ReversingLabs

John P. Mello Jr.

Freelance technology writer. John's work has appeared in the The Boston Globe and Boston Herald, as well as CFO, CIO, CSO, and Inc. magazines. He is a former managing editor of the Boston Business Journal and Boston Phoenix, as well as a staff writer for Government Security News.

find John P. Mello Jr. on:

Posts from John P. Mello Jr.

November 26, 2024

OWASP Top 10 for LLM adds risks: Get on target to secure your AI models

OWASP has updated its Top 10 list with key risk areas, and recently added an AppSec tooling guide for AI. Here's what they cover — and what they don't.

November 13, 2024

CISA's secure software deployment push: Key takeaways for AppSec teams

To avoid the next CrowdStrike fiasco, CISA and other agencies recommend embracing safe deployment practices earlier in the SDLC. Here's what you need to know.

old fashioned analog sign saying team building

October 31, 2024

NIST's NICE: 3 ways to adapt the hiring framework for modern threats

NICE is designed to help leaders build better cybersecurity teams. Here's how to put it to work in the software supply chain security era.

October 22, 2024

OWASP's Dependency-Track tool update: Key changes — and limitations

Here's what you need to know about the version 4.12.0 update — and about managing risk from your software, whether it's open source or not.

October 15, 2024

AI and cybersecurity: Modernize your SecOps to tackle today's threats

Here are highlights from Caleb Sima's recent BSides and RVAsec talks — and expert insights on how AI can help deal with today's threats head-on.

three fit men working out with kettlebells

October 2, 2024

The best cybersecurity certifications to level up your skills

With the threat landscape shifting, boosting your market value requires choosing the right certs. Here's what you need to know.

wooden block letters scattered with the word chaos spelled in the center

September 24, 2024

Modernize your chaos engineering with commercial software transparency

By leveraging modern supply chain security, you can develop better chaos engineering with deeper visibility into all software. Here are key considerations.

September 17, 2024

Go beyond the checkbox: How software bills of materials can manage risk

SBOMs are a good start — but modern software supply chain security tooling is needed to make them effective, experts say.

September 5, 2024

Supply chain risk makes software stack visibility essential

IT GRC Forum expert panel: Get back to basics and put your SBOMs to work for better software security. Here are key takeaways.