Blog | ReversingLabs (13)

June 26, 2024

Malicious npm package targets AWS users

The package's history is a lesson in why tracking open source threats is such a challenge — and highlights the value of RL's new Spectra Assure Community.

June 26, 2024

New Portal Helps Devs Spot Malicious Open Source Packages

RL's Spectra Assure Community offers free comprehensive risk assessment of more than 5 million npm, PyPi, and RubyGems packages.

June 25, 2024

How platform engineering helps you get a good start on Secure by Design

Self-service portals for developers can help organizations overcome challenges to getting off and running with CISA's software security initiative.

June 25, 2024

The Power of Complex Binary Analysis

RL Spectra Assure’s complex binary static analysis delivers critical visibility into software to flag malware and threats, closing the supply chain security gap.

June 20, 2024

How to secure mergers & acquisitions from software supply chain attacks

When engaging in M&A, acquiring firms often inherit a software stack that presents security concerns. Here’s how you can effectively manage these risks.

June 18, 2024

Top cybersecurity Substacks to follow

Get up to speed on the state of security operations and related cybersecurity practices by subscribing to these 10 expert-curated Substacks.

June 12, 2024

Why malware matters most: 6 ways to foil software threats faster

Making malware enemy No. 1 should be a top priority for AppSec teams. Here's why you need to shift your team's focus from vulnerabilities to malware.

June 11, 2024

Verizon DBIR 2024: The rise in software supply chain attacks explained

Verizon's DBIR marked a dramatic shift in threats. Learn about it from Verizon — and how to get ahead of software supply chain risk — in the Webinar.

June 10, 2024

How to assess and manage commercial software risk

Major attacks show that commercial software is the principal attack surface. Here’s why – and how your team can mitigate its risks.

June 6, 2024

Listen up: 10 cybersecurity podcasts you can learn from

Get up to speed on all things cybersecurity by subscribing to these knowledge-dropping podcasts. You're welcome.

June 5, 2024

Python downloader highlights noise problem in open source threat detection

RL discovered what appeared to be a malicious downloader on PyPI. It turned out to be red teaming — but highlights a growing problem for threat detection.

June 4, 2024

9 best practices for leveraging threat intelligence in your security operations

Cyber Threat Intelligence (CTI) can bolster your SecOps with actionable info — if you choose wisely. Here's how to get started, and what you need to know.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Industry

Partners

Alliances

Resources

Company

Events

Press

Malicious npm package targets AWS users

New Portal Helps Devs Spot Malicious Open Source Packages

How platform engineering helps you get a good start on Secure by Design

The Power of Complex Binary Analysis

How to secure mergers & acquisitions from software supply chain attacks

Top cybersecurity Substacks to follow

Why malware matters most: 6 ways to foil software threats faster

Verizon DBIR 2024: The rise in software supply chain attacks explained

How to assess and manage commercial software risk

Listen up: 10 cybersecurity podcasts you can learn from

Python downloader highlights noise problem in open source threat detection

9 best practices for leveraging threat intelligence in your security operations

Topics

Special Reports

The 2025 Software Supply Chain Security Report

Upcoming Webinars

ConversingLabs

Topics

Follow us

Subscribe

Special Reports