GitHub repojacking attack: 10 lessons for software teams
Software supply chain attacks are on the rise because of their reach. Here are 10 valuable lessons from the recent GitHub namespace attack.
AppSec & Supply Chain Security
GitHub repojacking attack: 10 lessons for software teams
The Week in Security: Disguised Russian software used in U.S. Army, CDC applications
Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond.
The Week in Security: Former Uber CSO convicted over hack cover-up, supply chain attack targets media
Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond.
-1-1400x732.jpg&w=3840&q=75)
Forrester Security & Risk Forum: Go beyond the software bill of materials
The Forrester Security & Risk Forum tool place this week in Washington D.C. with a full agenda, tackling a range of issues, from the cyber implications of geopolitical disruptions to the privacy and security implications of the Metaverse.
Special report: End-to-end supply chain security demands dev and SOC teams shift left together
Security operations centers (SOCs) and developers need to share the responsibility for securing the software supply chain. Find out why in ReversingLabs' latest report.
National Cyber Director: Higher bar for software supply chain security is key to cyber resilience
Chris Inglis said the government is setting a new bar for supply chain security as the national cybersecurity focus shifts from incident response to cyber resilience.
Google pairs GUAC with SLSA to take a bite out of software supply chain insecurity
Google is putting its weight behind a project to offer a comprehensive view of your software. Enter GUAC: Graph for Understanding Artifact Composition.
The state of CI/CD security: Upgrade your software supply chain tools to maintain velocity and security
Here's what you need to know about the state of CI/CD tools — and why you need to upgrade your tools and approach to deliver secure software at speed.
SBOMs are critical to AppSec — but only the first step in your journey
Here's what to focus on for a comprehensive approach to application security across your entire software development pipeline.
SBOMs are coming for medical devices. Prof. Kevin Fu explains what to expect
The medical device sector is under pressure to improve software supply chain security, and software bills of materials (SBOMs) are front and center. ReversingLabs talks with Professor Kevin Fu of the Archimedes Center at University of Michigan about what to expect.
The Week in Security: Attacks on critical infrastructure and the software supply chain take off
Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond.
What an SBOM is — and why it matters
Software bills of materials have become key to mitigating software threats. Here's what you need to know — and how to put them to work.
4 takeaways from the MITRE software security panel
With software supply chain attacks ramping up, software bills of materials (SBOMs) are getting the nod from both government and industry experts as a "no brainer."
The Week in Security: Google takes next step on supply chain risk, UK issues software security guidance
Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of cybersecurity.
Packagist PHP repo supply chain attack: 3 key takeaways
A PHP repository vulnerability threatened millions of sites. Here's why you need to make an SBOM the first step in your software supply chain security journey.