Behaviors and Diffs: Better Together for Software Supply Chain Security
June 1, 2023
In this episode, Matt Rose explains how software supply chain security is better with the wonder duo of behavior and differential analysis.
Field CISO at ReversingLabs. Matt Rose has an extensive background in application security, object-oriented programming, multi-tier architecture design and implementation, and internet/intranet development. His areas of expertise include Application Security, SAST, DAST, IAST, SCA, DevSecOps, and Threat Modeling. Matt is an accomplished public speaker and has been quoted in 50+ AST industry media publications.
Watch Episode
Who is ReversingLabs?
May 25, 2023
In this episode, Matt answers a simple yet important question: Who is ReversingLabs? Matt does this by recalling the company’s history, dating back to 2009, which began with ReversingLabs hosting the world’s largest reputational database for malware. He then details ReversingLabs’ growth into a leading provider of software supply chain security.
AI and Software Supply Chain Security: Proceed with Caution
May 18, 2023
In this episode, Matt touches on the newfound popularity of AI in relation to Software Supply Chain Security, pointing out the concerns he has for this technology being used by both good and bad actors.
What the heck is an SBOM?
May 11, 2023
In this episode, Matt uses the analogy of America’s beloved boxed mac n’ cheese to define what a software bill of materials (SBOM) is and should be. He then points out that when making SBOMs, organizations should look to approved and standardized SBOM formats for them to be as clear and transparent as possible.
Supply Chain Risks in Art and Life ... Even 'The Simpsons'
May 4, 2023
In this episode, Matt touches on real-life software supply chain security cases such as the recent 3CX hack, and how popular media from past and present both imitates and forewarns this kind of threat.
Why CISA Secure by Design is Just a Starting Point
April 27, 2023
In this episode of ReversingGlass, Matt Rose explains what's included in the CISA's new initiative: Secure by Design, Secure by Default. He points out that while it's a good starting point for companies to refer to, it shouldn't serve as the end point for practicing software supply chain security.
ReversingLabs @ RSA 2023 | See You There!
04/20/2023
In this episode, Matt gives a quick overview of what the ReversingLabs team will be up to and tips to prepare for the 2023 RSA Conference.
Software Supply Chain Security Use Cases
04/13/2023
In this episode, Matt quantifies the various use cases surrounding software supply chain security (SSCS): Home-grown apps, third-party risk management (TPRM), mergers and acquisitions, and cybersecurity insurance.
Full-Coverage Software Supply Chain Security Explained
04/06/2023
In this episode, Matt lists and explains the various areas of the software supply chain that need to be covered with a modern security solution. He points out that just looking at the build system or open source software alone for threats will not provide full software supply chain security (SSCS) coverage.
How to Define Software Supply Chain Security
03/30/2023
In this episode of ReversingGlass, Matt defines software supply chain security by pointing out the different links that the chain comprises. Each link covers different threats, but each is connected to the creation of a complete software artifact, making comprehensive coverage of the software supply chain a must.
