
SolarWinds hack: Did DOJ know 6 months earlier?
The Department of Justice stays on the down-low: Poster child for software supply chain security? The plot thickens...

The Department of Justice stays on the down-low: Poster child for software supply chain security? The plot thickens...

When deploying a SOAR tool, it's essential to automatically enrich alerts and data to give SOC analysts more context. Here's how data can be enriched, and a few examples of how to do so.

Here's why SBOMs are essential for cybersecurity incident response — and how to put them to work.

The stakes were raised at RSA Conference 2023: A “hot” cyber war in Ukraine, software supply chain attacks on the rise — and let's not forget about artificial intelligence.

Here's what experts say about the CISA initiative's potential impact on software supply chain security — and security operations.

In a ConversingLabs conversation, Charlie Jones of ReversingLabs talks about risk with supply chain attacks, and what development teams can do to spot malware lurking in signed code.

Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond.

What’s in a name? Here's how bad actors are pushing malware on the Python Package Index under the guise of legitimate yet abandoned open source modules.

Matt Rose presents at RSAC 2023 on the mismatch between traditional app sec tools like SCA and modern supply chain threats. Here are highlights from his talk.

The surprising story of the hack of VoIP provider 3CX got even crazier this week. Here's what you need to know.

In a new ReversingLabs Software Supply Chain Risk Survey, IT pros say supply chain security poses an “enterprise-wide” risk that traditional app sec tools can't address.

One software supply chain attack caused another, making it a first for the industry. Also: Malware spreads via apps in the Google Play Store.

Software supply chain security is taking center-stage at RSAC 2023. Here are the talks you don't want to miss.

Secrets are increasingly exposed during software development, creating a field-day for malicious actors. Here are key takeaways from our special report series, Secrets Exposed.

The Python Software Foundation is very, very unhappy with the draft Cyber Resilience Act (CRA) and Product Liability Act (PLA).
Get your 14-day free trial of Spectra Assure for Software Supply Chain Security
Get Free TrialMore about Spectra Assure Free Trial