Blog | ReversingLabs | AppSec & Supply Chain Security

AppSec & Supply Chain Security

April 9, 2025

Vibe coding: What automating development means for AppSec

Between AI coding and "vibe coding" – prompt engineering AI coding – AppSec is going to be challenging. Here's what you need to know.

April 8, 2025

The race to secure the AI/ML supply chain is on — get out front

Supply chain risks from artificial intelligence (AI) and machine learning (ML) are getting real. Here are key insights from RL’s new report.

April 2, 2025

CVEs lose relevance: Get proactive — and think beyond vulnerabilities

More cracks in the NVD emerge, making the CVE system less useful. Shift your approach to keep up with software risk.

April 1, 2025

OpenSSF guidelines encourage OSS developers to build securely

The Open Source Secure Baseline provides a framework for securing OSS development — but it could breed complacency. Here's what you need to know.

March 27, 2025

AI coding tools weaponized: What your AppSec team needs to know

The "Rules File Backdoor" attack method is pernicious — and one that can be easily exploited with the rise of "vibe coding" and agentic AI.

March 25, 2025

Crypto malware attacks: 23 supply chain incidents set off alarms

Target on back-alert: Open source was increasingly exploited in attacks on cryptocurrency infrastructure and apps in 2024.

March 20, 2025

CISO survey: 6 lessons to boost third-party cyber-risk management

Risk is rising across the software supply chain while visibility remains low, making TPCRM challenging. Here's what you need to know.

March 19, 2025

Less malware, more risk: The changing face of open-source security

Instances of malware on open-source software repositories dropped in 2024 — but OSS risk is on the rise. Here’s what you need to know.

March 18, 2025

EPSS is not foolproof: Shift your AppSec beyond vulnerabilities

The Exploit Prediction Scoring System is useful, but limited. Here's why your application security strategy needs an upgrade.

March 13, 2025

OWASP supply chain security cheat sheet: 5 key action items

The complexity of today's software development makes supply chain security essential. This new cheat sheet is a great place to start.

March 12, 2025

Hidden threats lurk in commercial software: How to manage risk

While open-source software risks are not going away, attack trends show third-party software presents the greatest risk to the enterprise.

March 11, 2025

Generative AI software development boosts productivity — and risk

The promise of higher development output is prompting rapid adoption of AI coding tools, but AppSec teams are in the hot seat with rising risk. Buckle up!

Software Supply Chain Security

File Security

Security Operations

Products

Technology

Partners

Alliances

Resources

Company

Events

Press

AppSec & Supply Chain Security

Vibe coding: What automating development means for AppSec

The race to secure the AI/ML supply chain is on — get out front

CVEs lose relevance: Get proactive — and think beyond vulnerabilities

OpenSSF guidelines encourage OSS developers to build securely

AI coding tools weaponized: What your AppSec team needs to know

Crypto malware attacks: 23 supply chain incidents set off alarms

CISO survey: 6 lessons to boost third-party cyber-risk management

Less malware, more risk: The changing face of open-source security

EPSS is not foolproof: Shift your AppSec beyond vulnerabilities

OWASP supply chain security cheat sheet: 5 key action items

Hidden threats lurk in commercial software: How to manage risk

Generative AI software development boosts productivity — and risk

Topics

Special Reports

The 2025 Software Supply Chain Security Report

Upcoming Webinars

ConversingLabs

AppSec & Supply Chain Security

Topics

Follow us

Subscribe

Special Reports