Develop Secure Software logo

Paul Roberts

Paul Roberts
Content Lead at ReversingLabs. Paul is a reporter, editor and industry analyst with 20 years’ experience covering the cybersecurity space. He is the founder and editor in chief at The Security Ledger, a cybersecurity news website. His writing about cyber security has appeared in publications including Forbes, The Christian Science Monitor, MIT Technology Review, The Economist Intelligence Unit, CIO Magazine, ZDNet and Fortune Small Business. He has appeared on NPR’s Marketplace Tech Report, KPCC AirTalk, Fox News Tech Take, Al Jazeera and The Oprah Show.

Recent Posts from Paul Roberts

XZ Trojan highlights supply chain risk from 'sock puppets'
April 11, 2024

XZ Trojan highlights supply chain risk from 'sock puppets'

There is no fool-proof method to identify phony developer accounts — but there are telltale signs. Threat researchers share three key indicators. 
Read More
Secrets Exposed: How to mitigate risk from secrets leaks — and prevent future breaches
March 21, 2023

Secrets Exposed: How to mitigate risk from secrets leaks — and prevent future breaches

Software secrets are targeted by malicious actors. Here are three key steps to mitigate risk — and best practices you can take to prevent future breaches.
Read More
Secrets Exposed: How hackers are gaining access to software secrets
March 14, 2023

Secrets Exposed: How hackers are gaining access to software secrets

Here’s how attackers are finding software development secrets buried in code repositories — and exploiting them. 
Read More
Secrets Exposed: Why modern development, open source repositories spill secrets en masse
February 23, 2023

Secrets Exposed: Why modern development, open source repositories spill secrets en masse

The Circle CI breach and other recent hacks expose why the secrets problem is so prolific. Learn the why in this first post in our Secrets Revealed series.
Read More
National Cyber Director: Higher bar for software supply chain security is key to cyber resilience
November 1, 2022

National Cyber Director: Higher bar for software supply chain security is key to cyber resilience

National Cyber Director Chris Inglis said the government is setting a new bar for supply chain security as the focus shifts from response to resilience.
Read More
Enduring Security Framework's software supply chain guidelines: A roadmap for the post-SolarWinds world
September 7, 2022

Enduring Security Framework's software supply chain guidelines: A roadmap for the post-SolarWinds world

The new guidance codifies lessons from the SolarWinds hack, including for securing third-party code and development pipelines. Here are four key takeaways.
Read More

SUBSCRIBE

Subscribe to the develop.secure.software newsletter to stay up to speed, learn best practices and more.