Blog | ReversingLabs | AppSec & Supply Chain Security (19)

March 1, 2023

3 reasons to upgrade your AppSec testing to tackle supply chain security

Modern software development practices are a primary target for software supply chain attacks. Here's why traditional application security tools alone are not enough to mitigate these new risks

February 28, 2023

SBOM Automation: The next big step in risk management

Why SBOM automation is the next big step in managing software supply chain risk.

February 27, 2023

Lessons learned from the CircleCI secrets breach

The CircleCI breach reveals a bigger story on secrets. Matt Rose and Chris Wilder discuss lessons learned.

February 23, 2023

Secrets Exposed: Why modern development, open source repos spill secrets en masse

The Circle CI breach and other hacks expose why the secrets problem is so prolific. Here's what you need to know about the state of secrets security.

February 23, 2023

How C-SCRM could fill the gaps on supply chain security

The new CISA office for Cyber Supply Chain Risk Management (C-SCRM) could make a difference with clear and consistent guidance for industry and government.

February 21, 2023

OSC&R targets software supply chain attacks

Here's what you need to know about OSC&R, along with expert insights on the new framework's potential to improve software supply chain security.

February 15, 2023

Less talk, more action: High hopes for CISA's new C-SCRM office

CISA's C-SCRM turns a page on a busy year for federal software supply chain security directives and guidance. Will it move the needle?

February 14, 2023

Software composition analysis and the evolution of application security

Here are key takeaways from The Software Composition Analysis Landscape, Q1 2023 report — and how app sec is evolving to adapt to supply chain threats

February 14, 2023

SCA is good, but AppSec must evolve to tackle software supply chain security

Software teams are facing growing supply chain complexity and threats. Here's why SCA should evolve beyond open source licensing and vulnerabilities.

February 14, 2023

The SCA tools landscape and what it means to software supply chain security

Forrester's Software Composition Analysis report provides a competitive analysis of SCA tools. Here's how they deliver on software supply chain security.

February 13, 2023

Why knowing the "ground truth" is key to software security

Software bills of materials (SBOMs) deliver a ground truth for software teams. Here's how they can protect their supply chains.

February 9, 2023

Open-source repository malware sows Havoc

Aabquerys is a malicious npm package discovered typosquatting on a legitimate npm module that downloads malicious components, ReversingLabs discovered.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Partners

Alliances

Resources

Company

Events

Press

AppSec & Supply Chain Security (19)

3 reasons to upgrade your AppSec testing to tackle supply chain security

SBOM Automation: The next big step in risk management

Lessons learned from the CircleCI secrets breach

Secrets Exposed: Why modern development, open source repos spill secrets en masse

How C-SCRM could fill the gaps on supply chain security

OSC&R targets software supply chain attacks

Less talk, more action: High hopes for CISA's new C-SCRM office

Software composition analysis and the evolution of application security

SCA is good, but AppSec must evolve to tackle software supply chain security

The SCA tools landscape and what it means to software supply chain security

Why knowing the "ground truth" is key to software security

Open-source repository malware sows Havoc

Topics

Special Reports

The State of Software Supply Chain Security

Upcoming Webinars

ConversingLabs

AppSec & Supply Chain Security (19)

Topics

Follow us

Subscribe

Special Reports