Blog | ReversingLabs | AppSec & Supply Chain Security

AppSec & Supply Chain Security

May 14, 2025

MCP is a powerful new AI coding technology: Understand the risks

Model Context Protocol makes agentic AI development easier by connecting data sources — but the risks are very real. Here's what you need to know.

May 14, 2025

5 reasons you need an SaaSBOM

Here's why your organization should consider using SaaSBOMs, key challenges — and how to put CycloneDX's xBOM standard into action.

May 8, 2025

Indirect prompt injection attacks target common LLM data sources

Malicious instructions buried in sources such as documents can poison ML models. Here's how it works — and how to protect your AI systems.

May 7, 2025

SaaS risk is on the rise: 7 action items for better management

The rapid rise of SaaS apps has spawned new risks. One new hopeful stands out: The SaaSBOM. Here are key steps that help rein them in.

May 6, 2025

MIT researchers tame AI code with new controls

The sequential Monte Carlo method guides LLMs to produce code that plays by basic programming rules. Here's what you need to know.

May 1, 2025

Mobile and third-party risk: How legacy testing leaves you exposed

Without modern application security tooling, including binary analysis, the third-party risk management puzzle is incomplete.

April 30, 2025

Secrets leaks increase — and expand beyond the codebase

Leaks from GitHub and other repos are up, but collaboration tools such as Slack and Jira are now a major threat — and a serious blind spot.

April 29, 2025

Rise of the xBOM: The new go-to tool for software security

CycloneDX 1.6's ML-BOM, SaaSBOM, and CBOM are non-negotiable visibility requirements in the software supply chain security era.

April 24, 2025

Verizon 2025 DBIR: Third-party software risk takes the spotlight

The latest Data Breach Investigations Report (DBIR) marks the shift seen more broadly — to third-party risk. Here’s what you need to know.

April 23, 2025

Changes to CVE program are a call to action on your AppSec strategy

The CVE's challenges mean it's time to get off the vulnerability hamster wheel and modernize your risk program.

April 17, 2025

NIST's adversarial ML guidance: 6 action items for your security team

ML attack mitigation is a moving target. Here’s what to focus on now — and why traditional tooling like SAST and SCA is not up to the job.

April 16, 2025

The cybersecurity job market is complicated: 3 key insights

While the state of cyber careers is confusing, key trends are driving companies to think bigger picture — and outside of traditional roles.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Industry

Partners

Alliances

Resources

Company

Events

Press

AppSec & Supply Chain Security

MCP is a powerful new AI coding technology: Understand the risks

5 reasons you need an SaaSBOM

Indirect prompt injection attacks target common LLM data sources

SaaS risk is on the rise: 7 action items for better management

MIT researchers tame AI code with new controls

Mobile and third-party risk: How legacy testing leaves you exposed

Secrets leaks increase — and expand beyond the codebase

Rise of the xBOM: The new go-to tool for software security

Verizon 2025 DBIR: Third-party software risk takes the spotlight

Changes to CVE program are a call to action on your AppSec strategy

NIST's adversarial ML guidance: 6 action items for your security team

The cybersecurity job market is complicated: 3 key insights

Topics

Special Reports

The 2025 Software Supply Chain Security Report

Upcoming Webinars

ConversingLabs

AppSec & Supply Chain Security

Topics

Follow us

Subscribe

Special Reports