Blog | ReversingLabs (8)

July 17, 2024

How RL Spectra Assure Analyzes Reproducible Builds to Find Compromises

Early detection of software build tampering is key. Here's how RL's software supply chain security platform delivers this critical pre-release check.

July 16, 2024

AppSec alert fatigue: 4 ways to reduce burnout — and boost security

Tool sprawl is making alert fatigue a major problem for teams responsible for application security. Here are four ways to combat it in your organization.

July 11, 2024

Malicious NuGet campaign uses homoglyphs and IL weaving to fool devs

Malware authors upped their game, using homoglyphs to impersonate a protected NuGet prefix and IL weaving to inject malicious code, RL researchers found.

July 10, 2024

The state of DevSecOps: Why upgrading your AppSec tooling is essential

Here's what's holding DevSecOps back — and why modernizing your application security tooling is critical in the software supply chain security era.

July 9, 2024

New Gartner® Report Introduces Three Pillars to Strengthen Software Supply Chain Security

In a new report, Gartner® is redefining software supply chain security and calling on enterprises to make some big changes.

June 28, 2024

The Polyfill.io vulnerability: Software supply chain attack lessons

The compromise of the widely used Pollyfill.io CDN contains important lessons for organizations on trust.

June 27, 2024

OASIS Open's push for a software supply chain standard: All together now?

The aim is to build a unifying framework for existing SBOM data models, including CSAF, CycloneDX, OpenVEX, and SPDX. Experts weigh in with key insights.

June 26, 2024

Malicious npm package targets AWS users

The package's history is a lesson in why tracking open source threats is such a challenge — and highlights the value of RL's new Spectra Assure Community.

June 26, 2024

New Portal Helps Devs Spot Malicious Open Source Packages

RL's Spectra Assure Community offers free comprehensive risk assessment of more than 5 million npm, PyPi, and RubyGems packages.

June 25, 2024

How platform engineering helps you get a good start on Secure by Design

Self-service portals for developers can help organizations overcome challenges to getting off and running with CISA's software security initiative.

June 25, 2024

The Power of Complex Binary Analysis

RL Spectra Assure’s complex binary static analysis delivers critical visibility into software to flag malware and threats, closing the supply chain security gap.

June 20, 2024

How to secure mergers & acquisitions from software supply chain attacks

When engaging in M&A, acquiring firms often inherit a software stack that presents security concerns. Here’s how you can effectively manage these risks.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Partners

Alliances

Resources

Company

Events

Press

How RL Spectra Assure Analyzes Reproducible Builds to Find Compromises

AppSec alert fatigue: 4 ways to reduce burnout — and boost security

Malicious NuGet campaign uses homoglyphs and IL weaving to fool devs

The state of DevSecOps: Why upgrading your AppSec tooling is essential

New Gartner® Report Introduces Three Pillars to Strengthen Software Supply Chain Security

The Polyfill.io vulnerability: Software supply chain attack lessons

OASIS Open's push for a software supply chain standard: All together now?

Malicious npm package targets AWS users

New Portal Helps Devs Spot Malicious Open Source Packages

How platform engineering helps you get a good start on Secure by Design

The Power of Complex Binary Analysis

How to secure mergers & acquisitions from software supply chain attacks

Topics

Special Reports

The State of Software Supply Chain Security 2024

Upcoming Webinars

ConversingLabs

Topics

Follow us

Subscribe

Special Reports