Why you should get out in front of software security requirements
Get out in front of new compliance requirements for a competitive advantage. Here's what your software organization needs to know.
Why you should get out in front of software security requirements
The CircleCI secrets hack: A red flag on software supply chain risk
Security teams should consider software supply chain risk through a new lens after the latest CircleCI incident.
ReversingLabs Threat Analysis and Hunting Solution January 2023 Update: Driving SecOps Forward
Learn how your organization can reduce cyber risks (as well as operational workload and tool costs) while ensuring data and file privacy. Plus, explore how your security team can reduce MTTD and prioritize malicious files for triage.
App sec and the supply chain: Work in tandem with engineers to achieve true software security
Application security is foundational to the software supply chain security ecosystem. But it takes a village. Derek Fisher explains in this fireside chat with Matt Rose.
The Week in Security: When AI attacks, ChatGPT lowers the bar for developing malware
Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond.
ReversingLabs Elastic Threat Infrastructure Update: Integration, Automation for SOC Teams
...
If you don't love me now: JsonWebToken could break the software supply chain (again)
The JsonWebToken library has a flaw that could have lead to remote code execution (RCE).
Danger: Researchers exploit gaps in connected vehicle software supply chain
Researchers compromised source code and development infrastructure for Mercedes-Benz and SiriusXM Connected Vehicle Services, raising security concerns.
After hack, CircleCI tells devs to update secrets now
In this latest attack on software development environments, the CircleCI platform may have exposed secrets used by millions of software developers.
Shift the SOC left: Why you should integrate DevOps with SecOps
The collaboration between SOCs and software development teams is essential to taking on the challenge of software supply chain attacks. Here's why.
How to harden machine learning models against adversarial attacks
As attacks become more sophisticated, it is imperative to harden machine learning (ML) models and reduce the adversary’s ability to evade detection.
The Week in Security: Ransomware attacks close out 2022 with a bang, PyTorch compromise explored
Welcome to 2023’s first edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond.
.webp&w=3840&q=75)
PyTorch supply chain attack: Dependency confusion burns DevOps
A classic dependency confusion attack revealed itself last week.
10 software supply chain attacks you can learn from
Supply chain attacks are surging — and no one is immune. That has CISOs and boards worried. Learn from these notable software supply chain attacks.
The Week in Security: Okta says source code stolen. Also: SentinelSneak: PyPi moduel poses as security SDK
Welcome to the latest edition of The Week in Security, which brings you the latest headlines across the full stack of security: application security; cybersecurity; and beyond.