Blog | ReversingLabs | John P. Mello Jr.

July 25, 2024

OSC&R report: 95% of organizations face severe software supply chain risk

The report's revelations are important for AppSec risk managers and development teams alike. Here are the key takeaways — and expert analysis.

July 23, 2024

Secure by Default: Lock down your development for better AppSec

Secure by Design's cousin can help make software more secure out of the box by adding guardrails to development. Here's how it helps — and its limitation

June 27, 2024

OASIS Open's push for a software supply chain standard: All together now?

The aim is to build a unifying framework for existing SBOM data models, including CSAF, CycloneDX, OpenVEX, and SPDX. Experts weigh in with key insights.

June 25, 2024

How platform engineering helps you get a good start on Secure by Design

Self-service portals for developers can help organizations overcome challenges to getting off and running with CISA's software security initiative.

June 12, 2024

Why malware matters most: 6 ways to foil software threats faster

Making malware enemy No. 1 should be a top priority for AppSec teams. Here's why you need to shift your team's focus from vulnerabilities to malware.

June 4, 2024

9 best practices for leveraging threat intelligence in your security operations

Cyber Threat Intelligence (CTI) can bolster your SecOps with actionable info — if you choose wisely. Here's how to get started, and what you need to know.

May 30, 2024

NSA's zero-trust maturity for AppSec: What you need to know

The new initiative aims to help teams secure application access — and ensure continuous visibility of its workload. Experts weigh in with key insights.

May 28, 2024

The state of AppSec: Are we getting ahead of attackers — or falling behind?

Is application security advancing fast enough to keep up with the threat posed by the rise of software supply chain attacks? SMEs weigh in with insights.

May 21, 2024

Will CISA's Secure by Design pledge be a catalyst for better software security?

The push to take the pledge depends on peer pressure. With support from more than 60 companies, however, CISA hopes the industry will follow the leaders.

May 16, 2024

When it comes to threat modeling, not all threats are created equal

With inherent threats, which are core to the system being modeled, protective measures cannot be perfect or complete. Here's how to best manage that.

May 8, 2024

CI/CD pipelines and the cloud: Are your development secrets at risk?

Combined with cloud service providers' CLIs, continuous delivery/continuous integration can pose a threat. Here's why — and how to keep a lid on secrets.

April 18, 2024

OWASP looks to future-proof SBOMs with CycloneDX 1.6

The foundation is upgrading the standard for the quantum era, adding ML-readable attestation and more. Here's how it boosts software supply chain security.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Partners

Alliances

Resources

Company

Events

Press

John P. Mello Jr.

Recent Posts from John P. Mello Jr.

OSC&R report: 95% of organizations face severe software supply chain risk

Secure by Default: Lock down your development for better AppSec

OASIS Open's push for a software supply chain standard: All together now?

How platform engineering helps you get a good start on Secure by Design

Why malware matters most: 6 ways to foil software threats faster

9 best practices for leveraging threat intelligence in your security operations

NSA's zero-trust maturity for AppSec: What you need to know

The state of AppSec: Are we getting ahead of attackers — or falling behind?

Will CISA's Secure by Design pledge be a catalyst for better software security?

When it comes to threat modeling, not all threats are created equal

CI/CD pipelines and the cloud: Are your development secrets at risk?

OWASP looks to future-proof SBOMs with CycloneDX 1.6

Topics

Special Reports

The State of Software Supply Chain Security 2024

Upcoming Webinars

ConversingLabs

John P. Mello Jr.

Recent Posts from John P. Mello Jr.

Topics

Follow us

Subscribe

Special Reports