Executive Order on Cybersecurity (EO 14028)

January 18, 2023

Supply chain security and compliance: Why software organizations should get out in front of requirements

Get out in front of software supply chain compliance requirements for a competitive advantage. Here's what your software organization needs to know.
December 7, 2022

New supply chain mandates: Uncle Sam wants you (to secure your software)!

Here are the key elements of Executive Order 14028, and software supply chain security guidance from the Enduring Security Framework working group. 
December 1, 2022

Log4j one year in: Vulnerability fuels attacks — and a new urgency for software supply chain security

One year ago, a vulnerability in Apache’s Log4j turned the security world on its ear. What has changed since then? Here are the key takeaways from Log4Shell's legacy.
October 31, 2022

National Cyber Director: Higher bar for software supply chain security is key to cyber resilience

National Cyber Director Chris Inglis said the government is setting a new bar for supply chain security as the focus shifts from response to resilience.
September 19, 2022

White House memo calls for software supply chain security, takes a step closer to mandating SBOMs

The new memorandum calls on firms selling software to the federal government to attest to its conformity with NIST security standards. Here's what you need to know.
September 7, 2022

Enduring Security Framework's software supply chain guidelines: A roadmap for the post-SolarWinds world

The new guidance codifies lessons from the SolarWinds hack, including for securing third-party code and development pipelines. Here are four key takeaways.
September 6, 2022

The SBOM is evolving: 4 key trends boosting software supply chain security

Software bills of materials will never be a panacea for software supply chain security. Here are key trends that will deliver some welcome evolution, however.
May 12, 2022

Happy anniversary? An assessment of the Cybersecurity Executive Order one year on

One year ago today, the White House released an Executive Order on Improving the Nation’s Cybersecurity. Here's where things stand. 
March 9, 2022

Interview: Tomislav Peričin Explains NIST’s New Secure Software Development Framework

ReversingLabs Chief Software Architect Tomislav Peričin examines NIST’s new Secure Software Development Framework.

SUBSCRIBE

Get our blog delivered to your in-box weekly to stay up to date on key trends, analysis and best practices across threat intelligence and software supply chain security.

ConversingLabs: The State of Open Source Software Security ConversingLabs: The State of Open Source Software Security
Conversations About Threat Hunting and Software Supply Chain Security
ReversingGlass: SBOMS and threat modeling ReversingGlass: SBOMS and threat modeling
Glassboard conversations with ReversingLabs Field CISO Matt Rose
Software Package Deconstruction: Video Conferencing Software Software Package Deconstruction: Video Conferencing Software
Analyzing Risks To Your Software Supply Chain