Blog | ReversingLabs | AppSec & Supply Chain Security (29)

AppSec & Supply Chain Security (29)

MITRE’s System of Trust: A standard for software supply chain security

June 8, 2022

MITRE’s System of Trust: A standard for software supply chain security

MITRE’s System of Trust framework is aiming to standardize how software supply chain security is assessed. MITRE's Robert Martin explains.

Taking the quiz: Are you up to speed on supply chain risk?

June 8, 2022

Taking the quiz: Are you up to speed on supply chain risk?

ReversingLabs delivered a game-show style review of its survey on software supply chain security at RSA Conference. Here are the questions and answers.

It’s not a secret if you publish it on PyPI

June 1, 2022

It’s not a secret if you publish it on PyPI

Python packages can contain sensitive information. Here's how software development teams can keep secrets secret.

Software supply chain risk demands our attention

June 1, 2022

Software supply chain risk demands our attention

Software Supply Chain Attacks are a top concern. But tools for monitoring and stopping them lags. Meet ReversingLabs' new platform: secure.software.

Coinminer and npm: What you see is not always what you get

June 1, 2022

Coinminer and npm: What you see is not always what you get

Source code analysis is always useful. It helps you detect threats early in the dev process. But it shouldn’t be the only tool in your security arsenal.

Happy anniversary? An assessment of the Cybersecurity EO one year on

May 12, 2022

Happy anniversary? An assessment of the Cybersecurity EO one year on

One year ago today, the White House released an Executive Order on Improving the Nation’s Cybersecurity. Here's where things stand.

Interview: Tomislav Peričin Explains NIST’s New Secure Software Development Framework

March 9, 2022

Interview: Tomislav Peričin Explains NIST’s New Secure Software Development Framework

ReversingLabs Chief Software Architect Tomislav Peričin examines NIST’s new Secure Software Development Framework.

NIST raises the bar for federal software supply chain with call for SBOMs

February 10, 2022

NIST raises the bar for federal software supply chain with call for SBOMs

NIST issued guidelines for secure development, asking firms selling to the government to implement a software bill of materials (SBOM).

Log4j: Why your organization needs to embrace software bills of materials

December 15, 2021

Log4j: Why your organization needs to embrace software bills of materials

The widespread vulnerability is an object lesson for why software publishers and their customers should be using SBOMs.

Expanding Security Visibility To Reduce Software Supply Chain Risk

September 20, 2021

Expanding Security Visibility To Reduce Software Supply Chain Risk

No doubt about it, the way malicious actors attack their targets through software is changing

It only takes one line of code to ruin your day

May 7, 2021

It only takes one line of code to ruin your day

Much like SolarWinds before it, this incident shows we need to take a more critical look at the software we are using and trusting to be good.

CISO’s Guide to Protecting Against Modern Software Risks

January 11, 2021

CISO’s Guide to Protecting Against Modern Software Risks

How to Rebuild Trust in the SDLC and 3rd Party Software Supply Chain

‹ previous next ›