Guides
Protect AI models, data, and systems
Test for behavioral risks in conversational AI
Mitigating risks and future trends
AppSec types, tools, and best practices
Automating dependency updates
Manage open source code
Keep source code safe
Improve transparency, security, and compliance
Pre-production scanning and runtime protection
Secure containerized applications
TeamPCP Supply Chain Attack Part 2: LiteLLM PyPI Credential Stealer
Check and fix your install for the new LiteLLM PyPI compromise.
CanisterWorm: The Self-Spreading npm Attack That Uses a Decentralized Server to Stay Alive
Deep dive into the self-spreading CanisterWorm.
Mend.io Expands Its Global Infrastructure with a Dedicated Cloud Region in India
Local cloud infrastructure in India for data residency requirements.
7 Questions for Evaluating SCA Solutions
7 key questions to find the right SCA solution for your organization.
Best Application Security Testing Solutions: Top 12 in 2026
Compare SAST, DAST, IAST, and SCA solutions.
Why Claude Code Security Is a Big Moment for Application Security
Discover why enterprise scale requires more than just AI code review - it requires governance.
Top 7 Veracode Competitors in 2026
Explore the top Veracode competitors in 2026.
You canβt rely on open source for security β not even when AI is involved
Learn how to manage OSS risk and build remediation that actually lands.
Top Black Duck Alternatives in 2026
Exploring the top Black Duck alternatives.
Black Duck SAST Review: Pros, Cons and Technical Architecture
A detailed review of Black Duck SAST plus a Mend SAST alternative.
Black Duck SCA: Pros/Cons, Architecture, and Quick Tutorial
A detailed review of Black Duck SCA plus a Mend SCA alternative.
Understanding Veracode SAST: Pros/Cons, Architecture, and Pricing
A detailed review of Veracode SAST plus a Mend SAST alternative.
Veracode SCA Solution Overview: Features, Limitations, and Tutorial
A detailed review of Veracode SCA plus a Mend SCA alternative.
Mend Leadership Update: Building on Our Momentum for the Next Phase of Growth
An update on Mend.io's leadership as we enter the next phase of growth.
Why AppSec and Network Risk Management Must Be Unified in the Modern Enterprise
See how Mend.ioβs ServiceNow integration unifies application, network, and operational risk.
NPM User Flooding Registry with Fake Font Packages
Analysis of an npm account flooding the registry with malformed font packages.