Blog | ReversingLabs | Ericka Chickowski (2)

Where GenAI intersects with threat modeling: 3 key benefits for AppSec

April 17, 2024

Where GenAI intersects with threat modeling: 3 key benefits for AppSec

Generative AI can ease the burdens of threat modeling — and speed it up. But it's not a panacea. Here's what security teams can realistically expect.

When GenAI and low-code collide: What could go wrong for AppSec?

April 9, 2024

When GenAI and low-code collide: What could go wrong for AppSec?

Here's why the duo is a perfect storm, key considerations — and expert advice on how engineering and application security teams can tackle the problem.

7 ways to put your code on a diet — and improve AppSec in the process

March 20, 2024

7 ways to put your code on a diet — and improve AppSec in the process

Code bloat is at the root of many security problems. Here's how development teams can bolster application security with more efficient code.

4 ways hero culture is killing your security program's effectiveness

February 21, 2024

4 ways hero culture is killing your security program's effectiveness

Learn why hero culture is a problem — and how companies and the industry can avoid its negative effects and develop more resilient security operations.

Evolution of AppSec: 4 requirements for the software supply chain security era

January 11, 2024

Evolution of AppSec: 4 requirements for the software supply chain security era

AppSec must make a giant leap forward to modern practices and tooling in order to tackle the new era of software supply chain attacks. Here are four steps.

Developers behaving badly: Why holistic AppSec is key

December 7, 2023

Developers behaving badly: Why holistic AppSec is key

Mature organizations recognize they need to mature their AppSec to keep pace with modern development. Here's why a more holistic AppSec approach is key.

November 22, 2023

Secure by Design: How legacy application security is holding it back

Ingrained development patterns and legacy testing tools are holdovers from a reactive era of AppSec. Here's how how to move software security forward.

8 CI/CD security best practices: Protect your software pipeline

November 14, 2023

8 CI/CD security best practices: Protect your software pipeline

Here are eight best practices for hardening CI/CD build environments and baking security into the software pipeline.

App sec prioritization is priority No. 1 for CISOs

October 25, 2023

App sec prioritization is priority No. 1 for CISOs

Application security veterans Mark Curphey and John Viega went on a CISO listening tour. Here is what they learned.

Threat modeling and the supply chain: An essential tool for managing SDLC risk

September 21, 2023

Threat modeling and the supply chain: An essential tool for managing SDLC risk

Here's what your team needs to understand about threat modeling and software supply chain security — a critical mapping of risk.

Supply chain security: Is technical debt weighing your team down?

August 23, 2023

Supply chain security: Is technical debt weighing your team down?

Vulnerability management and piecemeal app sec testing are like paying the interest only on mounting security technical debt. Where do you stand?

Risk modeling model exposes supply chain's 'hiddenness of knowledge'

August 21, 2023

Risk modeling model exposes supply chain's 'hiddenness of knowledge'

GUAC-ALYTICs will model risk across open source software supply chain interdependencies using a new algorithmic engine. Here's what you need to know.

‹ previous next ›