When using AI tools including GitHub Copilot, your security team must be aware of — and protect against — certain risks. Here are the top considerations.
Read More about Secure your AI development tools: 4 key questions to ask
Here's what development and application security teams need to know about using attack trees in combination with threat modeling to lock down their software.
Read More about Lessons in threat modeling: How attack trees can deliver AppSec by design
The U.S., U.K., Canada and eight partner countries have disrupted the LockBit ransomware group. Here are the key takeaways, along with expert insights. Carolynn van Arsdale
Read More about Operation Cronos and the LockBit takedown: What we know
Learn why cybersecurity hero culture is a problem — and how companies can avoid its negative effects and develop more resilient security operations.
Read More about 4 ways hero culture is killing your security program's effectiveness
RL discovered two malicious packages and a subsequent larger campaign, showing that the approach is an emerging software supply chain attack method.
Read More about Attackers leverage PyPI to sideload malicious DLLs
"The Growing Complexity of Securing the Software Supply Chain" report highlights key challenges for application security teams. Here's what you need to know.
Read More about 5 key takeaways from ESG's software supply chain complexity report
2023 was a big year for software security. Here are the key lessons from last year's major attacks to learn from.
Read More about 5 notable supply chain compromises
Let’s band together for the love of security
Read More about Meet the New RL Partner Program
Do you trust your AppSec? Upgrade your approach with binary analysis — the next generation of tooling for the era of software supply chain security.
Read More about Upgrade your AppSec for a new era
Drive down both mean time to detect and mean time to respond in your SOC.
Read More about Increase Your SIEM and SOAR ROI with ReversingLabs
Unveiling the Hidden Threats: Enhancing Email Security with Object-Level Analysis
Read More about How to Stop Phishing Attacks Being Missed
With the rise in attacks, U.S. agencies have been busy crafting policy to tackle the problem. Here are the major initiatives and mandates that matter.
Read More about Definitive timeline: Federal guidance on software supply chain security
This latest incident underscores the continuing risks to organizations posed by both third-party software and leaks of development secrets.
Read More about The Cloudflare source code breach: Lessons learned
CISOs today need to act and be treated more like CFOs. Here's what they need to know — and why they should seize the day and prioritize security.
Read More about CISO accountability in the era of software supply chain attacks
Here's what we know about the automaker's latest secrets breach — and lessons your security team can draw from it.
Read More about Lessons from the Mercedes-Benz GitHub source code leak