RL Blog
Modern tooling is required

Why 'security as by-product’ can't replace controls

Built-in security can play a role — and fits with the Secure by Design concept — but robust security controls remain essential.

Read More about Why 'security as by-product’ can't replace controls
Why 'security as by-product’ can't replace controls
Attack surface expanding risk

ASM and the attack surface: 10 key risk factors

Attack surface management (ASM) isn’t just another buzzword. It represents a fundamental shift in security strategy with risk on the rise.

Read More about ASM and the attack surface: 10 key risk factors
ASM and the attack surface: 10 key risk factors
Command Zero and RL

Command Zero & RL: Accelerating SOC Defense

Discover how Command Zero and ReversingLabs integrate to speed SOC investigations, cut false positives, and deliver high‑fidelity cyber intelligence.

Read More about Command Zero & RL: Accelerating SOC Defense
Command Zero & RL: Accelerating SOC Defense
Postmark MCP attack

The Postmark MCP server attack: 5 key takeaways

A malicious Model Context Protocol package was found in the wild last week. Here are lessons from the compromise of the AI interface tool.

Read More about The Postmark MCP server attack: 5 key takeaways
The Postmark MCP server attack: 5 key takeaways
RL-Spectra-Analyze-In-Action.jpg

Hunting SharpHounds with Spectra Analyze

ReversingLabs’ Advanced Search is a powerful feature that can gather related samples for threat hunting in your environment. Here's how.

Read More about Hunting SharpHounds with Spectra Analyze
Hunting SharpHounds with Spectra Analyze
Open source flatform security

The call for funding of open-source platforms

Funding of the OSS ecosystem has reached a crisis as threat actors increasingly target weaknesses in infrastructure.

Read More about The call for funding of open-source platforms
The call for funding of open-source platforms
FAQ: Shai hulud explained

FAQ: The Shai-hulud npm worm attack explained

Here's what you need to know about the discovery of the first self-replicating npm worm, which compromised packages with cloud token-stealing malware.

Read More about FAQ: The Shai-hulud npm worm attack explained
FAQ: The Shai-hulud npm worm attack explained
Vulnerability management race

CVE-Genie raises stakes in the vulnerability race

While security defenders welcomed the new vulnerability-validation tool, others stress it can be just as useful for would-be attackers.

Read More about CVE-Genie raises stakes in the vulnerability race
CVE-Genie raises stakes in the vulnerability race
Shai-hulud worm DevOps

Shai-hulud attack: Don’t let worms eat DevOps

As the development community chalks up the npm worm as just another bad day, bigger questions remain about the software supply chain ecosystem.  

Read More about Shai-hulud attack: Don’t let worms eat DevOps
Shai-hulud attack: Don’t let worms eat DevOps
Deadlines and code security

Deadlines vs. secure code: How AppSec can cope

AI coding and other modern development practices mean flawed code will continue to ship. Here are key recommendations for managing software risk.

Read More about Deadlines vs. secure code: How AppSec can cope
Deadlines vs. secure code: How AppSec can cope
Checkbox security SBOM

CISA’s SBOM standards: Beyond checkbox security

The new guidance would raise the bar for software vendors, who will need to ensure the SBOMs they generate are more detailed and machine-readable.

Read More about CISA’s SBOM standards: Beyond checkbox security
CISA’s SBOM standards: Beyond checkbox security
Train your AI coding tools

How AI coding can learn to do secure software

If you train ML models, they can learn to write more secure code. But the quality of the training data is only as good as your AppSec tooling.

Read More about How AI coding can learn to do secure software
How AI coding can learn to do secure software
AICM trustworthy AI threat categories

Trustworthy AI is key: 9 key threat categories

CSA’s AI Controls Matrix can help development and AppSec teams distill priorities for securing the AI software supply chain.

Read More about Trustworthy AI is key: 9 key threat categories
Trustworthy AI is key: 9 key threat categories
Onboarding software CISA

CISA tool aims to boost security for software onboarding

The new procurement tool seeks to strengthen third-party software risk management (TPSRM). But the process is manual and cumbersome.

Read More about CISA tool aims to boost security for software onboarding
CISA tool aims to boost security for software onboarding
ActiveState-and-ReversingLabs-Blog-cover

ActiveState and RL: Unlocking Software Supply Chain Security

Learn how ActiveState and ReversingLabs integration automates secure component sourcing, secure software releases, remediation guidance, and policy enforcement.

Read More about ActiveState and RL: Unlocking Software Supply Chain Security
ActiveState and RL: Unlocking Software Supply Chain Security
Previous1...8910...57Next

Topics

All Blog PostsAppSec & Supply Chain SecurityDev & DevSecOpsProducts & TechnologySecurity OperationsThreat Research
Mario Vuksan

Gartner® Named RL a Software Supply Chain Security Visionary. Here’s What We See Coming

The first Magic Quadrant™ for Software Supply Chain Security comes as the demand for greater supply chain visibility explodes.

Read More about Gartner® Named RL a Software Supply Chain Security Visionary. Here’s What We See Coming
Gartner® Named RL a Software Supply Chain Security Visionary. Here’s What We See Coming

Follow us

XX / TwitterLinkedInLinkedInFacebookFacebookInstagramInstagramYouTubeYouTubeblueskyBluesky

Subscribe

Get the best of RL Blog delivered to your in-box weekly. Stay up to date on key trends, analysis and best practices across threat intelligence and software supply chain security.

The inaugural Gartner® Magic Quadrant™ for Software Supply Chain Security is outWe're A Visionary
Skip to main content
Contact UsSupportBlogCommunity
reversinglabsReversingLabs: Home
Solutions
Secure Software OnboardingSecure Build & ReleaseProtect Virtual MachinesIntegrate Safe Open SourceGo Beyond the SBOM
Increase Email Threat ResilienceDetect Malware in File Shares & StorageAdvanced Malware Analysis SuiteICAP Enabled Solutions
Scalable File AnalysisHigh-Fidelity Threat IntelligenceCurated Ransomware FeedAutomate Malware Analysis Workflows
Products & Technology
Spectra Assure®Software Supply Chain SecuritySpectra DetectHigh-Speed, High-Volume, Large File AnalysisSpectra AnalyzeIn-Depth Malware Analysis & Hunting for the SOCSpectra IntelligenceAuthoritative Reputation Data & Intelligence
Spectra CoreIntegrations
Industry
Energy & UtilitiesFinanceHealthcareHigh TechPublic Sector
Partners
Become a PartnerValue-Added PartnersTechnology PartnersMarketplacesOEM Partners
Alliances
Resources
BlogContent LibraryCybersecurity GlossaryConversingLabs PodcastEvents & WebinarsLearning with ReversingLabsWeekly Insights Newsletter
Customer StoriesDemo VideosDocumentationOpenSource YARA Rules
Company
About UsLeadershipCareersSeries B Investment
Events
Press ReleasesIn the News
Pricing
Software Supply Chain SecurityMalware Analysis and Threat Hunting
Request a demo
Menu

Spectra Assure Free Trial

Get your 14-day free trial of Spectra Assure for Software Supply Chain Security

Get Free TrialMore about Spectra Assure Free Trial
Blog
Events
About Us
Webinars
In the News
Careers
Demo Videos
Cybersecurity Glossary
Contact Us
reversinglabsReversingLabs: Home
Privacy PolicyCookiesImpressum
All rights reserved ReversingLabs © 2026
XX / TwitterLinkedInLinkedInFacebookFacebookInstagramInstagramYouTubeYouTubeblueskyBlueskyRSSRSS
Back to Top