Blog | ReversingLabs | AppSec & Supply Chain Security (28)

June 23, 2022

ConversingLabs highlights: RSA Conference spotlights software supply chain, critical infrastructure risk

ConversingLabs invited Robert Martin of MITRE and Steve Lipner of Safecode, who spoke at RSAC, to discuss supply chain risk, software assurance and more.

June 14, 2022

5 CI/CD breaches analyzed: Why you need to update your software security

Omer Gil and Daniel Krivelevich outlined the top 10 CI/CD security risks at RSA Conference, analyzing five recent breaches. Here's what you need to know.

June 13, 2022

Survey finds software supply chain security top of mind for dev teams — but tampering detection lags

A survey of more than 300 technology professionals found widespread concern about supply chain attacks, but only sporadic efforts to detect such attacks.

June 8, 2022

MITRE’s System of Trust: A standard for software supply chain security

MITRE’s System of Trust framework is aiming to standardize how software supply chain security is assessed. MITRE's Robert Martin explains.

June 8, 2022

Taking the quiz: Are you up to speed on supply chain risk?

ReversingLabs delivered a game-show style review of its survey on software supply chain security at RSA Conference. Here are the questions and answers.

June 1, 2022

It’s not a secret if you publish it on PyPI

Python packages can contain sensitive information. Here's how software development teams can keep secrets secret.

June 1, 2022

Software supply chain risk demands our attention

Software Supply Chain Attacks are a top concern. But tools for monitoring and stopping them lags. Meet ReversingLabs' new platform: secure.software.

June 1, 2022

Coinminer and npm: What you see is not always what you get

Source code analysis is always useful. It helps you detect threats early in the dev process. But it shouldn’t be the only tool in your security arsenal.