January 18, 2023
Supply chain security and compliance: Why software organizations should get out in front of requirements
Get out in front of software supply chain compliance requirements for a competitive advantage. Here's what your software organization needs to know.
December 7, 2022
Here are the key elements of Executive Order 14028, and software supply chain security guidance from the Enduring Security Framework working group.
December 1, 2022
Log4j one year in: Vulnerability fuels attacks — and a new urgency for software supply chain security
One year ago, a vulnerability in Apache’s Log4j turned the security world on its ear. What has changed since then? Here are the key takeaways from Log4Shell's legacy.
October 31, 2022
National Cyber Director Chris Inglis said the government is setting a new bar for supply chain security as the focus shifts from response to resilience.
September 19, 2022
The new memorandum calls on firms selling software to the federal government to attest to its conformity with NIST security standards. Here's what you need to know.
September 7, 2022
Enduring Security Framework's software supply chain guidelines: A roadmap for the post-SolarWinds world
The new guidance codifies lessons from the SolarWinds hack, including for securing third-party code and development pipelines. Here are four key takeaways.
September 6, 2022
Software bills of materials will never be a panacea for software supply chain security. Here are key trends that will deliver some welcome evolution, however.
May 12, 2022
One year ago today, the White House released an Executive Order on Improving the Nation’s Cybersecurity. Here's where things stand.
March 9, 2022
ReversingLabs Chief Software Architect Tomislav Peričin examines NIST’s new Secure Software Development Framework.