In this episode of the Future of Application Security, Harshil speaks with Dave Ferguson, Director of Technical Product Management, Software Supply Chain Security at ReversingLabs, which offers software supply chain security analysis platform. They discuss the rising need for software supply chain security as a result of the complexities around how software is built today. They also talk about ways to identify novel attacks through analyzing software behaviors, how efforts like SBOMs and registries help increase transparency, and why software supply chain security needs to evolve from just looking for vulnerabilities.
Topics discussed:
- How Dave's diverse background in security, as well as his piqued interest around the SolarWinds and 3CX attacks, led to his focus on software supply chain security today.
- How a product manager leads by working with development teams, meeting with customers, incorporating new features and integrations, and helping bring new solutions to market.
- How the complexities associated with building software today — like open source and automation — have increased the possibility of adversaries slipping in.
- Why analyzing software behavior across previous builds and seeing what's changed can help flag novel attacks.
- Today's trends that are increasing transparency in software creation, including the rising demand for SBOMs and the possibility of trust registries for commercial software.
- Why software supply chain security approaches need to move beyond just looking at vulnerabilities to find ways to root out all malicious activity.
RELATED RESOURCE:
Today, most application security tools are designed to find vulnerabilities, not fix them. What is noise and what is risk? And, more importantly, how do you accelerate the remediation of the most critical vulnerabilities? The answer lies within one key metric — Mean Time to Remediate (MTTR).
Taking a better strategy to decrease your MTTR and keep your organization safe can begin today — download the paper to learn how.
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com
The Male Room with Dr. Jesse Mills
As Director of The Men’s Clinic at UCLA, Dr. Jesse Mills has spent his career helping men understand their bodies, their hormones, and their health. Now he’s bringing that expertise to The Male Room — a podcast where data-driven medicine meets common sense. Each episode separates fact from hype, science from snake oil, and gives men the tools to live longer, stronger, and happier lives. With candor, humor, and real-world experience from the exam room and the operating room, Dr. Mills breaks down the latest health headlines, dissects trends, and explains what actually works — and what doesn’t. Smart, straightforward, and entertaining, The Male Room is the show that helps men take charge of their health without the jargon.