Blog | ReversingLabs | AppSec & Supply Chain Security (10)

October 24, 2023

GitHub boosts secrets scanning: A necessary step, but supply chain security is key to managing risk

GitHub extending validity checks to AWS, Slack etc. is welcome, but the risk posed by secrets leaks requires a holistic supply chain security approach.

October 12, 2023

The evolution of AppSec: Getting off the hamster wheel remains elusive

Experts say scan-and-fix will remain for some time. But application security tools are evolving to provide prioritization and automation.

October 10, 2023

5 ways APIs can be the weak link in supply chain security

Here's why application programming interface security is critical to supply chain security — and the key advances needed to move API security forward.

October 2, 2023

NIST supply chain security guidance for CI/CD environments: What you need to know

While NIST's guidelines for supply chain security in CI/CD environments are welcomed, putting them into practice may be challenging for some organizations.

September 26, 2023

EPSS vs. CVSS: Exploit prediction could move the needle on software risk

EPSS vs CVSS: Will the Exploit Prediction Scoring System improve application security now — and software supply chain security in the future?

September 21, 2023

Threat modeling and the supply chain: An essential tool for managing SDLC risk

Here's what your team needs to understand about threat modeling and software supply chain security — a critical mapping of risk.

September 20, 2023

The art of security chaos engineering

What if dev and app sec teams showed the same nimbleness and ruthless efficiency as cybercriminals? Fastly's Kelly Shortridge explains why it's essential.

September 13, 2023

IoT and the supply chain: The road to securing devices

In this episode of ConversingLabs, NetRise CEO Thomas Pace talks about supply chain threats to the Internet of Things (IoT).

September 7, 2023

20 application security pros you should follow

These leading app sec experts provide a steady of flow of security knowledge to keep you up to speed.

September 6, 2023

Lemons and liability: How security warranties could tame the software market

In this ConversingLabs, Daniel Woods shares insights from his research on software warranties, and how shifting liability to producers could define the market.

September 5, 2023

Threat research roundup: Lessons learned from recent PyPI and npm supply chain attacks

RL threat researchers have discovered multiple malicious campaigns on open repositories recently. Join the Webinar to discuss key takeaways.

August 31, 2023

VMConnect supply chain attack continues, evidence points to North Korea

ReversingLabs researchers discovered more packages that are part of the previously identified VMConnect campaign, and evidence linking the campaign to North Korean threat actors.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Partners

Alliances

Resources

Company

Events

Press

AppSec & Supply Chain Security (10)

GitHub boosts secrets scanning: A necessary step, but supply chain security is key to managing risk

The evolution of AppSec: Getting off the hamster wheel remains elusive

5 ways APIs can be the weak link in supply chain security

NIST supply chain security guidance for CI/CD environments: What you need to know

EPSS vs. CVSS: Exploit prediction could move the needle on software risk

Threat modeling and the supply chain: An essential tool for managing SDLC risk

The art of security chaos engineering

IoT and the supply chain: The road to securing devices

20 application security pros you should follow

Lemons and liability: How security warranties could tame the software market

Threat research roundup: Lessons learned from recent PyPI and npm supply chain attacks

VMConnect supply chain attack continues, evidence points to North Korea

Topics

Special Reports

The State of Software Supply Chain Security 2024

Upcoming Webinars

ConversingLabs

AppSec & Supply Chain Security (10)

Topics

Follow us

Subscribe

Special Reports