ReversingLabs @ RSA 2023 | See You There!
04/20/2023
In this episode, Matt gives a quick overview of what the ReversingLabs team will be up to and tips to prepare for the 2023 RSA Conference.
Field CISO at ReversingLabs. Matt Rose has an extensive background in application security, object-oriented programming, multi-tier architecture design and implementation, and internet/intranet development. His areas of expertise include Application Security, SAST, DAST, IAST, SCA, DevSecOps, and Threat Modeling. Matt is an accomplished public speaker and has been quoted in 50+ AST industry media publications.
Watch Episode
SSCS Use Cases Are Growing
04/13/2023
In this episode, Matt quantifies the various use cases surrounding software supply chain security (SSCS): Home-grown apps, third-party risk management (TPRM), mergers and acquisitions, and cybersecurity insurance.
Full-Coverage Supply Chain Security Explained
04/06/2023
In this episode, Matt lists and explains the various areas of the software supply chain that need to be covered with a modern security solution. He points out that just looking at the build system or open source software alone for threats will not provide full software supply chain security (SSCS) coverage.
How to Define Software Supply Chain Security
03/30/2023
In this episode of ReversingGlass, Matt defines software supply chain security by pointing out the different links that the chain comprises. Each link covers different threats, but each is connected to the creation of a complete software artifact, making comprehensive coverage of the software supply chain a must.
Get Smart With Your Software Supply Chain Security
03/23/2023
In this episode, Matt specifies what “good” software supply chain security (SSCS) looks like. By pointing out all of the pieces to the complex puzzle that is SSCS, Matt showcases that you need an SSCS solution that is comprehensive enough to cover all of these parts, but is smart enough to best serve busy development and SOC teams.
The DNA of Software Supply Chain Security
03/16/2023
In this episode of ReversingGlass, Matt visually explains the components and processes of a software supply chain, from the development process all the way to the continuous delivery of a software package. He then points out the various opportunities attackers can take to compromise a supply chain.
A Brief History of App Sec: Why Software Supply Chain Security Is Now
03/02/2023
In this week’s ReversingGlass episode, Matt explores the history of application security — and why software supply chain security is where app sec is now, driven by the speed and complexity of modern software development.
C-SCRM: Much-needed definition for supply chain policy, processes
In this episode, Matt shares why CISA's new Cyber Supply Chain Risk Management (C-SCRM) office — which will help to operationalize both industry and government efforts on software supply chain security — is key to maturity.
ReversingLabs vs. VirusTotal: A comparison of capabilities
In this episode, Matt draws a visual comparison of ReversingLabs and VirusTotal by assessing the services’ capabilities, such as primary malware research, verified file classification, and more.
SCA Is Good. SSCS Is Better.
02/09/2023
In this lesson, Matt refers to The Software Composition Analysis Landscape, Q1 2023 report from Forrester and makes the point that Software Composition Analysis does not equal Software Supply Chain Security.
