SAST, DAST & SCA failed to detect the SolarWinds & 3CX attacks. Learn the limitations that legacy #AppSec tools present in our new white paper: bit.ly/3yEUpcG #SoftwareSupplyChainSecurity

In an article I wrote for Network Computing, I argue that software-producing & consuming organizations need to have access to mature #malware intel, complex binary analysis & reproducible builds to detect all kinds of software supply chain attacks. networkcomputing.com/network-manage…

Thank you ReversingLabs 🫶🏻

#NoodRAT, also known as #NoodleRAT and #ANGRYREBEL, is a #backdoor used by Chinese-speaking groups in targeted cybercrime and espionage attacks since 2022. Don't become a victim, deploy our public #YARArules. bit.ly/3x34FdW

Here's what you need to know about why the #Log4j flaw, #Log4Shell, remains a threat — and how to protect your organization with a modern #SoftwareSupplyChainSecurity approach. Ft. insights from Knox, Michael Skelton & Saša Zdjelar. bit.ly/474e82l

"Apple has told us that Macs don't get malware. The reality is that's definitely changing." — Patrick Wardle at Black Hat 2024 (Black Hat). Watch his full interview on his book The Art of Mac Malware with ReversingLabs: youtube.com/watch?v=L5HtDy…

With #AI & the shift from the perimeter to the #softwaresupplychain as a primary attack vector, are #cybersecurity certifications still relevant? Here's what top experts say, ft. Knox, Sajeeb Lohani (prodigysml / sml555) & more. bit.ly/3yOHZ2i

It’s essential for today’s security leaders to understand the threats posed to commercial software. Start with Software Supply Chain Security for Dummies: bit.ly/3WHQc1c #SoftwareSupplyChainSecurity #ForDummies

🎙️🎧 Looking for a podcast to listen to this weekend? Check out the newest episode of The Cyber Ranch Podcast, where RL's Saša Zdjelar talks #SoftwareSupplyChainSecurity. Listen here, or wherever you get your podcasts: bit.ly/3MsjWco

Thank you to our Advocate Sponsor, ReversingLabs

Primary code repositories are a godsend for software #developers, but offer easy access for threat actors to deliver #malware. ReversingLabs Tomislav Pericin explains in this CSOonline article how frequently the malicious packages are popping up. csoonline.com/article/348774… #forgepointfamily

The Exploit Prediction Scoring System (#EPSS) performs better than #CISA's KEV & #CVSS scores for vulnerabilities in the wild — but experts say combining all three works best 👇 bit.ly/3Z91lJY

⏰ Happening in 1 week: Join this live discussion on RL's new how-to book, Software Supply Chain Security for Dummies 📚 ➡️ bit.ly/46JeISW #SoftwareSupplyChainSecurity #Cybersecurity #AppSec

Enterprises purchasing commercial software need direct, verifiable evidence of #SoftwareSupplyChainSecurity. Here's why your organization needs to trust, but verify in the context of Secure by Demand 👇 bit.ly/3ZaF3HK

The RL Spectra Assure SAFE Report brings readily digestible visibility to software supply chain threats & facilitates collaboration for effective risk management. Learn how: bit.ly/4dNiRrK #CyberRisk #SoftwareSupplyChainSecurity #Cybersecurity

In a recent IT GRC Forum expert panel, leaders discussed how enterprises can get back to basics & put SBOMs to work for better software supply chain security. Here are the takeaways: bit.ly/3MGgds1 Ft. insights from Charlie Jones, Paul Asadoorian @[email protected] & more.