and critical infrastructure protection