CVEs lose relevance: Get proactive — and think beyond vulnerabilities
More cracks in the NVD emerge, making the CVE system less useful. Shift your approach to keep up with software risk.
Carolynn van Arsdale
Writer, ReversingLabs. Carolynn is a reporter, writer, and researcher in the cybersecurity space. She has written for several publications, such as The Security Ledger and Security Boulevard. She has been involved in podcast and event production, and now produces ConversingLabs, a ReversingLabs podcast. Prior to joining ReversingLabs, Carolynn held communication roles in the non-profit and higher education spaces. Her official title at ReversingLabs is Manager, Content Marketing.
Posts from Carolynn van Arsdale
CVEs lose relevance: Get proactive — and think beyond vulnerabilities
Crypto malware attacks: 23 supply chain incidents set off alarms
Target on back-alert: Open source was increasingly exploited in attacks on cryptocurrency infrastructure and apps in 2024.
The year in ransomware: Security lessons to help you stay one step ahead
Ransomware kept its stride in 2024. In 2025, threat actors are moving toward targeting key parts of the software supply chain. Here are key lessons.
OSS in the crosshairs: Cryptomining hacks highlight key new threat
Hacks of rspack, vant highlight the growing trend of cryptomining compromises spreading via top open-source packages.
Why shift left alone can't manage your software risk
The state of application security was on the agenda at the Elephant in AppSec Conference. One clear takeaway: Modern threats demand an all-in approach.
CISA SBOM-a-rama: 4 key takeaways for software security teams
The Cybersecurity and Infrastructure Security Agency held its semiannual workshop on software bills of materials recently. Here's what you need to know.
A long history: What’s next for software bills of materials is what matters
Beau Woods discusses the history of the SBOM, from its humble beginnings to its use today — and efforts to modernize it. Here are key highlights from the interview.
What’s in your commercial software?
RL’s Saša Zdjelar joined 'The Cyber Ranch Podcast' to discuss why organizations need to better scrutinize the software they use. Here are the key takeaways.
.webp&w=3840&q=75)
Secure by Demand: Key takeaways for enterprise software buyers
CISA has released an add-on to its supply chain security initiative Secure by Design, with a focus on commercial software. Here’s what you need to know.