Guides
Protect AI models, data, and systems
Test for behavioral risks in conversational AI
Mitigating risks and future trends
AppSec types, tools, and best practices
Automating dependency updates
Manage open source code
Keep source code safe
Improve transparency, security, and compliance
Pre-production scanning and runtime protection
Secure containerized applications
Modern AppSec Programs Run on Automation
Learn how modern Application Security Programs leverage automation to combat cyber threats, improve efficiency, and reduce costs.
Top Three User Priorities for Software Composition Analysis
Discover the top three user priorities for Software Composition Analysis including application security, DevSecOps, and license compliance.
Advisory: New OpenSSL Critical Security Vulnerability
Learn about the new OpenSSL critical security vulnerabilities CVE-2022-3786 and CVE-2022-3602. Discover their impact, and protect your systems.
A Rash of Recent CVEs in Go
Discover the recent CVEs affecting Go programming language and their impact on popular applications like Docker and Kubernetes.
Six Golden Rules for Software and Application Security
Learn the six golden rules for software and application security.. Stay safe during Cybersecurity Awareness Month 2022!
Three Big Myths About Application Testing With SAST Tools
Discover the truth about Application Testing with SAST. Learn about common myths, integration, and reducing false positives for security.
A Brief Guide to Cloud-Native Applications, Technology, and Security
A comprehensive guide to cloud-native applications, technology, and security. Learn about containers, microservices, CI/CD, and more.
Six Steps to Achieve Zero Trust in Application Security
Discover six key steps to achieve zero trust in application security. Learn how to protect your organization from cyberattacks.
Single Author Uploaded 168 Packages to npm as Part of a Massive Dependency Confusion Attack
Discover how a single author uploaded 168 malicious npm packages in a dependency confusion attack. Learn how Mend blocked these threats.
Cloud Security Architecture: A Practical Guide
Learn about Cloud Security Architecture. Understand the importance, core principles, and threats to secure your cloud environment effectively.
From WhiteSource to Mend—A Rebrand Journey
From WhiteSource to Mend—A Rebrand Journey. Follow our evolution from open source to all code application security.
WhiteSource is Now Mend: You Code, We Cure
Mend, formerly WhiteSource, focuses on automating application security with a remediation-first approach for open source and custom code.
Vulnerability Remediation: A Practical Guide
Practical guide to vulnerability remediation for developers & security teams. Learn how to detect, prioritize, fix, & monitor vulnerabilities.
What is the NIST Supply Chain Risk Management Program?
Discover the NIST Supply Chain Risk Management Program.. Learn how to manage cybersecurity risks in digital supply chains effectively.
Why Vulnerability Management Must Go Beyond CVSS to Priority Scoring
Learn why vulnerability management must go beyond CVSS to priority scoring for better open source security and remediation prioritization.
AWS Targeted by a Package Backfill Attack
Discover how AWS was targeted by a malicious package backfill attack, the methods used by attackers, and how to protect against such attacks.
