Executive Order on Cybersecurity (EO 14028)

December 1, 2022

Log4j one year in: Vulnerability fuels attacks — and a new urgency for software supply chain security

One year ago, a vulnerability in Apache’s Log4j turned the security world on its ear. What has changed since then? Here are the key takeaways from Log4Shell's legacy.
October 31, 2022

National Cyber Director: Higher bar for software supply chain security is key to cyber resilience

National Cyber Director Chris Inglis said the government is setting a new bar for supply chain security as the focus shifts from response to resilience.
September 19, 2022

White House memo calls for software supply chain security, takes a step closer to mandating SBOMs

The new memorandum calls on firms selling software to the federal government to attest to its conformity with NIST security standards. Here's what you need to know.
September 7, 2022

Enduring Security Framework's software supply chain guidelines: A roadmap for the post-SolarWinds world

The new guidance codifies lessons from the SolarWinds hack, including for securing third-party code and development pipelines. Here are four key takeaways.
September 6, 2022

The SBOM is evolving: 4 key trends boosting software supply chain security

Software bills of materials will never be a panacea for software supply chain security. Here are key trends that will deliver some welcome evolution, however.
May 12, 2022

Happy anniversary? An assessment of the Cybersecurity Executive Order one year on

One year ago today, the White House released an Executive Order on Improving the Nation’s Cybersecurity. Here's where things stand. 
March 9, 2022

Interview: Tomislav Peričin Explains NIST’s New Secure Software Development Framework

ReversingLabs Chief Software Architect Tomislav Peričin examines NIST’s new Secure Software Development Framework.