ReversingLabs Accelerates Strategy to Secure Software Supply Chain, Appoints Peter Doggart as Chief Operating Officer
Read More
Secrets Exposed: An Essential Guide to Securing Secrets in Software
Read eBook
New App Sec Series | Software Package Deconstruction
Learn More
ReversingLabs and Synopsys Join Forces to Combat Software Supply Chain Threats
Learn More

Software Supply Chain Security (2)

What’s behind SBOM skepticism? One word: Fear
May 10, 2023

What’s behind SBOM skepticism? One word: Fear

In this ConversingLabs talk, Josh Corman, founder of I Am The Cavalry, explains what’s behind industry skepticism around software bills of materials.
Read More
SLSA 1.0 delivers build provenance: What application security teams need to know
May 9, 2023

SLSA 1.0 delivers build provenance: What application security teams need to know

OpenSSF's updated Supply-chain Levels for Software Artifacts is an essential tool, but experts say it's not a comprehensive supply chain security tool.
Read More
Modernize your SOC with advanced malware analysis, real supply chain security — and best practices
May 8, 2023

Modernize your SOC with advanced malware analysis, real supply chain security — and best practices

Today's SOCs need the right tools for malware and supply chain security. Here's why — and best practices for a modern SOC.
Read More
The Week in Security: SolarWinds hack set off alarms for months before discovery
May 4, 2023

The Week in Security: SolarWinds hack set off alarms for months before discovery

The DOJ detected the SolarWinds Orion breach six months prior to public disclosure. Also: anxiety, fear, depression - the life of a ransomware criminal.
Read More
SolarWinds hack: Did DOJ know 6 months earlier?
May 3, 2023

SolarWinds hack: Did DOJ know 6 months earlier?

The Department of Justice is reported to have stayed on the down-low on SolarWinds. Poster child for software supply chain security? The plot thickens...
Read More
How to operationalize SBOMs for incident response
May 2, 2023

How to operationalize SBOMs for incident response

Learn why Software Bills of Materials are essential for cybersecurity incident response — and how to put them to work.
Read More
RSAC in review: Supply chain security, cyber war and AI
May 1, 2023

RSAC in review: Supply chain security, cyber war and AI

The stakes were raised at RSAC 2023: A “hot” cyber war in Ukraine, supply chain attacks on the rise — and let's not forget about artificial intelligence.
Read More
The rise of malware in the software supply chain – and what to do about it
April 27, 2023

The rise of malware in the software supply chain – and what to do about it

Charlie Jones of ReversingLabs explains risk with supply chain attacks — and what development teams can do to spot malware lurking in signed code.
Read More
CISA's Secure by Design for software development: 'It's a starting point, not an endpoint'
April 27, 2023

CISA's Secure by Design for software development: 'It's a starting point, not an endpoint'

Here's what experts say about the CISA Secure by Design initiative's potential impact on software supply chain security — and security operations. 
Read More
#RSAC is big again — and AI + security is huge: #StrongerTogether?
April 26, 2023

#RSAC is big again — and AI + security is huge: #StrongerTogether?

RSA Conference is back big in 2023, with large language models buzzing: Al to fight AI, and generative AI and supply chain security.
Read More
Package names repurposed to push malware on PyPI
April 24, 2023

Package names repurposed to push malware on PyPI

What’s in a name? Here's how bad actors are pushing malware on the Python Package Index under the guise of legitimate yet abandoned open source modules.
Read More
What traditional app sec tools miss: The monsters in your software supply chain
April 24, 2023

What traditional app sec tools miss: The monsters in your software supply chain

Matt Rose will present at RSAC 2023 on the mismatch between traditional app sec tools like SCA and modern supply chain threats. Here are key highlights.
Read More

SUBSCRIBE

Get the Best of the ReversingLabs newsletter delivered to your in-box weekly to stay up to date on key trends, analysis and best practices across threat intelligence and software supply chain security.

ConversingLabs Cafe: Chris Romeo on the state of application security ConversingLabs Cafe: Chris Romeo on the state of application security
Conversations About Threat Hunting and Software Supply Chain Security
Behaviors & Diffs: Better Together for Software Supply Chain Security Behaviors & Diffs: Better Together for Software Supply Chain Security
Glassboard conversations with ReversingLabs Field CISO Matt Rose
Software Package Deconstruction: Deconstructing UPS Ship Manager Software Package Deconstruction: Deconstructing UPS Ship Manager
Analyzing Risks To Your Software Supply Chain