↓Skip to main content

Public Exposure

2025

Adversarial Testing of AI is not Optional

10 June 2025·Updated: 29 October 2025·1648 words·8 mins

by: Satu Korhonen and Silvan Gebhardt

AI systems fail in unpredictable ways, from suggesting insecure code to leaking sensitive data. Learn why traditional security testing isn't enough and why adversarial testing is essential to understanding and mitigating the real risks of generative AI. — AI systems fail in unpredictable ways, from suggesting insecure code to leaking sensitive data. Learn why traditional security testing isn’t enough and why adversarial testing is essential to understanding and mitigating the real risks of generative AI.

2024

The Forgotten Value of Personality Traits in Cybersecurity

12 November 2024·Updated: 29 October 2025·1627 words·8 mins

by: Agnė Brilingaitė

Uncover why personality traits are crucial yet often overlooked in cybersecurity. This insightful post delves into how understanding human behavior can fortify cybersecurity strategies.

Forgotten Protocol Chronicles: Do Not Underestimate the Installed Base

13 February 2024·Updated: 13 November 2025·1155 words·6 mins

by: John Kristoff

John Kristoff examines the risk involved in forgotten, yet active protocols hidden in plain sight through two case studies.

2023

Cyber Warrior: Who is Behind the Cyber Shield?

12 September 2023·Updated: 29 October 2025·1151 words·6 mins

by: Agnė Brilingaitė

How to investigate cybersecurity workforce or personal development from the perspective of information technology, psychology and human genomics.

Robot vs. Robot - May the Best AI Win

13 June 2023·Updated: 14 November 2025·1092 words·6 mins

by: Mikko Hyppönen

Mikko Hyppönen reflects on the evolution of fighting cybercrime from the early days to the present and beyond.

2022

How to Identify Attack Surface that Must be Addressed

8 November 2022·Updated: 1 November 2025·2336 words·11 mins

by: Juhani Eronen

How can you identify threats to network security through attack surface assessments and prioritise the findings to fix the discovered issues.

Integrity Checking - an Integral Part of Cyber Security

12 July 2022·Updated: 29 October 2025·2335 words·11 mins

by: Tomi Koski and Joona Hoikkala

A case study in responsible vulnerability disclosure for a man in the middle attack in FreshService inventory management software.

Further Examination into External Attack Surface

28 June 2022·Updated: 1 November 2025·2901 words·14 mins

by: Juhani Eronen

Getting from assets to exposure, or why identifying critical attack surface exposed by your assets might not be that straightforward after all.

Practical Methods for Assessing Your External Attack Surface

22 March 2022·Updated: 1 November 2025·2309 words·11 mins

by: Juhani Eronen

The siege of Château Gaillard between September 1203 and March 1204 is a good example of determined attackers exploiting a weakness in the defenders' threat model. As the story has it, a French soldier clambered up the latrine chute and let in his compatriots to take over the castle. Photo (c) Lari Huttunen. — The siege of Château Gaillard between September 1203 and March 1204 is a good example of determined attackers exploiting a weakness in the defenders’ threat model. As the story has it, a French soldier clambered up the latrine chute and let in his compatriots to take over the castle.