What’s in your commercial software?
RL’s Saša Zdjelar joined 'The Cyber Ranch Podcast' to discuss why organizations need to better scrutinize the software they use. Here are the key takeaways.
What’s in your commercial software?
Fake recruiter coding tests target devs with malicious Python packages
RL found the VMConnect campaign continuing with malicious actors posing as recruiters, using packages and the names of financial firms to lure developers.
Supply chain risk makes software stack visibility essential
IT GRC Forum expert panel: Get back to basics and put your SBOMs to work for better software security. Here are key takeaways.
Coordinate Your Software Supply Chain Security With Shareable Spectra Assure SAFE Reports
The ReversingLabs Spectra Assure SAFE Report brings readily digestible visibility to software supply chain threats and collaboration for effective risk management.
Secure by Demand: Going Beyond Questionnaires & Software Bills of Materials
Enterprise buyers need direct, verifiable evidence of software security. Here's why your organization needs to trust, but verify.
EPSS and vulnerability management: New scoring system shows promise
The Exploit Prediction Scoring System performs better than CISA's KEV and CVSS scores for vulnerabilities in the wild — but combining all three works best.
Do cybersecurity certifications still deliver? Experts share 6 key insights
With AI and the shift from the perimeter to the software supply chain as a primary attack vector, are certifications still relevant? Here's what top experts say.
With quantum coming, NIST readies new software supply chain protection
The Post Quantum Cryptography program aims to bolster key components such as public-key algorithms. Here's a full rundown.
Think Log4j is a wrap? Think again.
Here's what you need to know about why the Log4j flaw, Log4Shell, remains a threat — and how to protect your organization with a modern software security approach.
Cybersecurity's workforce woes are a myth: 5 ways to rethink recruiting
Leaders say a cybersecurity talent shortage is a myth — instead, it's a plain old hiring and training gap. And the industry is making the problem worse.
5 SecOps automation challenges — and how to overcome them
Here are the key trends driving SecOps automation, its numerous benefits — and the main challenges organizations face when automating their SOC.
Hacker Summer Camp: Reboot needed to tackle software supply chain threats
Leaders from the private sector and government called for a rethink of outdated security tools and practices in an age of API-driven services and AI.
.webp&w=3840&q=75)
Secure by Demand: Key takeaways for enterprise software buyers
CISA has released an add-on to its supply chain security initiative Secure by Design, with a focus on commercial software. Here’s what you need to know.
RL Spectra Advanced File Analysis and Malware Detection Suite Updates
Announcing ReversingLabs Spectra Analyze version 9.1 and Spectra Detect version 5.1
Software complexity is a real problem — and your AppSec must factor that in
Software complexity causes many challenges. Here are the key problem areas — and how to overcome the hurdles with a modern supply chain security approach.