Blog | ReversingLabs | AppSec & Supply Chain Security

November 19, 2024

Why shift left alone can't manage your software risk

The state of application security was on the agenda at the Elephant in AppSec Conference. One clear takeaway: Modern threats demand an all-in approach.

November 14, 2024

OWASP Top 10 for LLM and new tooling guidance targets GenAl security

Here's what your team needs to know about the new OWASP Top 10 for LLM and tooling guide — and its limitations in securing AI in your organization.

November 13, 2024

CISA's secure software deployment push: Key takeaways for AppSec teams

To avoid the next CrowdStrike fiasco, CISA and others recommend embracing safe deployment practices earlier in the SDLC. Here's what you need to know.

November 7, 2024

AppSec vs. product security: Secure by Design demands a strategy shift

Here's why and how to push your application security further into ProdSec — and what that means to achieving the goals of CISA's Secure by Design.

November 6, 2024

Downgrade attacks open patched systems to malware

Researcher Alon Leviev warns that the Microsoft Windows compromise posed risks that were structural — stretching well beyond the specific flaws.

November 5, 2024

SEC action raises the bar on software transparency

The firms have been fined for playing down the impact of the attack on SolarWinds. It’s part of a government push for greater transparency.

October 29, 2024

Connected car security: Software complexity creates bumps in the road

Here's what you need to know about connected cars security initiatives — and key lessons from software supply chain security's rough ride more broadly.

October 24, 2024

CISO Survival Guide: Commercial Software Supply Chain Risk

Spectra Assure delivers third-party software risk management (TPSRM), which enables ownership and methods to determine if third-party apps pose a risk.