Guides
Protect AI models, data, and systems
Test for behavioral risks in conversational AI
Mitigating risks and future trends
AppSec types, tools, and best practices
Automating dependency updates
Manage open source code
Keep source code safe
Improve transparency, security, and compliance
Pre-production scanning and runtime protection
Secure containerized applications
Understanding the Anatomy of a Malicious Package Attack
Learn to protect your applications from malicious packages with our guide. Understand the anatomy of attacks and how to prevent them.
What’s Driving the Adoption of SBOMs? What’s Next for Them?
Discover what's driving the adoption of SBOMs and what's next for them in terms of malicious packages and supply chain security.
The Unseen Risks of Open Source Dependencies: The Case of an Abandoned Name
Mend.io research discovered a threat actor takeover of the name ‘gemnasium-gitlab-service', a retired Ruby gem with two million+ downloads.
Mend.io + Jira Security: Doing DevSecOps Better Together
Discover how Mend.io & Jira Security are revolutionizing DevSecOps, improving application security, & streamlining workflows for dev teams.
What are Malicious Packages? How Do They Work?
Learn about malicious packages and the growing threat they pose to software supply chains.
RSA Conference 2023: Key Takeaways From Our Five Favorite Sessions
RSA 2023 takeaways, including sessions on supply chain security, translating security for the board, & the psychology of DevSecOps.
The Five Key Principles of Modern Application Security
Discover the key principles of modern application security. Learn how to secure your software and protect against evolving threats.
Just Who Exactly Should Take Responsibility for Application Security?
Explore the complexities of application security responsibility in the age of DevSecOps and supply chain breaches. Who should take the lead?
Securing the Software Supply Chain: Key Findings from the Mend Open Source Risk Report
Discover key findings from the Mend Open Source Risk Report on securing the software supply chain. Watch the webinar for more insights.
Yandex Data Leak Triggers Malicious Package Publication
Discover how the Yandex data leak triggered malicious package publication, leading to supply chain security risks.
Malicious Code Deletes Directories If You Do Not Have a License
Discover how malicious code can delete directories if you don't have a license. Learn about supply chain security and license compliance.
Mend’s Trends for 2023
Stay ahead of cyber threats with Mend's Trends for 2023. Experts predict a rise in AI-driven cybercrime and open source vulnerabilities.
Introducing the Mend Open Source Risk Report
Discover the latest insights on open source risk management in the Mend Open Source Risk Report.
DevSecOps: A Comprehensive Guide to Securely Managing Your DevOps Workflow
Get to know all about DevSecOps and the main tools and practices that organizations should adopt in order to implement a DevSecOps pipeline.
Top Three User Priorities for Software Composition Analysis
Discover the top three user priorities for Software Composition Analysis including application security, DevSecOps, and license compliance.
Advisory: New OpenSSL Critical Security Vulnerability
Learn about the new OpenSSL critical security vulnerabilities CVE-2022-3786 and CVE-2022-3602. Discover their impact, and protect your systems.
Map your maturity against the global standards. Receive a personalized readiness report in under 5 minutes.
