<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1076912843267184&amp;ev=PageView&amp;noscript=1">

ReversingGlass: Key Concepts in App Sec and Software Supply Chain Security Explained

Glassboard conversations with ReversingLabs Field CISO Matt Rose

Matt Rose ReversingLabs
Field CISO at ReversingLabs. Matt Rose has an extensive background in application security, object-oriented programming, multi-tier architecture design and implementation, and internet/intranet development. His areas of expertise include Application Security, SAST, DAST, IAST, SCA, DevSecOps, and Threat Modeling. Matt is an accomplished public speaker and has been quoted in 50+ AST industry media publications.

NIST CSF 2.0 is near: A lot has changed in 5 years

October 5, 2023

In this episode, Matt gives an overview of the National Institute for Standards and Technology (NIST)’s newest version of their Cybersecurity Framework (CSF). He points out what’s new in CSF 2.0, such as the addition of governance as a discipline, plus a greater focus on software supply chain security. 

Watch Episode

EPSS 3.0 + CVSS: Why Prioritizing Software Risk is Key

September 28, 2023

In this episode, Matt explains what the newest version of the Exploit Prediction Scoring System (EPSS) is, and how it compares to the Common Vulnerability Scoring System (CVSS) when it comes to minimizing alert fatigue — and prioritizing the highest-risk vulnerabilities. 

Watch Episode

Happy Birthday, ReversingGlass!

September 21, 2023

In this week’s episode, we’re celebrating ReversingGlass’s first trip around the sun! In honor of the show’s birthday, Matt is looking for feedback and ideas from viewers on what kinds of episodes he should make for ReversingGlass’s second year. If there’s a topic you want Matt to do a glassboard on, please email him at matthew.rose@reversinglabs.com

Watch Episode

How Software Supply Chains Go Wrong

September 7, 2023

In this episode, Matt compares his recent move into his new home to software production, making a strong point that no matter how great your team and efforts are, mistakes are still inevitable in the build and release process.

Watch Episode

CISA Secure by Design/Secure by Default is HARD

August 31, 2023
In this episode, Matt explains why CISA's Secure by Design, Secure by Default policy is great in concept, but is actually difficult to execute in the real-world. This is because the policy can really only be applied to new software that hasn't been released yet to the market.
Watch Episode

Trust in Your Software Must be Complete

August 24, 2023

In this episode of ReversingGlass, Matt makes the essential point that trust in your software supply chain is all or nothing. He explains that trusting anything less than 100% of the components in your software package will set your organization up for major risk. This is why trust in software supply chains needs to be complete, so that the risk of a software supply chain attack to your organization can be minimized. 

Watch Episode


Sign up now to receive the latest weekly
news from ReversingLabs

Get Started
Request a DEMO

Learn more about how ReversingLabs can help your company reduce attack surface risks with deep software and file threat analysis to speed release and response.