6 reasons AppSec teams should shift gears and go beyond legacy vulnerabilities
The National Vulnerability Database represents a minority of software supply chain threats. With attacks surging, teams must shift focus from vulnerabilities to malware.
AppSec & Supply Chain Security
6 reasons AppSec teams should shift gears and go beyond legacy vulnerabilities
NVD Analysis: Why you need to modernize your application security
The National Vulnerability Database does not tell the full story of software risk. Here's why the NVD — and your AppSec approach — needs to be modernized.
The state of cybersecurity: 'Things are going to get worse before they get better,' Krebs tells Black Hat 2022
There are many problems facing the cybersecurity community today, and they will only get worse before they get better. Despite this bleak view, former Cybersecurity and Infrastructure Security Agency (CISA) Director Chris Krebs reminded the audience at Black Hat USA 2022 to place their hope in people to have a more secure future.
Buckle up for Black Hat 2022: Sessions your security team should not miss
Black Hat is set to return next week with two years of pent up cybersecurity research and discoveries. Here are the talks you don't want to miss.
Software supply chain security takes center stage at Black Hat 2022
software-supply-chain-security-takes-center-stage-at-black-hat-2022
OpenSSF's open source security mobilization initiative: Inside the 10-point action plan
Here is a run-down of the 10 streams from OpenSSF's Open Source Software Security Mobilization Plan.
The Week in Cybersecurity: SolarWinds attackers tap Google Drive, malware spreads via Play Store apps
Cozy Bear APT group is using Dropbox and Google drive to cover up attacks, malware is spreading via Google Play Store apps, and more.
SBOM Facts: Know what's in your software to fend off supply chain attacks
SBOM Facts: Know what's in your software to fend off supply chain attacks
ConversingLabs highlights: RSA Conference spotlights software supply chain, critical infrastructure risk
The RSA Conference brings some of the brightest minds in information security together in one place.
5 CI/CD breaches analyzed: Why you need to update your software security
Omer Gil and Daniel Krivelevich outlined the top CI/CD security risks at RSA Conference 2022. Here's what your software security team needs to know.
Survey finds software supply chain security top of mind for dev teams — but tampering detection lags
A survey of more than 300 technology professionals found widespread concern about supply chain attacks, but only sporadic efforts to detect such attacks.
Taking the quiz: Are you up to speed on supply chain risk?
ReversingLabs delivered a game-show style review of its survey on software supply chain security at RSA Conference. Here are the questions and answers.
MITRE’s System of Trust: A standard for software supply chain security
MITRE’s System of Trust framework is aiming to standardize how software supply chain security is assessed. MITRE's Robert Martin explains.
Software supply chain risk demands our attention
Software supply chain attacks are a top concern. But tools for monitoring and stopping them lags. Meet ReversingLabs' new platform: secure.software.
Happy anniversary? An assessment of the Cybersecurity EO one year on
One year ago today, the White House released an executive order regarding improving the nation’s cybersecurity (a.k.a. EO 14028). Here's where things stand.