Websauna Co / Cybersecurity
Hello — I’m Anaïs Dupont. Over the years I’ve spent time inside engineering teams, poking at data pipelines, and helping organisations ask the awkward questions about what exactly is feeding their models. In this piece I’ll walk you through...
Read more... →
I bought a cheap smart plug for my kitchen lamp last month. It was under £50, tucked into a sale, with shiny app screenshots and hundreds of five-star reviews. On the face of it, it solved a small convenience problem: turn the lamp on and off from...
Read more... →
I’ve spent a lot of time testing biometric systems and threat modelling authentication flows for mobile apps and kiosks. Face biometrics are convenient and increasingly common, but they invite a wide range of “liveness” or spoofing attacks —...
Read more... →
I remember the first time I had to migrate an authentication system for a business unit: months of planning, frantic late-night debugging, and a growing pile of post-it notes stuck to the monitor. Passwords were everywhere—hard-coded in scripts,...
Read more... →
Fine-tuning GPT-style models on proprietary customer data is one of those tasks that promises huge value—better, more contextual outputs; fewer hallucinations for domain-specific prompts; and a competitive edge in automation and support. It’s...
Read more... →
I started auditing third-party npm packages the hard way: by getting burned — a dependency pulled in a small, obfuscated postinstall script that sent environment variables back to a server. Since then I’ve developed a workflow that blends...
Read more... →
I’ve helped small engineering teams move from ad-hoc VPNs and open security groups to a zero-trust networking model that actually scales with a remote-first culture. In practice, zero trust isn’t a single product you buy — it’s a set of...
Read more... →
I’ve spent years helping teams choose and deploy security controls that actually get used — not just tick boxes for compliance. When it comes to multifactor authentication (MFA), the biggest failure isn’t cryptography or standards: it’s...
Read more... →
I’ve been tracking the slow, steady shift toward passwordless authentication for years now — testing products, probing security claims, and watching organizations wrestle with the trade-offs. Passwordless is no longer a futuristic checkbox; for...
Read more... →
I want developer pipelines that are secure, fast, and simple to understand. Over the years I’ve seen teams over-engineer CI/CD so much that it becomes the riskiest part of their product: secrets scattered in variables, build steps that run as...
Read more... →