RL Blog
black hat conference booth announcement

RL @ Black Hat: Here’s what to expect

ReversingLabs is returning to Las Vegas for the annual Black Hat USA conference. We’ve got a lot in store for the show, and you can find all of the details below.

Read More about RL @ Black Hat: Here’s what to expect
RL @ Black Hat: Here’s what to expect
software supply chain security for dummies paperback

'Software Supply Chain Security for Dummies': 3 takeaways for your team

ReversingLabs' new guide is a great starting point for software builders and buyers who are serious about supply chain security.

Read More about 'Software Supply Chain Security for Dummies': 3 takeaways for your team
'Software Supply Chain Security for Dummies': 3 takeaways for your team
wooden blocks with letters spelling high risk

OSC&R's supply chain risk report: 95% of organizations face severe threat

AppSec risk managers and development teams: Take note of the key takeaways — and expert analysis.

Read More about OSC&R's supply chain risk report: 95% of organizations face severe threat
OSC&R's supply chain risk report: 95% of organizations face severe threat
blurry photo rushing down road

9 SecOps talks you don’t want to miss at Black Hat

SecOps pros are in the hot seat. Here are the top 2024 talks that practitioners and leaders can use to stay up to speed on defending their organizations.

Read More about 9 SecOps talks you don’t want to miss at Black Hat
9 SecOps talks you don’t want to miss at Black Hat
three padlocks holding chain together

Secure by Default: Lock down your development for better AppSec

Secure by Design's cousin can help make software more secure out of the box by adding guardrails to development. Here's how it helps — and its limitations.

Read More about Secure by Default: Lock down your development for better AppSec
Secure by Default: Lock down your development for better AppSec
electric engine

The top AppSec Substacks to follow

Rev up your application security and software supply chain security engines by subscribing to these six practitioner-curated Substacks.

Read More about The top AppSec Substacks to follow
The top AppSec Substacks to follow
solid black cube versus black cube with red specks

How RL Spectra Assure Analyzes Reproducible Builds to Find Compromises

Early detection of software build environment tampering is key. Here's how RL's software supply chain security platform delivers this critical pre-release check.

Read More about How RL Spectra Assure Analyzes Reproducible Builds to Find Compromises
How RL Spectra Assure Analyzes Reproducible Builds to Find Compromises
distressed tired man at computer

AppSec alert fatigue: 4 ways to reduce burnout — and boost security

Tool sprawl is making alert fatigue a major problem for teams responsible for application security. Here are four ways to combat it in your organization.

Read More about AppSec alert fatigue: 4 ways to reduce burnout — and boost security
AppSec alert fatigue: 4 ways to reduce burnout — and boost security
computer insides melting like lava

Malicious NuGet campaign uses homoglyphs and IL weaving to fool devs

Malware authors upped their game, using homoglyphs to impersonate a protected NuGet prefix and IL weaving to inject malicious code, RL researchers found.

Read More about Malicious NuGet campaign uses homoglyphs and IL weaving to fool devs
Malicious NuGet campaign uses homoglyphs and IL weaving to fool devs
upgrade word in dictionary

The state of DevSecOps: Why upgrading your AppSec tooling is essential

Here's what's holding DevSecOps back — and why modernizing your application security tooling is critical in the software supply chain security era.

Read More about The state of DevSecOps: Why upgrading your AppSec tooling is essential
The state of DevSecOps: Why upgrading your AppSec tooling is essential
deep dive the new gartner report

Three Pillars to Strengthen Software Supply Chain Security

In a new report, Gartner® is redefining software supply chain security and calling on enterprises to make some big changes.

Read More about Three Pillars to Strengthen Software Supply Chain Security
Three Pillars to Strengthen Software Supply Chain Security
polyfill supply chain attack

The Polyfill.io vulnerability: Software supply chain attack lessons

The compromise of the widely used Polyfill.io CDN contains important lessons for organizations on trust.

Read More about The Polyfill.io vulnerability: Software supply chain attack lessons
The Polyfill.io vulnerability: Software supply chain attack lessons
team stacking their hands

OASIS Open's push for a software supply chain standard: All together now?

The aim is to build a unifying framework incorporating existing SBOM data models, including CSAF, CycloneDX, OpenVEX, and SPDX. Experts weigh in with key insights.

Read More about OASIS Open's push for a software supply chain standard: All together now?
OASIS Open's push for a software supply chain standard: All together now?
spectra assure community landing page

New Portal Helps Devs Spot Malicious Open Source Packages

RL's Spectra Assure Community offers free comprehensive risk assessment of more than 5 million npm, PyPi, and RubyGems packages.

Read More about New Portal Helps Devs Spot Malicious Open Source Packages
New Portal Helps Devs Spot Malicious Open Source Packages
npm cube ai

Malicious npm package targets AWS users

The history of the package is a lesson in why tracking open source threats is such a challenge — and highlights the value of RL's new Spectra Assure Community.

Read More about Malicious npm package targets AWS users
Malicious npm package targets AWS users
Previous1...212223...58Next

Topics

All Blog PostsAppSec & Supply Chain SecurityDev & DevSecOpsProducts & TechnologySecurity OperationsThreat Research
Why RL Built Spectra Assure Community

Why RL Built Spectra Assure Community

We set out to help dev and AppSec teams secure the village: OSS dependencies, malware, more. Learn how.

Read More about Why RL Built Spectra Assure Community
Why RL Built Spectra Assure Community

Follow us

XX / TwitterLinkedInLinkedInFacebookFacebookInstagramInstagramYouTubeYouTubeblueskyBluesky

Subscribe

Get the best of RL Blog delivered to your in-box weekly. Stay up to date on key trends, analysis and best practices across threat intelligence and software supply chain security.

The inaugural Gartner® Magic Quadrant™ for Software Supply Chain Security is outGET THE REPORT
Skip to main content
Contact UsSupportBlogCommunity
reversinglabsReversingLabs: Home
Solutions
Secure Software OnboardingSecure Build & ReleaseProtect Virtual MachinesIntegrate Safe Open SourceGo Beyond the SBOM
Increase Email Threat ResilienceDetect Malware in File Shares & StorageAdvanced Malware Analysis SuiteICAP Enabled Solutions
Scalable File AnalysisHigh-Fidelity Threat IntelligenceCurated Ransomware FeedAutomate Malware Analysis Workflows
Products & Technology
Spectra Assure®Software Supply Chain SecuritySpectra DetectHigh-Speed, High-Volume, Large File AnalysisSpectra AnalyzeIn-Depth Malware Analysis & Hunting for the SOCSpectra IntelligenceAuthoritative Reputation Data & Intelligence
Spectra CoreIntegrations
Industry
Energy & UtilitiesFinanceHealthcareHigh TechPublic Sector
Partners
Become a PartnerValue-Added PartnersTechnology PartnersMarketplacesOEM Partners
Alliances
Resources
BlogContent LibraryCybersecurity GlossaryConversingLabs PodcastEvents & WebinarsLearning with ReversingLabsWeekly Insights Newsletter
Customer StoriesDemo VideosDocumentationOpenSource YARA Rules
Company
About UsLeadershipCareersSeries B Investment
EventsBlack Hat 2026
Press ReleasesIn the News
Pricing
Software Supply Chain SecurityMalware Analysis and Threat Hunting
Request a demo
Menu

Spectra Assure Free Trial

Get your 14-day free trial of Spectra Assure for Software Supply Chain Security

Get Free TrialMore about Spectra Assure Free Trial
Blog
Events
About Us
Webinars
In the News
Careers
Demo Videos
Cybersecurity Glossary
Contact Us
reversinglabsReversingLabs: Home
Privacy PolicyCookiesImpressum
All rights reserved ReversingLabs © 2026
XX / TwitterLinkedInLinkedInFacebookFacebookInstagramInstagramYouTubeYouTubeblueskyBlueskyRSSRSS
Back to Top