Webinar | Delivering Threat Analysis Beyond VirusTotal's Reach
Save Your Seat
ReversingLabs is the #1 Alternative to VirusTotal
Learn Why
New White Paper | The Monsters in Your Software Supply Chain
Read Now

ReversingLabs Blog

Ericka Chickowski

Ericka Chickowski
Award-winning freelance writer. Ericka Chickowski's writings on business and technology have appeared in dozens of trade and consumer magazines, including Entrepreneur, Consumers Digest, Channel Insider, CIO Insight, Dark Reading, DevOps.com and InformationWeek. She's made it her specialty to explain in plain English how technology trends affect real people.

Recent Posts from Ericka Chickowski

How legacy AppSec is holding back Secure by Design
November 22, 2023

How legacy AppSec is holding back Secure by Design

Legacy development patterns and testing tools are holdovers from a more reactive type of AppSec. Here's why that's a problem — and how to move forward.
Read More
8 CI/CD security best practices: Protect your software pipeline
November 14, 2023

8 CI/CD security best practices: Protect your software pipeline

Don't neutralize CI/CD business gains by failing to account for risk. Here are eight best practices to ensure your software development pipeline is secure.
Read More
App sec prioritization is priority No. 1 for CISOs
October 25, 2023

App sec prioritization is priority No. 1 for CISOs

Application security veterans Mark Curphey and John Viega went on a CISO listening tour. Here is what they learned.
Read More
Threat modeling and the supply chain: An essential tool for managing risk across the SDLC
September 21, 2023

Threat modeling and the supply chain: An essential tool for managing risk across the SDLC

Here's what your team needs to understand about threat modeling and software supply chain security — a critical mapping of risk. 
Read More
Supply chain security: Is technical debt weighing your team down?
August 23, 2023

Supply chain security: Is technical debt weighing your team down?

Vulnerability management and piecemeal app sec testing are like paying the interest only on mounting security technical debt. Where do you stand?
Read More
Risk modeling initiative aims to expose the 'hiddenness of knowledge' in the supply chain
August 21, 2023

Risk modeling initiative aims to expose the 'hiddenness of knowledge' in the supply chain

GUAC-ALYTICs will model risk across open source software supply chain interdependencies using a new algorithmic engine. Here's what you need to know.
Read More
AI and the software supply chain: Application security just got a whole lot more complicated
July 24, 2023

AI and the software supply chain: Application security just got a whole lot more complicated

In addition to the extensive list of components in today's software, AI relies on open source AI models and training data. What could possibly go wrong?
Read More
5 reasons why cyber attackers love developers
June 26, 2023

5 reasons why cyber attackers love developers

Hackers are having a field day targeting developers with supply chain attacks, which open doors to other compromises. Here's why — and what to do about it.
Read More
5 AI threats keeping SOC teams up at night
June 5, 2023

5 AI threats keeping SOC teams up at night

Here are five AI threats that your security operations team should be planning and budgeting for if you want to stay ahead of the emerging threat with AI.
Read More
7 obstacles to SBOM success
May 16, 2023

7 obstacles to SBOM success

The path to success for software bills of materials is riddled with hurdles. Experts explain key factors that could threaten your SBOM investments.
Read More
How to operationalize SBOMs for incident response
May 2, 2023

How to operationalize SBOMs for incident response

Learn why Software Bills of Materials are essential for cybersecurity incident response — and how to put them to work.
Read More
Why 'shift left' is now a dirty term in some security circles
April 11, 2023

Why 'shift left' is now a dirty term in some security circles

Here's why some security practitioners question the term "shift left" — and what they think application security teams should focus on instead.
Read More

SUBSCRIBE

Get our blog delivered to your in-box weekly to stay up to date on key trends, analysis and best practices across threat intelligence and software supply chain security.

ConversingLabs: The State of Open Source Software Security ConversingLabs: The State of Open Source Software Security
Conversations About Threat Hunting and Software Supply Chain Security
ReversingGlass: SBOMS and threat modeling ReversingGlass: SBOMS and threat modeling
Glassboard conversations with ReversingLabs Field CISO Matt Rose
Software Package Deconstruction: Video Conferencing Software Software Package Deconstruction: Video Conferencing Software
Analyzing Risks To Your Software Supply Chain