Blog | ReversingLabs | AppSec & Supply Chain Security (2)

December 11, 2024

U.K. cybersecurity chief warns of gap between risks and defenses

The new NCSC lead warned that cybersecurity risk is 'widely underestimated.' But experts say AI could close the gap — if the industry comes together.

December 10, 2024

AI-based fuzzing targets open-source LLM vulnerabilities

Google researchers have identified 26 vulnerabilities with OSS-Fuzz, but experts warn that AI fuzzing is not a panacea for AI/ML security.

December 4, 2024

Software liability gets real: 5 ways to get ahead of the EU's new directive

Here's what your organization needs to know about the Product Liability Directive — and how to avoid any slip-ups.

December 2, 2024

Why shift left alone can't manage your software risk

The state of application security was on the agenda at the Elephant in AppSec Conference. One clear takeaway: Modern threats demand an all-in approach.

November 26, 2024

OWASP Top 10 for LLM adds risks: Get on target to secure your AI models

OWASP has updated its Top 10 list with key risk areas, and recently added an AppSec tooling guide for AI. Here's what they cover — and what they don't.

November 13, 2024

CISA's secure software deployment push: Key takeaways for AppSec teams

To avoid the next CrowdStrike fiasco, CISA and others recommend embracing safe deployment practices earlier in the SDLC. Here's what you need to know.

November 7, 2024

AppSec vs. product security: Secure by Design demands a strategy shift

Here's why and how to push your application security further into ProdSec — and what that means to achieving the goals of CISA's Secure by Design.

November 6, 2024

Downgrade attacks open patched systems to malware

Researcher Alon Leviev warns that the Microsoft Windows compromise posed risks that were structural — stretching well beyond the specific flaws.

November 5, 2024

SEC action raises the bar on software transparency

The firms have been fined for playing down the impact of the attack on SolarWinds. It’s part of a government push for greater transparency.

October 29, 2024

Connected car security: Software complexity creates bumps in the road

Here's what you need to know about connected cars security initiatives — and key lessons from software supply chain security's rough ride more broadly.

October 24, 2024

CISO Survival Guide: Commercial Software Supply Chain Risk

Spectra Assure delivers third-party software risk management (TPSRM), which enables ownership and methods to determine if third-party apps pose a risk.

October 23, 2024

Keep your secrets secret: 5 core tips — and a call to action on modernizing

A multilayered approach to prevent secrets exposure is good strategy — but it must include a final check on all software before it goes out the door.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Partners

Alliances

Resources

Company

Events

Press

AppSec & Supply Chain Security (2)

U.K. cybersecurity chief warns of gap between risks and defenses

AI-based fuzzing targets open-source LLM vulnerabilities

Software liability gets real: 5 ways to get ahead of the EU's new directive

Why shift left alone can't manage your software risk

OWASP Top 10 for LLM adds risks: Get on target to secure your AI models

CISA's secure software deployment push: Key takeaways for AppSec teams

AppSec vs. product security: Secure by Design demands a strategy shift

Downgrade attacks open patched systems to malware

SEC action raises the bar on software transparency

Connected car security: Software complexity creates bumps in the road

CISO Survival Guide: Commercial Software Supply Chain Risk

Keep your secrets secret: 5 core tips — and a call to action on modernizing

Topics

Special Reports

The State of Software Supply Chain Security 2024

Upcoming Webinars

ConversingLabs

AppSec & Supply Chain Security (2)

Topics

Follow us

Subscribe

Special Reports