Mend.io Launches AppSec Risk Assessment Program to Aid Understanding and Prioritization of Application Risk

Free Service Provides In-Depth Application Scanning, Expert Consultation, and Actionable Remediation Advice

TEL AVIV, Israel and BOSTON, June 13, 2023 — Mend.io, a leader in application security, today announced the launch of a new AppSec Risk Assessment program to help organizations understand and prioritize their application risk.

The AppSec Risk Assessment Program pairs organizations with a Mend.io cybersecurity expert who will scan their applications, evaluate their risk, and provide prioritized remediation advice based on the most serious sources of risk present in their applications.

“Application risk is multiplying on a number of fronts, and it can be difficult for organizations to evaluate which sources of risk they should be addressing first, or which should concern them the most during the development process,” said Sam Quakenbush, senior director of field innovation and strategy at Mend.io. In fact, the Mend Open Source Risk Report shows 33 percent growth in the number of open-source software vulnerabilities in the Mend.io vulnerability database from 2021 to 2022.

Continued Quakenbush, “Our AppSec Risk Assessment program is all about helping organizations quantify and prioritize the risks that already exist in their applications.”

Leveraging Mend.io’s SAST (static application security testing), SCA (software composition analysis), Supply Chain Defender, and Renovate technologies, the assessment evaluates risks such as:

• Open-source vulnerabilities (CVEs), including critical vulnerabilities
• Custom code weaknesses
• Out-of-date dependencies, including components that are more than three versions out-of-date
• Malicious packages/open-source malware, an emerging area of risk with serious potential for exfiltration of confidential data
• Open-source licensing issues that could present costly legal risks