Guides
Protect AI models, data, and systems
Test for behavioral risks in conversational AI
Mitigating risks and future trends
AppSec types, tools, and best practices
Automating dependency updates
Manage open source code
Keep source code safe
Improve transparency, security, and compliance
Pre-production scanning and runtime protection
Secure containerized applications
Introducing the Mend Open Source Risk Report
Discover the latest insights on open source risk management in the Mend Open Source Risk Report.
DevSecOps: A Comprehensive Guide to Securely Managing Your DevOps Workflow
Get to know all about DevSecOps and the main tools and practices that organizations should adopt in order to implement a DevSecOps pipeline.
Top Three User Priorities for Software Composition Analysis
Discover the top three user priorities for Software Composition Analysis including application security, DevSecOps, and license compliance.
Advisory: New OpenSSL Critical Security Vulnerability
Learn about the new OpenSSL critical security vulnerabilities CVE-2022-3786 and CVE-2022-3602. Discover their impact, and protect your systems.
Six Golden Rules for Software and Application Security
Learn the six golden rules for software and application security.. Stay safe during Cybersecurity Awareness Month 2022!
Cybercriminals targeted users of packages with a total of 1.5 billion weekly downloads on npm
Stay informed about the latest supply chain security incident targeting npm users. Learn about the malicious packages and more.
Popular Cryptocurrency Exchange dYdX Has Had Its NPM Account Hacked
dYdX, a popular cryptocurrency exchange, had its NPM account hacked in a supply chain attack. Learn how to protect against similar attacks.
Mend API Helps Make SBOMs Simple
Learn how Mend API simplifies the creation of SBOMs for better supply chain security. Stay ahead in DevSecOps with our automated tool.
Today’s Security Tidbit: An Encrypted JSON File Containing Malicious Code
Discover how encrypted JSON files are being used to hide malicious code. Learn about the latest security findings and how to protect your apps.
3 Critical Best Practices of Software Supply Chain Security
Learn about the 3 critical best practices of software supply chain security to protect your organization from malicious packages.
Introducing Mend Supply Chain Defender Integration with JFrog Artifactory
Discover how Mend Supply Chain Defender integrates with JFrog Artifactory to block malicious software threats in your code base.
WhiteSource is Now Mend: You Code, We Cure
Mend, formerly WhiteSource, focuses on automating application security with a remediation-first approach for open source and custom code.
What is the NIST Supply Chain Risk Management Program?
Discover the NIST Supply Chain Risk Management Program.. Learn how to manage cybersecurity risks in digital supply chains effectively.
Automated Software Supply Chain Attacks: Should You be Worried?
Learn why automated software supply chain attacks are a growing threat. Discover how to protecting your org from malicious NPM packages.
Best Practices For Managing Ruby Supply Chain Security Risks
Understand the types of Ruby supply chain attacks. Learn the best practices for preventing supply chain security risks in your Ruby projects.
A Guide To Implementing Software Supply Chain Risk Management
Learn how to implement software supply chain risk management to safeguard your critical assets. Discover best practices, & more.
Map your maturity against the global standards. Receive a personalized readiness report in under 5 minutes.
