Blog | ReversingLabs | John P. Mello Jr.

December 11, 2024

U.K. cybersecurity chief warns of gap between risks and defenses

The new NCSC lead warned that cybersecurity risk is 'widely underestimated.' But experts say AI could close the gap — if the industry comes together.

December 10, 2024

AI-based fuzzing targets open-source LLM vulnerabilities

Google researchers have identified 26 vulnerabilities with OSS-Fuzz, but experts warn that AI fuzzing is not a panacea for AI/ML security.

November 26, 2024

OWASP Top 10 for LLM adds risks: Get on target to secure your AI models

OWASP has updated its Top 10 list with key risk areas, and recently added an AppSec tooling guide for AI. Here's what they cover — and what they don't.

November 13, 2024

CISA's secure software deployment push: Key takeaways for AppSec teams

To avoid the next CrowdStrike fiasco, CISA and others recommend embracing safe deployment practices earlier in the SDLC. Here's what you need to know.

October 31, 2024

NIST's NICE: 3 ways to adapt the hiring framework for modern threats

NICE is designed to help leaders build better cybersecurity teams. Here's how to put it to work in the software supply chain security era.

October 22, 2024

OWASP's Dependency-Track tool update: Key changes — and limitations

Here are key highlights of the changes — and what you need to know about managing risk from your software, whether you build it or buy it.

October 15, 2024

AI and cybersecurity: Modernize your SecOps to tackle today's threats

Here are highlights from Caleb Sima's recent BSides and RVAsec talks — and expert insights on how AI can help deal with today's threats head-on.

October 2, 2024

The best cybersecurity certifications to level up your skills

With the threat landscape shifting, choosing the right certifications can boost a cybersecurity pro's market value. Here's what you need to know.

September 24, 2024

Modernize your chaos engineering with commercial software transparency

By leveraging modern supply chain security, you can develop better chaos engineering with deeper visibility into all software. Here are key considerations.

September 17, 2024

Go beyond the checkbox: How software bills of materials can manage risk

SBOMs are a good start toward software supply chain security but additional tooling needed to make them effective, experts say.

September 5, 2024

Supply chain risk makes software stack visibility essential

Get back to basics and put your SBOMs to work for better software security, IT GRC Forum expert panel advises organizations. Here are key takeaways.

August 22, 2024

With quantum coming, NIST readies new software supply chain protection

Federal Information Processing Standard (FIPS) standards are aimed at bolstering key components such as public-key algorithms. Here's a full run-down.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Partners

Alliances

Resources

Company

Events

Press

John P. Mello Jr.

Recent Posts from John P. Mello Jr.

U.K. cybersecurity chief warns of gap between risks and defenses

AI-based fuzzing targets open-source LLM vulnerabilities

OWASP Top 10 for LLM adds risks: Get on target to secure your AI models

CISA's secure software deployment push: Key takeaways for AppSec teams

NIST's NICE: 3 ways to adapt the hiring framework for modern threats

OWASP's Dependency-Track tool update: Key changes — and limitations

AI and cybersecurity: Modernize your SecOps to tackle today's threats

The best cybersecurity certifications to level up your skills

Modernize your chaos engineering with commercial software transparency

Go beyond the checkbox: How software bills of materials can manage risk

Supply chain risk makes software stack visibility essential

With quantum coming, NIST readies new software supply chain protection

Topics

Special Reports

The State of Software Supply Chain Security 2024

Upcoming Webinars

ConversingLabs

John P. Mello Jr.

Recent Posts from John P. Mello Jr.

Topics

Follow us

Subscribe

Special Reports