Guides
Protect AI models, data, and systems
Test for behavioral risks in conversational AI
Mitigating risks and future trends
AppSec types, tools, and best practices
Automating dependency updates
Manage open source code
Keep source code safe
Improve transparency, security, and compliance
Pre-production scanning and runtime protection
Secure containerized applications
CVSS 4.0 — What’s New?
Learn about the new features and improvements in CVSS 4.0, the Common Vulnerability Scoring System. Understand how to use it.
How to Boost Confidence in Your Open Source Security with Mend Smart Merge Control
Learn how to boost confidence in your open source security. Automate updates and reduce risks with confidence scores for seamless integration.
Mend.io Launches AppSec Risk Assessment Program
Mend.io launches AppSec Risk Assessment Program to help organizations visualize and remediate application security risks.
Understanding the Anatomy of a Malicious Package Attack
Learn to protect your applications from malicious packages with our guide. Understand the anatomy of attacks and how to prevent them.
What’s Driving the Adoption of SBOMs? What’s Next for Them?
Discover what's driving the adoption of SBOMs and what's next for them in terms of malicious packages and supply chain security.
The Unseen Risks of Open Source Dependencies: The Case of an Abandoned Name
Mend.io research discovered a threat actor takeover of the name ‘gemnasium-gitlab-service', a retired Ruby gem with two million+ downloads.
Mend.io + Jira Security: Doing DevSecOps Better Together
Discover how Mend.io & Jira Security are revolutionizing DevSecOps, improving application security, & streamlining workflows for dev teams.
Magic Quadrant™ for Application Security Testing, 2023 Gartner® report
Mend.io is recognized as a Visionary in the 2023 Gartner Magic Quadrant for Application Security Testing. Learn about their approach.
What You Should Know About Open Source License Compliance
Learn about open source license compliance for M&A activity, the risks of copyleft licenses like GPL, and how to ensure compliance with SCA.
What are Malicious Packages? How Do They Work?
Learn about malicious packages and the growing threat they pose to software supply chains.
SBOM Standard Formats: Guide
Discover the importance of Software Bill of Materials (SBOM) and compare the three main formats - SPDX, CycloneDX, and SWID.
RSA Conference 2023: Key Takeaways From Our Five Favorite Sessions
RSA 2023 takeaways, including sessions on supply chain security, translating security for the board, & the psychology of DevSecOps.
Why is Cybersecurity Now a Global Governmental Concern?
What do Australia’s cybersecurity plans teach us all about the need for advanced application security?
Optimizing AppSec by Enhancing Integration with Jira
Enhance your AppSec by integrating with Jira. Learn how Mend's new Jira Security integration can streamline your security processes.
Mend.io Achieves AWS Security Competency Status
Mend.io achieves AWS Security Competency status, demonstrating expertise in cloud security. Trusted partner with specialized software for AWS
Deceptive ‘Vibranced’ npm Package Discovered Masquerading as Popular ‘Colors’ Package
Discover the threat of the 'Vibranced' npm package masquerading as 'Colors'. Learn about its stages of execution, obfuscation techniques.
Never miss a post. Opt-out at any time.
You’re all set to receive our latest posts.
Map your maturity against the global standards. Receive a personalized readiness report in under 5 minutes.
