Blog | ReversingLabs | John P. Mello Jr. (2)

April 16, 2024

OWASP's LLM AI Security & Governance Checklist: 13 action items for your team

The new checklist is organized into 13 areas of analysis. Here's what your security team needs to know about the most important points from each.

April 10, 2024

The state of secrets security: 7 action items for better managing risk

The Circle CI breach made secrets security front of mind. Now AI and low-code are introducing more risk. Here are key takeaways for managing secrets risk.

March 21, 2024

Memory-safe languages and security by design: Key insights, lessons learned

Memory safety is one of the most stubborn and dangerous software weaknesses. Here are key insights and takeaways from a new Google report on the issue.

March 13, 2024

Gartner outlines top cybersecurity trends — and (spoiler alert) AI is No. 1

Here's a rundown of the top cybersecurity trends of this year — and what your team needs to know about them. AI, for one, has pros and cons for security.

March 6, 2024

NIST CSF 2.0: Better risk management for the new era of supply chain security

NIST's Cybersecurity Framework 2.0 has been released, complete with a new focus on software supply chain security. Here are key takeaways for your team.

March 5, 2024

NIST updates supply chain guidance: 3 ways to pump up your CI/CD security

The National Institute of Standards and Technology has beefed up its guidelines for securing CI/CD environments. Are you ready to bulk up your program?

February 29, 2024

All SBOMs are not created equal: What's required for them to be effective

Here are key challenges with SBOMs, how tools affect their usefulness — and what it will take to make them effective at software supply chain security.

February 27, 2024

Lessons in threat modeling: How attack trees can deliver AppSec by design

Here's what development and application security teams need to know about using attack trees in tandem with threat modeling to lock down their software.

February 15, 2024

Complexity and software supply chain security: 5 key survey takeaways

A new report from Enterprise Strategy Group highlights key challenges stemming from the complexity of modern software development. Here are key takeaways.

February 14, 2024

5 software supply chain attacks you can learn from

2023 was a big year for software security. Here are the key takeaways from last year's major attacks that will help you get out in front of risk in 2024.

February 8, 2024

OWASP Top 10 for LLM 2.0: 3 key AppSec focus areas emerge

A survey of practitioners drove key areas of focus for the vulnerability list for AI models: data privacy, safety and bias, and mapping of vulnerabilities.

January 9, 2024

Zoom joins the vulnerability fray: Will VISS move the needle on AppSec?

Here's what you need to know about Zoom's Vulnerability Impact Scoring System, how it compares to EPSS — and how it can advance your application security.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Partners

Alliances

Resources

Company

Events

Press

OWASP's LLM AI Security & Governance Checklist: 13 action items for your team

The state of secrets security: 7 action items for better managing risk

Memory-safe languages and security by design: Key insights, lessons learned

Gartner outlines top cybersecurity trends — and (spoiler alert) AI is No. 1

NIST CSF 2.0: Better risk management for the new era of supply chain security

NIST updates supply chain guidance: 3 ways to pump up your CI/CD security

All SBOMs are not created equal: What's required for them to be effective

Lessons in threat modeling: How attack trees can deliver AppSec by design

Complexity and software supply chain security: 5 key survey takeaways

5 software supply chain attacks you can learn from

OWASP Top 10 for LLM 2.0: 3 key AppSec focus areas emerge

Zoom joins the vulnerability fray: Will VISS move the needle on AppSec?

Topics

Special Reports

The State of Software Supply Chain Security 2024

Upcoming Webinars

ConversingLabs

Topics

Follow us

Subscribe

Special Reports