ReversingGlass Video: How Software Supply Chains Go Wrong...in less then 5 minutes.
Watch Now
Read the LATEST Software Supply Chain Security Risk Report
Read Now
Webinar Alert! The Future of Complex Code Destruction
Register Now

Executive Order on Cybersecurity (EO 14028)

Supply chain security and compliance: Why software organizations should get out in front of requirements
January 18, 2023

Supply chain security and compliance: Why software organizations should get out in front of requirements

Get out in front of software supply chain compliance requirements for a competitive advantage. Here's what your software organization needs to know.
Read More
New supply chain mandates: Uncle Sam wants you (to secure your software)!
December 7, 2022

New supply chain mandates: Uncle Sam wants you (to secure your software)!

Here are the key elements of Executive Order 14028, and software supply chain security guidance from the Enduring Security Framework working group. 
Read More
Log4j one year in: Vulnerability fuels attacks — and a new urgency for software supply chain security
December 1, 2022

Log4j one year in: Vulnerability fuels attacks — and a new urgency for software supply chain security

One year ago, a vulnerability in Apache’s Log4j turned the security world on its ear. What has changed since then? Here are the key takeaways from Log4Shell's legacy.
Read More
National Cyber Director: Higher bar for software supply chain security is key to cyber resilience
October 31, 2022

National Cyber Director: Higher bar for software supply chain security is key to cyber resilience

National Cyber Director Chris Inglis said the government is setting a new bar for supply chain security as the focus shifts from response to resilience.
Read More
White House memo calls for software supply chain security, takes a step closer to mandating SBOMs
September 19, 2022

White House memo calls for software supply chain security, takes a step closer to mandating SBOMs

The new memorandum calls on firms selling software to the federal government to attest to its conformity with NIST security standards. Here's what you need to know.
Read More
Enduring Security Framework's software supply chain guidelines: A roadmap for the post-SolarWinds world
September 7, 2022

Enduring Security Framework's software supply chain guidelines: A roadmap for the post-SolarWinds world

The new guidance codifies lessons from the SolarWinds hack, including for securing third-party code and development pipelines. Here are four key takeaways.
Read More
The SBOM is evolving: 4 key trends boosting software supply chain security
September 6, 2022

The SBOM is evolving: 4 key trends boosting software supply chain security

Software bills of materials will never be a panacea for software supply chain security. Here are key trends that will deliver some welcome evolution, however.
Read More
Happy anniversary? An assessment of the Cybersecurity Executive Order one year on
May 12, 2022

Happy anniversary? An assessment of the Cybersecurity Executive Order one year on

One year ago today, the White House released an Executive Order on Improving the Nation’s Cybersecurity. Here's where things stand. 
Read More
Interview: Tomislav Peričin Explains NIST’s New Secure Software Development Framework
March 9, 2022

Interview: Tomislav Peričin Explains NIST’s New Secure Software Development Framework

ReversingLabs Chief Software Architect Tomislav Peričin examines NIST’s new Secure Software Development Framework.
Read More

SUBSCRIBE

Get our blog delivered to your in-box weekly to stay up to date on key trends, analysis and best practices across threat intelligence and software supply chain security.

Apple Devices as a Growing Attack Vector Apple Devices as a Growing Attack Vector
Conversations About Threat Hunting and Software Supply Chain Security
ReversingGlass: EPSS 3.0 + CVSS: Why Prioritizing Software Risk is Key ReversingGlass: EPSS 3.0 + CVSS: Why Prioritizing Software Risk is Key
Glassboard conversations with ReversingLabs Field CISO Matt Rose