Software Security

July 8, 2022

The Week in Cybersecurity: NPM removes malicious modules, Microsoft backtracks on macros

This week: fallout from another supply chain attack involving malicious NPM modules. Also: Microsoft backtracks on a pledge to disable Office macros. 
May 12, 2022

Happy anniversary? An assessment of the Cybersecurity Executive Order one year on

One year ago today, the White House released an Executive Order on Improving the Nation’s Cybersecurity. Here's where things stand. 

SUBSCRIBE

Get our blog delivered to your in-box weekly to stay up to date on key trends, analysis and best practices across threat intelligence and software supply chain security.

ConversingLabs: The State of Open Source Software Security ConversingLabs: The State of Open Source Software Security
Conversations About Threat Hunting and Software Supply Chain Security
ReversingGlass: SBOMS and threat modeling ReversingGlass: SBOMS and threat modeling
Glassboard conversations with ReversingLabs Field CISO Matt Rose
Software Package Deconstruction: Video Conferencing Software Software Package Deconstruction: Video Conferencing Software
Analyzing Risks To Your Software Supply Chain