Guides
Protect AI models, data, and systems
Test for behavioral risks in conversational AI
Mitigating risks and future trends
AppSec types, tools, and best practices
Automating dependency updates
Manage open source code
Keep source code safe
Improve transparency, security, and compliance
Pre-production scanning and runtime protection
Secure containerized applications
Modern AppSec Programs Run on Automation
Learn how modern Application Security Programs leverage automation to combat cyber threats, improve efficiency, and reduce costs.
Top Three User Priorities for Software Composition Analysis
Discover the top three user priorities for Software Composition Analysis including application security, DevSecOps, and license compliance.
Advisory: New OpenSSL Critical Security Vulnerability
Learn about the new OpenSSL critical security vulnerabilities CVE-2022-3786 and CVE-2022-3602. Discover their impact, and protect your systems.
A Rash of Recent CVEs in Go
Discover the recent CVEs affecting Go programming language and their impact on popular applications like Docker and Kubernetes.
Modern AppSec Moves Beyond Shift Left to Shift Smart
Discover how modern AppSec is moving beyond just shifting left to shifting smart. Learn key principles for securing applications.
To use rest_client, or to use rest-client, that is the question
Discover the risks of using rest_client versus rest-client in RubyGems. Learn how a recent attack was thwarted.
Vulnerability Research: Here’s How it Works at Mend.io
Discover how vulnerability research works at Mend, a focus on open source vulnerabilities and different methods to protect against threats.
Six Golden Rules for Software and Application Security
Learn the six golden rules for software and application security.. Stay safe during Cybersecurity Awareness Month 2022!
Cybercriminals targeted users of packages with a total of 1.5 billion weekly downloads on npm
Stay informed about the latest supply chain security incident targeting npm users. Learn about the malicious packages and more.
Popular Cryptocurrency Exchange dYdX Has Had Its NPM Account Hacked
dYdX, a popular cryptocurrency exchange, had its NPM account hacked in a supply chain attack. Learn how to protect against similar attacks.
Typosquatting Malware Found in Composer Repository
Protect your PHP applications from typosquatting malware found in Composer Repository. Learn how attackers exploit vulnerabilities.
Mend API Helps Make SBOMs Simple
Learn how Mend API simplifies the creation of SBOMs for better supply chain security. Stay ahead in DevSecOps with our automated tool.
Cloud-Native Applications and Managing Their Dependencies
Learn how to manage dependencies in cloud-native applications efficiently. Explore best practices & tools to ensure & up-to-date software
Today’s Security Tidbit: An Encrypted JSON File Containing Malicious Code
Discover how encrypted JSON files are being used to hide malicious code. Learn about the latest security findings and how to protect your apps.
How to Conquer Remote Code Execution (RCE) in npm
Learn how to conquer Remote Code Execution (RCE) attacks in npm. Find out why npm is susceptible, the threats of RCE, and more.
How to Easily Update Node.js to the Latest Version
Learn how to easily update Node.js to the latest version on macOS, Linux, & Windows.
Join our subscriber list to get the latest news and updates
Thanks for signing up!
