Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond.
ReversingLabs Field CISO Matt Rose explains the difference between application security hacks and software supply chain hacks.
Compiled-code behavior analysis beats old-skool app sec tools.
ConversingLabs caught up with Chris Romeo of Kerr Ventures at RSA Conference 2023 to talk about the state of application security. Watch (or listen) — and learn.
Nvidia's tool is among the first to promise to manage the risk from generative AI. Here's what it can do — and an analysis of the scope of risk from AI.
In a recent survey, 300 IT and software pros were asked about the state of software supply chain security. Here are takeaways from a webinar discussion.
John Jackson and his Sakura Samurai crew took India up on an invitation to test the security of government websites and apps. Here are the lessons learned.
The Python repo was flooded with malicious typo-squatting packages. Weekend warriors quit defense and hit pause.
The cost of attacks on software supply chains could exceed $80.6B by 2026, a 76% increase over the $45.8B expected in 2023, a market research firm finds.
Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond.
Stolen keys allow bootkits to avoid Intel’s “Guard” features. And there’s no way to revoke them.
The path to success for SBOMs faces many hurdles. Here are key factors that threaten your investments.
...
In this ConversingLabs Cafe interview, Josh Corman, founder of I Am The Cavalry, talks about what’s behind industry skepticism around SBOMs.
OpenSSF's updated framework is an essential tool for dev teams, but experts say it's incomplete as a supply chain security solution