Blog | ReversingLabs | RSAC2023

RSAC2023

How to trust open source software: A conversation with OpenSSF's Naveen Srinivasan

June 14, 2023

How to trust open source software: A conversation with OpenSSF's Naveen Srinivasan

In this ConversingLabs Cafe interview, Naveen Srinivasan, a maintainer of the OpenSSF Security Scorecard, talks about evaluating software dependency risk.

RSAC in review: Supply chain security, cyber war and AI

May 1, 2023

RSAC in review: Supply chain security, cyber war and AI

The stakes were raised at RSAC 2023: A “hot” cyber war in Ukraine, supply chain attacks on the rise — and let's not forget about artificial intelligence.

The rise of malware in the software supply chain – and what to do about it

April 27, 2023

The rise of malware in the software supply chain – and what to do about it

Charlie Jones of ReversingLabs explains risk with supply chain attacks — and what development teams can do to spot malware lurking in signed code.

#RSAC is big again — and AI + security is huge: #StrongerTogether?

April 26, 2023

#RSAC is big again — and AI + security is huge: #StrongerTogether?

RSA Conference is back big in 2023, with large language models buzzing: Al to fight AI, and generative AI and supply chain security.

Package names repurposed to push malware on PyPI

April 24, 2023

Package names repurposed to push malware on PyPI

What’s in a name? Here's how bad actors are pushing malware on the Python Package Index under the guise of legitimate yet abandoned open source modules.

What traditional app sec tools miss: The monsters in your software supply chain

April 24, 2023

What traditional app sec tools miss: The monsters in your software supply chain

Matt Rose will present at RSAC 2023 on the mismatch between traditional app sec tools like SCA and modern supply chain threats. Here are key highlights.

Secrets security: The why, the how – and what to do about it

April 19, 2023

Secrets security: The why, the how – and what to do about it

Secrets are increasingly exposed in code, creating a field-day for malicious actors. Here are key takeaways from our Secrets Exposed special report.

What’s hot at RSA Conference 2023: 8 must-see software supply chain security talks

April 19, 2023

What’s hot at RSA Conference 2023: 8 must-see software supply chain security talks

Software supply chain security is taking center-stage at RSAC 2023. Here are the talks you don't want to miss.

What’s hot at RSA Conference 2023: 6 must-see malware analysis and threat hunting talks

April 18, 2023

What’s hot at RSA Conference 2023: 6 must-see malware analysis and threat hunting talks

There is so much to take in at RSAC. Cut through the noise with our list of threat-focused talks you don't want to miss.

How to mitigate secrets risk — and prevent future breaches

March 21, 2023

How to mitigate secrets risk — and prevent future breaches

Leaks and exposures of sensitive information in open source and proprietary code repositories are approaching epidemic proportions.

How hackers access secrets

March 14, 2023

How hackers access secrets

Here’s how attackers are finding software development secrets buried in code repositories — and exploiting them.

Why devs and repos spill secrets

February 23, 2023

Why devs and repos spill secrets

The Circle CI breach and other hacks expose why the secrets problem is so prolific. Here's what you need to know about the state of secrets security.