ReversingLabs Blog

Paul Roberts

Paul Roberts

Cyber Content Lead at ReversingLabs. Paul is a reporter, editor and industry analyst with 20 years’ experience covering the cyber security space. He is the founder and editor in chief at The Security Ledger, a cybersecurity news website. His writing about cyber security has appeared in publications including Forbes, The Christian Science Monitor, MIT Technology Review, The Economist Intelligence Unit, CIO Magazine, ZDNet and Fortune Small Business. He has appeared on NPR’s Marketplace Tech Report, KPCC AirTalk, Fox News Tech Take, Al Jazeera and The Oprah Show. You can find Paul online on Twitter (@paulfroberts and on LinkedIn).

Recent Posts from Paul Roberts

November 16, 2023

Protestware taps npm to call out wars in Ukraine, Gaza

ReversingLabs researchers have discovered npm packages that hide scripts broadcasting messages of peace related to the conflicts in Ukraine and in Israel and the Gaza Strip.
September 20, 2023

The art of security chaos engineering

What if dev and app sec teams showed the same nimbleness and ruthless efficiency as cybercriminals? Fastly's Kelly Shortridge explains why it's essential.
August 15, 2023

6 things you may have missed at Hacker Summer Camp

Black Hat, DEF CON, and BSides (Hacker Summer Camp) is known for being information-overload for cybersecurity leaders and practitioners. Here are the sessions that stand out.
August 7, 2023

8 Black Hat sessions you don’t want to miss

Black Hat USA is a showcase for top security experts and companies. Here's our short list of must-see sessions for 2023.
July 27, 2023

More malicious npm packages found in wake of JumpCloud supply chain hack

ReversingLabs researchers uncovered evidence of more malicious npm packages beyond those already disclosed — and conclude that the attack is still active.
July 17, 2023

Federal CI/CD security guidance: Been there, done that

CISA and NSA issued security guidance on continuous integration/continuous delivery environments — but missed an opportunity to escalate the conversation.
June 15, 2023

CISA SBOM-a-rama tackles challenges: 5 key takeaways

The challenges — and also the promise — of software bills of materials were on display Wednesday as CISA hosted SBOM-a-rama. Here are five key takeaways.
June 12, 2023

Self-attestation: What software teams need to know

Software vendors who do business with the federal government now have to prove they are practicing basic supply chain security. Here are the requirements.
May 25, 2023

Q&A with ReversingLabs COO Peter Doggart: With software supply chain security, 'your brand is at stake'

The new Chief Operating Officer at ReversingLabs, Peter Doggart, talks about the challenge of securing software supply chains — and the promise ReversingLabs offers.
May 23, 2023

Red teaming a country: Lessons learned from Sakura Samurai's Indian government hack investigation

John Jackson and his Sakura Samurai crew took India up on an invitation to test the security of government websites and apps. Here are the lessons learned.
May 10, 2023

What’s behind SBOM skepticism? One word: Fear

In this ConversingLabs talk, Josh Corman, founder of I Am The Cavalry, explains what’s behind industry skepticism around software bills of materials.
May 1, 2023

RSAC in review: Supply chain security, cyber war and AI

The stakes were raised at RSAC 2023: A “hot” cyber war in Ukraine, supply chain attacks on the rise — and let's not forget about artificial intelligence.


Get our blog delivered to your in-box weekly to stay up to date on key trends, analysis and best practices across threat intelligence and software supply chain security.

ConversingLabs: The State of Open Source Software Security ConversingLabs: The State of Open Source Software Security
Conversations About Threat Hunting and Software Supply Chain Security
ReversingGlass: SBOMS and threat modeling ReversingGlass: SBOMS and threat modeling
Glassboard conversations with ReversingLabs Field CISO Matt Rose
Software Package Deconstruction: Video Conferencing Software Software Package Deconstruction: Video Conferencing Software
Analyzing Risks To Your Software Supply Chain