Blog | ReversingLabs | AppSec & Supply Chain Security (2)

AppSec & Supply Chain Security (2)

Go beyond vulnerabilities for your AppSec: Here's why it's essential

February 25, 2025

Go beyond vulnerabilities for your AppSec: Here's why it's essential

The rise of supply chain attacks means organizations must look beyond vulnerability mitigation alone. Here's how you can modernizing your AppSec.

8 key software security fails to avoid

February 19, 2025

8 key software security fails to avoid

Security best practices can help, but it’s the bad practices that will expose you to software risk. Here are the worst practices to avoid at all cost.

What developers think about application security might surprise you

February 13, 2025

What developers think about application security might surprise you

Software security is front of mind for many. What developers have to say is critical. Here are four key takeaways from a survey of engineers about AppSec.

CISA cybersecurity performance goals: 7 action items to boost your AppSec

February 11, 2025

CISA cybersecurity performance goals: 7 action items to boost your AppSec

he agency's new IT Sector-Specific Goals (SSGs) for application security aim to keep Secure by Design going strong. Here are key action items.

Secure by Design and Secure by Default: You need both to boost AppSec

February 4, 2025

Secure by Design and Secure by Default: You need both to boost AppSec

When it comes to these two security approaches advanced by CISA for locking down your application security, it's not an either/or proposition. Here's why.

Get real about container security: 4 essential practices to manage risk

February 4, 2025

Get real about container security: 4 essential practices to manage risk

Here are key practices you must implement to protect container workloads — and new controls needed for all software — in the age of supply chain security.

OWASP tackles AI security with new NHI Top 10: What you need to know

January 29, 2025

OWASP tackles AI security with new NHI Top 10: What you need to know

Identity management is key for security, but AI is bringing non-humans into the mix. The new OWASP list calls attention to this. Here are top takeaways.

AI is a double-edged sword: Why you need new controls to manage risk

January 28, 2025

AI is a double-edged sword: Why you need new controls to manage risk

AI can improve cybersecurity outcomes, but it also represents an entirely new threat. Upgrade your security strategy — and tooling — for the AI age.

BSIMM15 shines light on compliance and AI security — but updating tooling is key

January 23, 2025

BSIMM15 shines light on compliance and AI security — but updating tooling is key

The BSIMM highlights traditional AppSec practices — but they are no match for modern supply chain attacks and AI/ML. Here's what you need to know.

Going beyond 'shift left': Why shared responsibility is key to risk management

January 15, 2025

Going beyond 'shift left': Why shared responsibility is key to risk management

AppSec experts and software risk managers say organizations must move beyond shift left. Here's why — and how to make that happen.

Census III study spotlights ongoing open-source software security challenges

January 8, 2025

Census III study spotlights ongoing open-source software security challenges

The study, from the Linux Foundation, OpenSSF, and Harvard, highlights key open-source risk areas. Here's what you need to know.

SEC cybersecurity disclosures and lessons to be learned: A timeline

December 24, 2024

SEC cybersecurity disclosures and lessons to be learned: A timeline

Here’s what the 2024 8-K security-incident filings are all about, lessons to be learned — and the bigger picture for cybersecurity.

‹ previous next ›