ReversingGlass: Key Concepts in App Sec and Software Supply Chain Security Explained

Glassboard conversations with ReversingLabs Field CISO Matt Rose

Matt Rose ReversingLabs
Field CISO at ReversingLabs. Matt Rose has an extensive background in application security, object-oriented programming, multi-tier architecture design and implementation, and internet/intranet development. His areas of expertise include Application Security, SAST, DAST, IAST, SCA, DevSecOps, and Threat Modeling. Matt is an accomplished public speaker and has been quoted in 50+ AST industry media publications.

Who is ReversingLabs?

May 25, 2023

In this episode, Matt answers a simple yet important question: Who is ReversingLabs? Matt does this by recalling the company’s history, dating back to 2009, which began with ReversingLabs hosting the world’s largest reputational database for malware. He then details ReversingLabs’ growth into a leading provider of software supply chain security.

Watch Episode

What the heck is an SBOM?

May 11, 2023

In this episode, Matt uses the analogy of America’s beloved boxed mac n’ cheese to define what a software bill of materials (SBOM) is and should be. He then points out that when making SBOMs, organizations should look to approved and standardized SBOM formats for them to be as clear and transparent as possible.

Watch Episode

Why CISA Secure by Design is Just a Starting Point

April 27, 2023

In this episode of ReversingGlass, Matt Rose explains what's included in the CISA's new initiative: Secure by Design, Secure by Default. He points out that while it's a good starting point for companies to refer to, it shouldn't serve as the end point for practicing software supply chain security.

Watch Episode

Software Supply Chain Security Use Cases


In this episode, Matt quantifies the various use cases surrounding software supply chain security (SSCS): Home-grown apps, third-party risk management (TPRM), mergers and acquisitions, and cybersecurity insurance.

Watch Episode

Full-Coverage Software Supply Chain Security Explained


In this episode, Matt lists and explains the various areas of the software supply chain that need to be covered with a modern security solution. He points out that just looking at the build system or open source software alone for threats will not provide full software supply chain security (SSCS) coverage. 

Watch Episode

How to Define Software Supply Chain Security


In this episode of ReversingGlass, Matt defines software supply chain security by pointing out the different links that the chain comprises. Each link covers different threats, but each is connected to the creation of a complete software artifact, making comprehensive coverage of the software supply chain a must.

Watch Episode


Sign up now to receive the latest weekly
news from ReversingLabs

Get Started
Request a DEMO

Learn more about how ReversingLabs can help your company reduce attack surface risks with deep software and file threat analysis to speed release and response.