Websauna Co / Cybersecurity
I installed my first smart home hub because I wanted fewer apps, fewer latency issues, and — frankly — fewer cloud services hoarding sensor data about what I do at home. Over the years I’ve tested hubs that promise “local-first” operation...
Read more... →
I’ve been tracking npm supply-chain incidents long enough to know that most successful attacks share the same fingerprints — if you know what to look for, you can catch many of them before they ever touch your CI. I’m not talking about...
Read more... →
Hello — I’m Anaïs Dupont. Over the years I’ve spent time inside engineering teams, poking at data pipelines, and helping organisations ask the awkward questions about what exactly is feeding their models. In this piece I’ll walk you through...
Read more... →
I bought a cheap smart plug for my kitchen lamp last month. It was under £50, tucked into a sale, with shiny app screenshots and hundreds of five-star reviews. On the face of it, it solved a small convenience problem: turn the lamp on and off from...
Read more... →
I’ve spent a lot of time testing biometric systems and threat modelling authentication flows for mobile apps and kiosks. Face biometrics are convenient and increasingly common, but they invite a wide range of “liveness” or spoofing attacks —...
Read more... →
I remember the first time I had to migrate an authentication system for a business unit: months of planning, frantic late-night debugging, and a growing pile of post-it notes stuck to the monitor. Passwords were everywhere—hard-coded in scripts,...
Read more... →
Fine-tuning GPT-style models on proprietary customer data is one of those tasks that promises huge value—better, more contextual outputs; fewer hallucinations for domain-specific prompts; and a competitive edge in automation and support. It’s...
Read more... →
I started auditing third-party npm packages the hard way: by getting burned — a dependency pulled in a small, obfuscated postinstall script that sent environment variables back to a server. Since then I’ve developed a workflow that blends...
Read more... →
I’ve helped small engineering teams move from ad-hoc VPNs and open security groups to a zero-trust networking model that actually scales with a remote-first culture. In practice, zero trust isn’t a single product you buy — it’s a set of...
Read more... →
I’ve spent years helping teams choose and deploy security controls that actually get used — not just tick boxes for compliance. When it comes to multifactor authentication (MFA), the biggest failure isn’t cryptography or standards: it’s...
Read more... →