Behaviors and Diffs: Better Together for Software Supply Chain Security
In this episode, Matt Rose explains how software supply chain security is better with the wonder duo of behavior and differential analysis.
In this episode, Matt Rose explains how software supply chain security is better with the wonder duo of behavior and differential analysis.
In this episode, Matt answers a simple yet important question: Who is ReversingLabs? Matt does this by recalling the company’s history, dating back to 2009, which began with ReversingLabs hosting the world’s largest reputational database for malware. He then details ReversingLabs’ growth into a leading provider of software supply chain security.
In this episode, Matt touches on the newfound popularity of AI in relation to Software Supply Chain Security, pointing out the concerns he has for this technology being used by both good and bad actors.
In this episode, Matt uses the analogy of America’s beloved boxed mac n’ cheese to define what a software bill of materials (SBOM) is and should be. He then points out that when making SBOMs, organizations should look to approved and standardized SBOM formats for them to be as clear and transparent as possible.
In this episode, Matt touches on real-life software supply chain security cases such as the recent 3CX hack, and how popular media from past and present both imitates and forewarns this kind of threat.
In this episode of ReversingGlass, Matt Rose explains what's included in the CISA's new initiative: Secure by Design, Secure by Default. He points out that while it's a good starting point for companies to refer to, it shouldn't serve as the end point for practicing software supply chain security.
In this episode, Matt gives a quick overview of what the ReversingLabs team will be up to and tips to prepare for the 2023 RSA Conference.
In this episode, Matt quantifies the various use cases surrounding software supply chain security (SSCS): Home-grown apps, third-party risk management (TPRM), mergers and acquisitions, and cybersecurity insurance.
In this episode, Matt lists and explains the various areas of the software supply chain that need to be covered with a modern security solution. He points out that just looking at the build system or open source software alone for threats will not provide full software supply chain security (SSCS) coverage.
In this episode of ReversingGlass, Matt defines software supply chain security by pointing out the different links that the chain comprises. Each link covers different threats, but each is connected to the creation of a complete software artifact, making comprehensive coverage of the software supply chain a must.