Why shift left alone can't manage your software risk
The state of application security was on the agenda at the Elephant in AppSec Conference. One clear takeaway: Modern threats demand an all-in approach.
Carolynn van Arsdale
Writer, ReversingLabs. Carolynn is a reporter, writer, and researcher in the cybersecurity space. She has written for several publications, such as The Security Ledger and Security Boulevard. She has been involved in podcast and event production, and now produces ConversingLabs, a ReversingLabs podcast. Prior to joining ReversingLabs, Carolynn held communication roles in the non-profit and higher education spaces. Her official title at ReversingLabs is Manager, Content Marketing.
Posts from Carolynn van Arsdale
Why shift left alone can't manage your software risk
CISA SBOM-a-rama: 4 key takeaways for software security teams
The Cybersecurity and Infrastructure Security Agency held its semiannual workshop on software bills of materials recently. Here's what you need to know.
A long history: What’s next for software bills of materials is what matters
Beau Woods discusses the history of the SBOM, from its humble beginnings to its use today — and efforts to modernize it. Here are key highlights from the interview.
What’s in your commercial software?
RL’s Saša Zdjelar joined 'The Cyber Ranch Podcast' to discuss why organizations need to better scrutinize the software they use. Here are the key takeaways.
.webp&w=3840&q=75)
Secure by Demand: Key takeaways for enterprise software buyers
CISA has released an add-on to its supply chain security initiative Secure by Design, with a focus on commercial software. Here’s what you need to know.
'Software Supply Chain Security for Dummies': 3 takeaways for your team
ReversingLabs' new guide is a great starting point for software builders and buyers who are serious about supply chain security.
The Polyfill.io vulnerability: Software supply chain attack lessons
The compromise of the widely used Polyfill.io CDN contains important lessons for organizations on trust.
How to assess and manage commercial software risk
Major attacks show that commercial software is the principal attack surface. Here’s why – and how your team can mitigate its risks.
What you missed at RSA Conference 2024: Key trends and takeaways
Here are the highlights that practitioners and leaders should know if they skipped last week's RSAC, the mother of all cybersecurity shows.