Blog | ReversingLabs | AppSec & Supply Chain Security (5)

January 23, 2025

BSIMM15 shines light on compliance and AI security — but updating tooling is key

The BSIMM highlights traditional AppSec practices — but they are no match for modern supply chain attacks and AI/ML. Here's what you need to know.

January 15, 2025

Going beyond 'shift left': Why shared responsibility is key to risk management

AppSec experts and software risk managers say organizations must move beyond shift left. Here's why — and how to make that happen.

January 8, 2025

Census III study spotlights ongoing open-source software security challenges

The study, from the Linux Foundation, OpenSSF, and Harvard, highlights key open-source risk areas. Here's what you need to know.

December 24, 2024

SEC cybersecurity disclosures and lessons to be learned: A timeline

Here’s what the 2024 8-K security-incident filings are all about, lessons to be learned — and the bigger picture for cybersecurity.

December 11, 2024

U.K. cybersecurity chief warns of gap between risks and defenses

The new NCSC lead warned that cybersecurity risk is 'widely underestimated.' But experts say AI could close the gap — if the industry comes together.

December 10, 2024

AI-based fuzzing targets open-source LLM vulnerabilities

Google researchers have identified 26 vulnerabilities with OSS-Fuzz, but experts warn that AI fuzzing is not a panacea for AI/ML security.

December 10, 2024

SEC action raises the bar on software transparency

The firms have been fined for playing down the impact of the attack on SolarWinds. It’s part of a government push for greater transparency.

December 3, 2024

The state of AppSec tooling: Step up to modern software security

Organizations are struggling with outdated tools. Here's what you need to know about modernizing your AppSec tooling for today's supply chain threats.

December 2, 2024

Software liability gets real: 5 ways to get ahead of the EU's new directive

Here's what your organization needs to know about the Product Liability Directive — and how to avoid any slip-ups.

December 2, 2024

Why shift left alone can't manage your software risk

The state of application security was on the agenda at the Elephant in AppSec Conference. One clear takeaway: Modern threats demand an all-in approach.

November 26, 2024

OWASP Top 10 for LLM adds risks: Get on target to secure your AI models

OWASP has updated its Top 10 list with key risk areas, and recently added an AppSec tooling guide for AI. Here's what they cover — and what they don't.

November 13, 2024

CISA's secure software deployment push: Key takeaways for AppSec teams

To avoid the next CrowdStrike fiasco, CISA and others recommend embracing safe deployment practices earlier in the SDLC. Here's what you need to know.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Industry

Partners

Alliances

Resources

Company

Events

Press

AppSec & Supply Chain Security (5)

BSIMM15 shines light on compliance and AI security — but updating tooling is key

Going beyond 'shift left': Why shared responsibility is key to risk management

Census III study spotlights ongoing open-source software security challenges

SEC cybersecurity disclosures and lessons to be learned: A timeline

U.K. cybersecurity chief warns of gap between risks and defenses

AI-based fuzzing targets open-source LLM vulnerabilities

SEC action raises the bar on software transparency

The state of AppSec tooling: Step up to modern software security

Software liability gets real: 5 ways to get ahead of the EU's new directive

Why shift left alone can't manage your software risk

OWASP Top 10 for LLM adds risks: Get on target to secure your AI models

CISA's secure software deployment push: Key takeaways for AppSec teams

Topics

Special Reports

The 2025 Software Supply Chain Security Report

Upcoming Webinars

ConversingLabs

AppSec & Supply Chain Security (5)

Topics

Follow us

Subscribe

Special Reports