ConversingLabs highlights: RSA Conference spotlights software supply chain, critical infrastructure risk

The RSA Conference brings some of the brightest minds in information security together in one place.

How to build trust in a zero-trust environment: Security leaders share insights

5 CI/CD breaches analyzed: Why you need to update your software security

Omer Gil and Daniel Krivelevich outlined the top CI/CD security risks at RSA Conference 2022. Here's what your software security team needs to know.

Survey finds software supply chain security top of mind for dev teams — but tampering detection lags

A survey of more than 300 technology professionals found widespread concern about supply chain attacks, but only sporadic efforts to detect such attacks.

Taking the quiz: Are you up to speed on supply chain risk?

ReversingLabs delivered a game-show style review of its survey on software supply chain security at RSA Conference. Here are the questions and answers.

MITRE’s System of Trust: A standard for software supply chain security

MITRE’s System of Trust framework is aiming to standardize how software supply chain security is assessed. MITRE's Robert Martin explains.

What’s hot at #RSAC? Our picks for the big security show

It's two years in, and COVID is still threatening to steal RSA Conference's mojo. But for those willing to brave Moscone in San Francisco (and those attending virtually), you won’t be disappointed. Here are our picks for must-see talks.

Go below the surface on tampering: The trouble with software integrity validation

The growing number of software supply chain attacks is putting pressure on validation of software integrity and authenticity.

It’s not a secret if you publish it on PyPI

Python packages can contain sensitive information. Here's how software development teams can keep secrets secret

Coinminer and npm: What you see is not always what you get

Package repository content can be different from source code repository content. Here's what your software team needs to know.

Software supply chain risk demands our attention

Software supply chain attacks are a top concern. But tools for monitoring and stopping them lags. Meet ReversingLabs' new platform: secure.software.

Pandemic paradigm shift: CISOs say remote workforce a game-changer, leading to burnout

Chief Information Security Officers from energy, finance, and retail sectors reflect on new security challenges–and CISO burnout.

From the Labs: YARA Rule for Detecting Malware Wipers

ReversingLabs’ team of threat analysts have released new YARA detection rules for malware wipers discovered targeting Ukraine. We break them down for you here.

Happy anniversary? An assessment of the Cybersecurity EO one year on

One year ago today, the White House released an executive order regarding improving the nation’s cybersecurity (a.k.a. EO 14028). Here's where things stand.

Update: NPM dependency confusion hacks target German firms

Research by ReversingLabs suggests that dependency confusion attacks on npm repositories have been used to compromise German firms - exposing an apparent red team exercise.