Blog | ReversingLabs | AppSec & Supply Chain Security (29)

July 19, 2022

CISA: Log4j threat will linger for years—so be prepared

A survey of the post-Log4j landscape found few successful hacks linked to it. The bad news? Log4Shell will linger for years — so you need to prepare.

June 29, 2022

SBOM Facts: Know what's in your software to fend off supply chain attacks

Not knowing what’s in your food can have consequences. The same is true for software. You need a software bill of materials (SBOM) to minimize risk.

June 23, 2022

ConversingLabs highlights: RSA Conference spotlights software supply chain, critical infrastructure risk

ConversingLabs invited Robert Martin of MITRE and Steve Lipner of Safecode, who spoke at RSAC, to discuss supply chain risk, software assurance and more.

June 14, 2022

5 CI/CD breaches analyzed: Why you need to update your software security

Omer Gil and Daniel Krivelevich outlined the top 10 CI/CD security risks at RSA Conference, analyzing five recent breaches. Here's what you need to know.

June 13, 2022

Survey finds software supply chain security top of mind for dev teams — but tampering detection lags

A survey of more than 300 technology professionals found widespread concern about supply chain attacks, but only sporadic efforts to detect such attacks.

June 8, 2022

MITRE’s System of Trust: A standard for software supply chain security

MITRE’s System of Trust framework is aiming to standardize how software supply chain security is assessed. MITRE's Robert Martin explains.

June 8, 2022

Taking the quiz: Are you up to speed on supply chain risk?

ReversingLabs delivered a game-show style review of its survey on software supply chain security at RSA Conference. Here are the questions and answers.

June 1, 2022

It’s not a secret if you publish it on PyPI

Python packages can contain sensitive information. Here's how software development teams can keep secrets secret.

June 1, 2022

Software supply chain risk demands our attention

Software Supply Chain Attacks are a top concern. But tools for monitoring and stopping them lags. Meet ReversingLabs' new platform: secure.software.

June 1, 2022

Coinminer and npm: What you see is not always what you get

Source code analysis is always useful. It helps you detect threats early in the dev process. But it shouldn’t be the only tool in your security arsenal.

May 12, 2022

Happy anniversary? An assessment of the Cybersecurity EO one year on

One year ago today, the White House released an Executive Order on Improving the Nation’s Cybersecurity. Here's where things stand.

March 9, 2022

Interview: Tomislav Peričin Explains NIST’s New Secure Software Development Framework

ReversingLabs Chief Software Architect Tomislav Peričin examines NIST’s new Secure Software Development Framework.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Industry

Partners

Alliances

Resources

Company

Events

Press

AppSec & Supply Chain Security (29)

CISA: Log4j threat will linger for years—so be prepared

SBOM Facts: Know what's in your software to fend off supply chain attacks

ConversingLabs highlights: RSA Conference spotlights software supply chain, critical infrastructure risk

5 CI/CD breaches analyzed: Why you need to update your software security

Survey finds software supply chain security top of mind for dev teams — but tampering detection lags

MITRE’s System of Trust: A standard for software supply chain security

Taking the quiz: Are you up to speed on supply chain risk?

It’s not a secret if you publish it on PyPI

Software supply chain risk demands our attention

Coinminer and npm: What you see is not always what you get

Happy anniversary? An assessment of the Cybersecurity EO one year on

Interview: Tomislav Peričin Explains NIST’s New Secure Software Development Framework

Topics

Special Reports

The 2025 Software Supply Chain Security Report

Upcoming Webinars

ConversingLabs

AppSec & Supply Chain Security (29)

Topics

Follow us

Subscribe

Special Reports