Blog | ReversingLabs | AppSec & Supply Chain Security (22)

December 1, 2022

Log4j one year in: Vulnerability fuels attacks — and a new urgency for software supply chain security

One year ago, a vulnerability in Apache’s Log4j turned the security world on its ear. What has changed since then? Here are the key takeaways from Log4Shell's legacy.

November 23, 2022

GitHub repojacking attack: 10 lessons for software teams

Software supply chain attacks are on the rise because of their reach. Here are 10 valuable lessons from the recent GitHub namespace attack.

November 17, 2022

The Week in Security: Disguised Russian software used in U.S. Army, CDC applications

This week: software security and international relations collide as one tech company falsely brands itself as a U.S. software supplier. Also: a Canadian supermarket chain has been hit with a ransomware attack.

November 10, 2022

The Week in Security: Former Uber CSO convicted over hack cover-up, supply chain attack targets media

This week: Former Uber CSO is convicted for his attempted cover-up of a 2016 hack of the company. Also: A software supply chain attack has pushed out malware to at least 250 media sites.

November 8, 2022

Forrester Security & Risk Forum: Go beyond the software bill of materials

At the Forrester Security & Risk Forum, ReversingLabs Field CISO Matt Rose presents about what an SBOM provides — and how it can be put to good use.

November 7, 2022

5 reasons why you need an SaaSBOM

Here's why your organization should consider a SaaSBOM, as well as the essential challenges facing their implementation.

November 2, 2022

Special report: End-to-end supply chain security demands dev and SOC teams shift left together

Security operations centers (SOCs) and developers need to share the responsibility for securing the software supply chain. Find out why in ReversingLabs' latest report.

October 31, 2022

National Cyber Director: Higher bar for software supply chain security is key to cyber resilience

National Cyber Director Chris Inglis said the government is setting a new bar for supply chain security as the focus shifts from response to resilience.

October 26, 2022

Google pairs GUAC with SLSA to take a bite out of software supply chain insecurity

Are you ready to dip into this tasty repo for better software security?

October 25, 2022

The state of CI/CD security: Upgrade your software supply chain tools to maintain velocity and security

Modern software supply chain security depends on getting your tools right, and focusing on the end-to-end software development lifecycle. Here's what you need to maintain your software development and release and stay secure.

October 24, 2022

SBOMs are critical to software supply chain security — but only the first step in your journey

SBOMs are key to software supply chain security. But they are also only the first step on your software supply chain journey. Here's what you need to know.

October 20, 2022

The Week in Security: Attacks on critical infrastructure and the software supply chain take off

This week: Critical infrastructure sectors such as education and aviation are being targeted by cybercriminals. Also: software supply chain attacks have increased by 742% in the past 3 years.

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Partners

Alliances

Resources

Company

Events

Press

AppSec & Supply Chain Security (22)

Log4j one year in: Vulnerability fuels attacks — and a new urgency for software supply chain security

GitHub repojacking attack: 10 lessons for software teams

The Week in Security: Disguised Russian software used in U.S. Army, CDC applications

The Week in Security: Former Uber CSO convicted over hack cover-up, supply chain attack targets media

Forrester Security & Risk Forum: Go beyond the software bill of materials

5 reasons why you need an SaaSBOM

Special report: End-to-end supply chain security demands dev and SOC teams shift left together

National Cyber Director: Higher bar for software supply chain security is key to cyber resilience

Google pairs GUAC with SLSA to take a bite out of software supply chain insecurity

The state of CI/CD security: Upgrade your software supply chain tools to maintain velocity and security

SBOMs are critical to software supply chain security — but only the first step in your journey

The Week in Security: Attacks on critical infrastructure and the software supply chain take off

Topics

Special Reports

The State of Software Supply Chain Security

Upcoming Webinars

ConversingLabs

AppSec & Supply Chain Security (22)

Topics

Follow us

Subscribe

Special Reports