RL Blog
map and compass stock photo

10 tips for building an enterprise threat modeling program

The Threat Modeling Manifesto explains the how. Now teams must map out an actionable threat modeling program. Here are 10 key tips to get started.

Read More about 10 tips for building an enterprise threat modeling program
10 tips for building an enterprise threat modeling program
The AI executive order: What AppSec teams need to know

The AI executive order: What AppSec teams need to know

While the new White House EO is largely focused on foundational AI, security teams reviewing AI initiatives are still in the hot seat.

Read More about The AI executive order: What AppSec teams need to know
The AI executive order: What AppSec teams need to know
access reversinglabs sscs with more efficiency flexibility and scalability

ReversingLabs Launches Software Supply Chain Security Availability in AWS Marketplace

Streamlining Software Supply Chain Security: ReversingLabs Now Accessible via AWS Marketplace

Read More about ReversingLabs Launches Software Supply Chain Security Availability in AWS Marketplace
ReversingLabs Launches Software Supply Chain Security Availability in AWS Marketplace
secure by design in word art

Secure by Design: How legacy application security is holding it back

Ingrained development patterns and legacy testing tools are holdovers from a reactive era of AppSec. Here's how how to move software security forward.

Read More about Secure by Design: How legacy application security is holding it back
Secure by Design: How legacy application security is holding it back
Don't let CVEs distract you: Shift your AppSec team's focus to malware

Don't let CVEs distract you: Shift your AppSec team's focus to malware

Rather than wasting cycles on non-exploitable or remediated security holes, teams should focus on exploitability, and look for compromises including malware and tampering. Here's why.

Read More about Don't let CVEs distract you: Shift your AppSec team's focus to malware
Don't let CVEs distract you: Shift your AppSec team's focus to malware
protestware word superimposed over gloomy cityscape and the war bolded in red

Protestware taps npm to call out wars in Ukraine, Gaza

ReversingLabs researchers have discovered npm packages that hide scripts broadcasting messages of peace related to the conflicts in Ukraine and in Israel and the Gaza Strip.

Read More about Protestware taps npm to call out wars in Ukraine, Gaza
Protestware taps npm to call out wars in Ukraine, Gaza
Safe bolts

Zero trust and threat modeling: Is it time for AppSec to get on board?

Zero trust can benefit threat modeling, so why not extend it to your AppSec? Understand the key benefits and challenges.

Read More about Zero trust and threat modeling: Is it time for AppSec to get on board?
Zero trust and threat modeling: Is it time for AppSec to get on board?
8 CI/CD security best practices: Protect your software pipeline

8 CI/CD security best practices: Protect your software pipeline

Don't neutralize CI/CD business gains by failing to account for risk. Here are best practices to ensure that your software development pipeline is secure.

Read More about 8 CI/CD security best practices: Protect your software pipeline
8 CI/CD security best practices: Protect your software pipeline
sun coming in through windows into dusty air

How supply chain security tools can protect ML models

SLSA and Sigstore are a good first step toward protecting ML models from attack. But they're not a panacea.

Read More about How supply chain security tools can protect ML models
How supply chain security tools can protect ML models
titaniumcloud new version announcement

TitaniumCloud app for Splunk SOAR updated

Version 1.2.0 of ReversingLabs' TitaniumCloud v2 app for Splunk SOAR adds new actions for network reputation lookups.

Read More about TitaniumCloud app for Splunk SOAR updated
TitaniumCloud app for Splunk SOAR updated
close-up of man wearing glasses with computer reflection

5 best practices for securing your CI/CD with software bills of materials

SBOMs are essential — but making them useful in CI/CD environments is tricky. Here are 5 key best practices.

Read More about 5 best practices for securing your CI/CD with software bills of materials
5 best practices for securing your CI/CD with software bills of materials
galaxy planet atom nucleus abstract

IAmReboot: Malicious NuGet packages exploit loophole in MSBuild integrations

ReversingLabs has highlighted threats in npm, PyPI and RubyGEMS in recent years. This finding shows NuGet is equally exposed to malicious activities by threat actors.

Read More about IAmReboot: Malicious NuGet packages exploit loophole in MSBuild integrations
IAmReboot: Malicious NuGet packages exploit loophole in MSBuild integrations
How mature is your open-source risk management? S2C2F helps map dependencies

How mature is your open-source risk management? S2C2F helps map dependencies

The OpenSSF's Secure Supply Chain Consumption Framework can be used to better discover the risks of open-source components — but remediation is left for organizations to figure out later.

Read More about How mature is your open-source risk management? S2C2F helps map dependencies
How mature is your open-source risk management? S2C2F helps map dependencies
App sec prioritization is priority No. 1 for CISOs

App sec prioritization is priority No. 1 for CISOs

Application security veterans Mark Curphey and John Viega went on a CISO listening tour. Here's what they learned.

Read More about App sec prioritization is priority No. 1 for CISOs
App sec prioritization is priority No. 1 for CISOs
file folders labeled restricted, secret, confidential

GitHub boosts secrets scanning: A necessary step, but supply chain security is key to managing risk

Extending validity checks is welcome, but secrets risk is bigger than that — and requires a holistic supply chain security approach.

Read More about GitHub boosts secrets scanning: A necessary step, but supply chain security is key to managing risk
GitHub boosts secrets scanning: A necessary step, but supply chain security is key to managing risk
Previous1...272829...57Next

Topics

All Blog PostsAppSec & Supply Chain SecurityDev & DevSecOpsProducts & TechnologySecurity OperationsThreat Research
Why RL Built Spectra Assure Community

Why RL Built Spectra Assure Community

We set out to help dev and AppSec teams secure the village: OSS dependencies, malware, more. Learn how.

Read More about Why RL Built Spectra Assure Community
Why RL Built Spectra Assure Community

Follow us

XX / TwitterLinkedInLinkedInFacebookFacebookInstagramInstagramYouTubeYouTubeblueskyBluesky

Subscribe

Get the best of RL Blog delivered to your in-box weekly. Stay up to date on key trends, analysis and best practices across threat intelligence and software supply chain security.

ReversingLabs: The More Powerful, Cost-Effective Alternative to VirusTotalSee Why
Skip to main content
Contact UsSupportBlogCommunity
reversinglabsReversingLabs: Home
Solutions
Secure Software OnboardingSecure Build & ReleaseProtect Virtual MachinesIntegrate Safe Open SourceGo Beyond the SBOM
Increase Email Threat ResilienceDetect Malware in File Shares & StorageAdvanced Malware Analysis SuiteICAP Enabled Solutions
Scalable File AnalysisHigh-Fidelity Threat IntelligenceCurated Ransomware FeedAutomate Malware Analysis Workflows
Products & Technology
Spectra Assure®Software Supply Chain SecuritySpectra DetectHigh-Speed, High-Volume, Large File AnalysisSpectra AnalyzeIn-Depth Malware Analysis & Hunting for the SOCSpectra IntelligenceAuthoritative Reputation Data & Intelligence
Spectra CoreIntegrations
Industry
Energy & UtilitiesFinanceHealthcareHigh TechPublic Sector
Partners
Become a PartnerValue-Added PartnersTechnology PartnersMarketplacesOEM Partners
Alliances
Resources
BlogContent LibraryCybersecurity GlossaryConversingLabs PodcastEvents & WebinarsLearning with ReversingLabsWeekly Insights Newsletter
Customer StoriesDemo VideosDocumentationOpenSource YARA Rules
Company
About UsLeadershipCareersSeries B Investment
Events
Press ReleasesIn the News
Pricing
Software Supply Chain SecurityMalware Analysis and Threat Hunting
Request a demo
Menu

Spectra Assure Free Trial

Get your 14-day free trial of Spectra Assure for Software Supply Chain Security

Get Free TrialMore about Spectra Assure Free Trial
Blog
Events
About Us
Webinars
In the News
Careers
Demo Videos
Cybersecurity Glossary
Contact Us
reversinglabsReversingLabs: Home
Privacy PolicyCookiesImpressum
All rights reserved ReversingLabs © 2026
XX / TwitterLinkedInLinkedInFacebookFacebookInstagramInstagramYouTubeYouTubeblueskyBlueskyRSSRSS
Back to Top