The Mend.io AppSec Blog

Integrating Dependency Management Into Cloud Services: The Mend-AWS Partnership

Adam Murray Nov 22, 2022

Dependency Updates

Discover how Mend partners with AWS to integrate dependency management into cloud services, reducing vulnerabilities.

Integrating dependency management into cloud services: the mend-aws partnership - large blog 1 1

Announcing Mend SCA for Bitbucket Cloud Integration

Jeanette Sherman Nov 21, 2022

DevSecOps

Discover Mend SCA's new integration with Bitbucket Cloud for seamless open source risk detection and remediation. Learn more now!

Integrating dependency management into cloud services: the mend-aws partnership - java script

Improving Your Zero-Day Readiness in JavaScript

Guy Bar-Gil Nov 15, 2022

Developer

Learn how to improve your zero-day readiness in JavaScript to protect against data breaches and cyber attacks.

Integrating dependency management into cloud services: the mend-aws partnership - devops blog post

Why Your DevOps Platform Needs a Security Partner to Safeguard Your Software

Adam Murray Nov 7, 2022

DevSecOps

Learn why your DevOps platform needs a security partner to safeguard your software. Mend.io provides application security and DevSecOps.

Integrating dependency management into cloud services: the mend-aws partnership - devsecops a comprehensive guide to securely managing your devops workflow

DevSecOps: A Comprehensive Guide to Securely Managing Your DevOps Workflow

Adam Murray Nov 4, 2022

DevSecOps

Get to know all about DevSecOps and the main tools and practices that organizations should adopt in order to implement a DevSecOps pipeline.

Modern AppSec Programs Run on Automation

Carol Hildebrand Nov 3, 2022

Application Security

Learn how modern Application Security Programs leverage automation to combat cyber threats, improve efficiency, and reduce costs.

Integrating dependency management into cloud services: the mend-aws partnership - big blog post

Top Three User Priorities for Software Composition Analysis

Adam Murray Nov 2, 2022

Open Source Security

Discover the top three user priorities for Software Composition Analysis including application security, DevSecOps, and license compliance.

Integrating dependency management into cloud services: the mend-aws partnership - openssl alert

Advisory: New OpenSSL Critical Security Vulnerability

Carol Hildebrand Oct 31, 2022

Open Source Security

Learn about the new OpenSSL critical security vulnerabilities CVE-2022-3786 and CVE-2022-3602. Discover their impact, and protect your systems.

Integrating dependency management into cloud services: the mend-aws partnership - blog post

A Rash of Recent CVEs in Go

Adam Murray Oct 27, 2022

Open Source Security

Discover the recent CVEs affecting Go programming language and their impact on popular applications like Docker and Kubernetes.

Modern AppSec Moves Beyond Shift Left to Shift Smart

Carol Hildebrand Oct 27, 2022

DevSecOps

Discover how modern AppSec is moving beyond just shifting left to shifting smart. Learn key principles for securing applications.

Integrating dependency management into cloud services: the mend-aws partnership - blog rubygems vulnerabilities

To use rest_client, or to use rest-client, that is the question

Maria Korlotian Oct 18, 2022

Malicious Packages

Discover the risks of using rest_client versus rest-client in RubyGems. Learn how a recent attack was thwarted.

Integrating dependency management into cloud services: the mend-aws partnership - 1000x650 blog image

Vulnerability Research: Here’s How it Works at Mend.io

Adam Murray Oct 18, 2022

Open Source Security

Discover how vulnerability research works at Mend, a focus on open source vulnerabilities and different methods to protect against threats.

Integrating dependency management into cloud services: the mend-aws partnership - the six golden rules for you to follow to improve your software and application security 2

Six Golden Rules for Software and Application Security

Adam Murray Oct 4, 2022

Application Security

Learn the six golden rules for software and application security.. Stay safe during Cybersecurity Awareness Month 2022!

Integrating dependency management into cloud services: the mend-aws partnership - npm massive dependency confusion attack

Cybercriminals targeted users of packages with a total of 1.5 billion weekly downloads on npm

Maciej Mensfeld Oct 2, 2022

Malicious Packages

Stay informed about the latest supply chain security incident targeting npm users. Learn about the malicious packages and more.

Popular Cryptocurrency Exchange dYdX Has Had Its NPM Account Hacked

Maciej Mensfeld Sep 23, 2022

Malicious Packages

dYdX, a popular cryptocurrency exchange, had its NPM account hacked in a supply chain attack. Learn how to protect against similar attacks.

Integrating dependency management into cloud services: the mend-aws partnership - php 1

Typosquatting Malware Found in Composer Repository

Guy Bar-Gil Aug 22, 2022

Developer

Protect your PHP applications from typosquatting malware found in Composer Repository. Learn how attackers exploit vulnerabilities.

Mend.io Blog

Mend Leadership Update: Building on Our Momentum for the Next Phase of Growth

Filter & Search

Subscribe to our Newsletter

Products

Solutions

Resources

Company

Connect

Developer Tools