August 2, 2023
Your app sec team should factor in more capable malicious AI tools, coming soon.
July 25, 2023
It’s an optional trial program (for now). How would your dev team cope? Is this the future of zero trust?
July 19, 2023
Safe programming languages and packages can dramatically reduce vulnerabilities. Here's my rundown on the safest bets for secure coding.
July 17, 2023
CISA and NSA issued security guidance on continuous integration/continuous delivery environments — but missed an opportunity to escalate the conversation.
July 5, 2023
C’mon, dev teams — it's about time to get serious about memory safety, XSS and SQLi.
June 27, 2023
It’s a dog-eat-dog world ... Bug allows bad actor to manipulate URLs and extract data. Note to devs: Avoid consecutive object references and add entropy.
June 21, 2023
Forward-thinking DevOps shops are doing it already. Isn’t it time your team got on board?
June 13, 2023
Cl0p quietly tested the flaw for two years before launching the full exploit. Lesson: Look both ways before crossing.
June 7, 2023
Field CISO Matt Rose explains in this week's ReversingGlass episode the difference between application security hacks and software supply chain hacks.
June 6, 2023
Compiled-code behavior analysis beats old-skool app sec tools.
June 1, 2023
ReversingLabs researchers identified a PyPI attack using compiled Python code to evade detection — possibly the first PYC file direct-execution attack.
June 1, 2023
ConversingLabs caught up with Chris Romeo of Kerr Ventures at RSA Conference 2023 to talk about the state of application security. Watch (or listen) — and learn.