Software Supply Chain Security

September 21, 2023

Threat modeling and the supply chain: An essential tool for managing risk across the SDLC

Here's what your team needs to understand about threat modeling and software supply chain security — a critical mapping of risk. 
September 20, 2023

The art of security chaos engineering

What if dev and app sec teams showed the same nimbleness and ruthless efficiency as cybercriminals? Fastly's Kelly Shortridge explains why it's essential.
September 19, 2023

NIST CSF 2.0: What it means for modern software supply chain risk management

Cybersecurity Framework 2.0 makes big improvements, adding focus on software supply chain security. Here's what the changes mean for your SecOps team.
September 13, 2023

IoT and the supply chain: The road to securing devices

In this episode of ConversingLabs, NetRise CEO Thomas Pace talks about supply chain threats to the Internet of Things (IoT).
September 7, 2023

20 application security pros you should follow

These leading app sec experts provide a steady of flow of security knowledge to keep you up to speed.
September 6, 2023

Lemons and liability: How security warranties could tame the software market

In this ConversingLabs, Daniel Woods shares insights from his research on software warranties, and how shifting liability to producers could define the market.
September 5, 2023

Threat research roundup: Lessons learned from recent PyPI and npm supply chain attacks

RL threat researchers have discovered multiple malicious campaigns on open repositories recently. Join the Webinar to discuss key takeaways.
August 31, 2023

VMConnect supply chain attack continues, evidence points to North Korea

ReversingLabs researchers discovered more packages that are part of the previously identified VMConnect campaign, and evidence linking the campaign to North Korean threat actors.
August 30, 2023

10 Hacker Summer Camp speakers to follow year-round

Why does expert cybersecurity knowledge sharing have to stop in Las Vegas? Follow these top speakers year-round.
August 23, 2023

Supply chain security: Is technical debt weighing your team down?

Vulnerability management and piecemeal app sec testing are like paying the interest only on mounting security technical debt. Where do you stand?
August 22, 2023

Fake Roblox packages target npm with Luna Grabber info-stealing malware

ReversingLabs identified more than a dozen malicious packages targeting Roblox users on the npm public repository, recalling an attack from 2021.
August 21, 2023

Risk modeling initiative aims to expose the 'hiddenness of knowledge' in the supply chain

GUAC-ALYTICs will model risk across open source software supply chain interdependencies using a new algorithmic engine. Here's what you need to know.

SUBSCRIBE

Get our blog delivered to your in-box weekly to stay up to date on key trends, analysis and best practices across threat intelligence and software supply chain security.

The Art of Security Chaos Engineering The Art of Security Chaos Engineering
Conversations About Threat Hunting and Software Supply Chain Security
ReversingGlass: Happy Birthday, ReversingGlass ReversingGlass: Happy Birthday, ReversingGlass
Glassboard conversations with ReversingLabs Field CISO Matt Rose