Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond.
Stolen keys allow bootkits to avoid Intel’s “Guard” features. And there’s no way to revoke them.
The path to success for SBOMs faces many hurdles. Here are key factors that threaten your investments.
...
In this ConversingLabs Cafe interview, Josh Corman, founder of I Am The Cavalry, talks about what’s behind industry skepticism around SBOMs.
OpenSSF's updated framework is an essential tool for dev teams, but experts say it's incomplete as a supply chain security solution
Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond.
The Department of Justice stays on the down-low: Poster child for software supply chain security? The plot thickens...
Here's why SBOMs are essential for cybersecurity incident response — and how to put them to work.
The stakes were raised at RSA Conference 2023: A “hot” cyber war in Ukraine, software supply chain attacks on the rise — and let's not forget about artificial intelligence.
Here's what experts say about the CISA initiative's potential impact on software supply chain security — and security operations.
In a ConversingLabs conversation, Charlie Jones of ReversingLabs talks about risk with supply chain attacks, and what development teams can do to spot malware lurking in signed code.
Matt Rose presents at RSAC 2023 on the mismatch between traditional app sec tools like SCA and modern supply chain threats. Here are highlights from his talk.
The surprising story of the hack of VoIP provider 3CX got even crazier this week. Here's what you need to know.
In a new ReversingLabs Software Supply Chain Risk Survey, IT pros say supply chain security poses an “enterprise-wide” risk that traditional app sec tools can't address.