SunBurst: the next level of stealth
SolarWinds compromise exploited through sophistication and patience
ReversingLabs extends deep file analysis into the SDLC (software development lifecycle) detecting hidden threats across all aspects of the supply chain, from open source dependencies through CI/CD (continuous integration / continuous delivery) and the delivery of packaged applications to 3rd party software validation.
Challenge: As engineers consume software components and containers from open source and third-party libraries to build their applications, demands increase to ensure the integrity of the software and that security measures are in place to prevent malicious content from entering the lifecycle.
Solution: ReversingLabs accurately detects malware in code repositories through automated static analysis. This provides greater app security for engineers and DevOps teams in their code development and deployment activities.
Challenge: Unaudited third-party software is the perfect Trojan into your organization as it possesses access, trust and is not inspected by existing security controls.
Solution: ReversingLabs investigates all software that your organization builds, buys or downloads, detecting anomalous software characteristics that indicates malicious intent. This deep analysis is applied to new deployment packages, updates, patches, hot-fixes and open-source modules and is continuously monitored for the next supply chain attack.
Solution Insights
SolarWinds compromise exploited through sophistication and patience
How to Rebuild Trust in the SDLC and 3rd Party Software Supply Chain
With today’s software more reliant on third-party and open-source software, your software development lifecycle (SDLC) demands more checks to validate the integrity of your build, release and production software
ReversingLabs integrates to leading Python package repository PyPI to provide greater assurances that software packages distributed from its repository are free of malware.
ReversingLabs integrates to leading software code management system GitHub to provide assurance to organizations that their private repositories used during the software development and release processes are free of malware.
ReversingLabs integrates to leading JavaScript and node.js package manager npm to provide greater assurances that the distribution of JavaScript packages and modules are free of malware.