<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1076912843267184&amp;ev=PageView&amp;noscript=1">

ReversingLabs Blog

November 30, 2023

The AI executive order: What AppSec teams need to know

While the new White House EO is largely focused on foundational AI, security teams reviewing AI initiatives are still in the hot seat.
November 22, 2023

Don't let CVEs distract you: Shift your AppSec team's focus to malware

Rather than wasting cycles on vulnerabilities, teams should focus on exploitability, and look for compromises including malware and tampering. Here's why.
November 22, 2023

How legacy AppSec is holding back Secure by Design

Legacy development patterns and testing tools are holdovers from a more reactive type of AppSec. Here's why that's a problem — and how to move forward.
November 22, 2023

ReversingLabs Launches Software Supply Chain Security Availability in AWS Marketplace

ReversingLabs software supply chain security will be available directly through AWS Marketplace, improving how your team can fortify your application security.
November 16, 2023

Protestware taps npm to call out wars in Ukraine, Gaza

ReversingLabs researchers have discovered npm packages that hide scripts broadcasting messages of peace related to the conflicts in Ukraine and in Israel and the Gaza Strip.
November 15, 2023

Zero trust and threat modeling: Is it time for AppSec to get on board?

Is it time for zero trust-based threat modeling for your AppSec? Understand the benefits and challenges.
November 14, 2023

8 CI/CD security best practices: Protect your software pipeline

Don't neutralize CI/CD business gains by failing to account for risk. Here are eight best practices to ensure your software development pipeline is secure.
November 9, 2023

AI needs transparency: How supply chain security tools can protect ML models

Supply-chain Levels for Software Artifacts (SLSA) and Sigstore are a good first step toward protecting ML models from attack. But they're not a panacea.
November 7, 2023

OWASP Top 10 for LLM update bridges the gap between AppSec and AI

Generative AI is advancing at a breakneck pace. Here's a full rundown for your development and app sec teams to keep it from breaking your org's back.
November 6, 2023

TitaniumCloud app for Splunk SOAR updated

Version 1.2.0 of RL's TitaniumCloud app for Splunk SOAR adds new actions for network reputation lookups.
November 3, 2023

The Power of Complex Binary Analysis

Powered by the industry-leading complex static binary analysis technology, ReversingLabs TitaniumCore delivers critical visibility into files, malware, and software necessary to stand up to the most advanced cybersecurity attacks.
November 1, 2023

5 best practices for putting SBOMs to work with CI/CD

SBOMs are essential — but making them useful is tricky in continuous integration/continuous deployment environments. Here are the key best practices.

SUBSCRIBE

Get our blog delivered to your in-box weekly to stay up to date on key trends, analysis and best practices across threat intelligence and software supply chain security.

ConversingLabs: The State of Open Source Software Security ConversingLabs: The State of Open Source Software Security
Conversations About Threat Hunting and Software Supply Chain Security
ReversingGlass: SBOMS and threat modeling ReversingGlass: SBOMS and threat modeling
Glassboard conversations with ReversingLabs Field CISO Matt Rose
Software Package Deconstruction: Video Conferencing Software Software Package Deconstruction: Video Conferencing Software
Analyzing Risks To Your Software Supply Chain