The Circle CI breach made secrets security front of mind. Now AI and low-code are introducing more risk. Here are key takeaways for managing secrets risk.
Here's why the duo is a perfect storm, key considerations — and expert advice on how engineering and application security teams can tackle the problem.
Two newly discovered extensions on the VS Code Marketplace are designed to steal sensitive information, showing that open source attacks are expanding.
Software complexity is growing, making software bills of material a necessity. But SBOMs must be actionable to manage risk. Here's how to put them to work.
Software tampering and social engineering were used in a months-long campaign to plant malicious code in major Linux distributions. Here's what we know.
Understand the state of software supply chain security with key takeaways from recent research and surveys of application security and development pros.
Memory safety is one of the most stubborn and dangerous software weaknesses. Here are key insights and takeaways from a new Google report on the issue.
Here’s what we know about the government's new software attestation form — and what needs to change to better manage modern software supply chain risk.
Get the best of RL Blog delivered to your in-box weekly to stay up to date on key trends, analysis and best practices across threat intelligence and software supply chain security.
