DoD’s Software Fast Track (SWFT) program steps up supply chain risk management via procurement. Here's what you need to know.

Cut third-party software approval times from weeks to hours with automated risk analysis and SBOMs from ReversingLabs Spectra Assure.

Here’s how to achieve crypto-agility and secure your software supply chain with ReversingLabs Spectra Assure’s Cryptography Bills of Materials (CBOM).

Software procurement is risky business. Learn why outdated tooling doesn’t cut it — and how modern technologies can provide much-needed transparency.

Learn how Third-Party Software Risk Management (TPSRM) builds on TPRM and TPCRM to protect against supply chain attacks and software-based threats.

Agentic AI is a different animal for application security red teams. Here's are key takeaways from the Cloud Security Alliance's new guide.

EU steps up to fill gaps caused by problems with the NVD and CVE — at a time when software risks are on the rise. Here's what you need to know.

Triaging and patching, plus meeting compliance demands, all bog down modern software teams — and divert time away from development.

The software supply chain incident highlights how quickly threat actors can turn newly revealed vulnerabilities into widespread attacks.

Policy as Code is emerging as a key area of focus for application security teams in the age of cloud-native software development. But implementation can be daunting.

Software Supply Chain Security, Threat Intelligence, and Threat Analysis Solutions

Application security pros need to be ready to cope with security at the speed of code. Here's how to get a handle on modern software risk.

Here's how to integrate AI-specific risks into your existing security incident response (IR) playbook.

Scott Culp’s formulation still holds true — though some additions are needed that account for software supply chain security. 

Integrated security in AI assistants could help to catch code flaws — but they are only one layer in a comprehensive AppSec strategy.