Blog | ReversingLabs | AppSec & Supply Chain Security (11)

AppSec & Supply Chain Security (11)

February 5, 2024

CISO accountability in the era of software supply chain attacks

CISOs need to be treated (and be treated by others) like CFOs. Here's what they need to know — and how they can seize the day and prioritize security.

February 1, 2024

Lessons from the Mercedes-Benz GitHub source code leak

Here's what we know about the automaker's latest secrets breach — and lessons your security team can draw from it.

January 30, 2024

HPE, Microsoft breach disclosures mark new era of CISO accountability

New revelations show Russia’s SVR has stepped up cyber-espionage. They also spotlight how public companies are on the hook with the SEC’s disclosure laws.

January 17, 2024

GitHub Actions hack bolsters case for complex binary analysis

Here are key takeaways from the research — and why you need to evolve your application security approach with binary analysis and reproducible builds.

January 16, 2024

Key takeaways from the 2024 State of SSCS Report

ReversingLabs has released its annual report covering the state of software supply chain security. Learn top trends and get unique insights.

January 16, 2024

SSCS attacks: A (partial) history

A list of known (documented, reported) attacks involving compromises of software supply chains (from latest to oldest).

January 11, 2024

Evolution of AppSec: 4 requirements for the software supply chain security era

AppSec must make a giant leap forward to modern practices and tooling in order to tackle the new era of software supply chain attacks. Here are four steps.

January 9, 2024

Zoom joins the vulnerability fray: Will VISS move the needle on AppSec?

Here's what you need to know about Zoom's Vulnerability Impact Scoring System, how it compares to EPSS — and how it can advance your application security.

January 4, 2024

A definitive guide: Federal software supply chain security initiatives

The federal government added important new guidance in 2023. Get up to speed — and see our interactive timeline of attacks — to stay ahead in 2024.

January 3, 2024

The state of container security: 5 key steps to locking down your releases

Here are best practices — and recommendations for tooling — to modernize your software supply chain security approach.

January 2, 2024

Key reasons third-party cyber risk management programs fail

Here's why organizations are struggling with TPCRM — and how to develop an effective program.

January 1, 2024

Software supply chain security risks addressed in new Gartner® report

A new Gartner report provide guidance for organizations aiming to mitigate software supply chain risks, including a call for automated analysis of malware.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Industry

Partners

Alliances

Resources

Company

Events

Press

AppSec & Supply Chain Security (11)

CISO accountability in the era of software supply chain attacks

Lessons from the Mercedes-Benz GitHub source code leak

HPE, Microsoft breach disclosures mark new era of CISO accountability

GitHub Actions hack bolsters case for complex binary analysis

Key takeaways from the 2024 State of SSCS Report

SSCS attacks: A (partial) history

Evolution of AppSec: 4 requirements for the software supply chain security era

Zoom joins the vulnerability fray: Will VISS move the needle on AppSec?

A definitive guide: Federal software supply chain security initiatives

The state of container security: 5 key steps to locking down your releases

Key reasons third-party cyber risk management programs fail

Software supply chain security risks addressed in new Gartner® report

Topics

Special Reports

The 2025 Software Supply Chain Security Report

Upcoming Webinars

ConversingLabs

AppSec & Supply Chain Security (11)

Topics

Follow us

Subscribe

Special Reports