Blog | ReversingLabs | Carolynn van Arsdale

Carolynn van Arsdale

Writer, ReversingLabs. Carolynn is a reporter, writer, and researcher in the cybersecurity space. She has written for several publications, such as The Security Ledger and Security Boulevard. She has been involved in podcast and event production, and now produces ConversingLabs, a ReversingLabs podcast. Prior to joining ReversingLabs, Carolynn held communication roles in the non-profit and higher education spaces. Her official title at ReversingLabs is Manager, Content Marketing.

Find Carolynn van Arsdale on: Twitter LinkedIn

April 25, 2025

What is the xBOM?

Understand the difference between the SBOM and xBOM — and how it impacts software supply chain security.

April 24, 2025

Verizon 2025 DBIR: Third-party software risk takes the spotlight

The latest Data Breach Investigations Report (DBIR) marks the shift seen more broadly — to third-party risk. Here’s what you need to know.

April 8, 2025

The race to secure the AI/ML supply chain is on — get out front

Supply chain risks from artificial intelligence (AI) and machine learning (ML) are getting real. Here are key insights from RL’s new report.

April 2, 2025

CVEs lose relevance: Get proactive — and think beyond vulnerabilities

More cracks in the NVD emerge, making the CVE system less useful. Shift your approach to keep up with software risk.

March 25, 2025

Crypto malware attacks: 23 supply chain incidents set off alarms

Target on back-alert: Open source was increasingly exploited in attacks on cryptocurrency infrastructure and apps in 2024.

December 20, 2024

OSS in the crosshairs: Cryptomining hacks highlight key new threat

Hacks of rspack, vant highlight the growing trend of cryptomining compromises spreading via top open-source packages.

December 20, 2024

The year in ransomware: Security lessons to help you stay one step ahead

Ransomware kept its stride in 2024. In 2025, threat actors are moving toward targeting key parts of the software supply chain. Here are key lessons.

December 2, 2024

Why shift left alone can't manage your software risk

The state of application security was on the agenda at the Elephant in AppSec Conference. One clear takeaway: Modern threats demand an all-in approach.

September 18, 2024

CISA SBOM-a-rama: 4 key takeaways for software security teams

CISA held its semi-annual workshop on software bills of materials (SBOMs) last week. Here are key takeaways your application security team needs to know.

September 12, 2024

A long history: What’s next for software bills of materials is what matters

Beau Woods explores the history of the SBOM, from its humble beginnings, to use today — and efforts to modernize it. Here are key highlights from the chat.

September 11, 2024

What’s in your commercial software?

RL’s Saša Zdjelar joined The Cyber Ranch Podcast to discuss why organizations need to better scrutinize commercial software. Here are the key takeaways.

August 8, 2024

Secure by Demand: Key takeaways for enterprise software buyers

CISA has released an add-on to its supply chain security initiative Secure by Design, with a focus on commercial software. Here’s what you need to know.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Industry

Partners

Alliances

Resources

Company

Events

Press

Carolynn van Arsdale

Recent Posts from Carolynn van Arsdale

What is the xBOM?

Verizon 2025 DBIR: Third-party software risk takes the spotlight

The race to secure the AI/ML supply chain is on — get out front

CVEs lose relevance: Get proactive — and think beyond vulnerabilities

Crypto malware attacks: 23 supply chain incidents set off alarms

OSS in the crosshairs: Cryptomining hacks highlight key new threat

The year in ransomware: Security lessons to help you stay one step ahead

Why shift left alone can't manage your software risk

CISA SBOM-a-rama: 4 key takeaways for software security teams

A long history: What’s next for software bills of materials is what matters

What’s in your commercial software?

Secure by Demand: Key takeaways for enterprise software buyers

Topics

Special Reports

The 2025 Software Supply Chain Security Report

Upcoming Webinars

ConversingLabs

Carolynn van Arsdale

Recent Posts from Carolynn van Arsdale

Topics

Follow us

Subscribe

Special Reports