Guides
Protect AI models, data, and systems
Test for behavioral risks in conversational AI
Mitigating risks and future trends
AppSec types, tools, and best practices
Automating dependency updates
Manage open source code
Keep source code safe
Improve transparency, security, and compliance
Pre-production scanning and runtime protection
Secure containerized applications
Best Practices For Managing Ruby Supply Chain Security Risks
Understand the types of Ruby supply chain attacks. Learn the best practices for preventing supply chain security risks in your Ruby projects.
A Guide To Implementing Software Supply Chain Risk Management
Learn how to implement software supply chain risk management to safeguard your critical assets. Discover best practices, & more.
SAST vs. SCA: 7 Key Differences
Discover the 7 key differences between SAST and SCA tools in application security. Learn how they integrate into the SDLC process.
Mend SAST: The Next Generation of Application Security
Learn about our innovative approach to detecting and remediating custom code vulnerabilities for a more secure future.
Five Critically Important Facts About npm Package Security
Learn about the five critical facts about npm package security, including how attackers exploit trust, default behaviors, and dependency hell.
A Malicious Package Found Stealing AWS AIM data on npm has Similarities To Capital One Hack
Discover how a malicious package found stealing AWS AIM data on npm has similarities to the Capital One hack. Learn about the threat.
CVE-2021-44142: Vulnerability in Samba Enables Bad Actors to Execute Arbitrary Code as Root
CVE-2021-44142 allows bad actors to execute arbitrary code as root on Samba. Learn about the vulnerability, exploit, and how to fix it.
CVE-2021-4034: A Walkthrough of Pwnkit — the Latest Linux Privileges Escalation Vulnerability
Dive into CVE-2021-4034 PwnKit vulnerability: learn how a simple out-of-bounds access in Linux's pkexec can lead to root system privileges.
Open Source Licenses Trends and Predictions
Open source licenses in 2022. Permissive licenses are on the rise, while copyleft licenses like GPL are decreasing in popularity.
DevSecOps in an Agile Environment
Discover how DevSecOps integrates with Agile to enhance security and speed in software development. Learn best practices & more.
Best Practices for Dealing With Log4j
Learn best practices for dealing with Log4j vulnerabilities, prevent future risks by sanitizing user input, and secure your App with our tips.
CVE-2021-44832: A New Medium Severity Vulnerability Was Found in Log4j
Learn about CVE-2021-44832 in Log4j and how to protect your applications. Stay informed about the latest cybersecurity vulnerabilities.
Fixing the Log4j Vulnerability with Mend
Learn how to fix the Log4j vulnerability with Mend Renovate and Remediate. Keep your applications secure with automated dependency management.
Log4Shell or LogThemAll: Log4Shell in Ruby Applications
Learn about the Log4Shell vulnerability in Ruby applications using Log4j jars in JRuby, exposing them to potential exploits.
Log4j Vulnerability CVE-2021-45105: What You Need to Know
Stay informed about the latest Log4j vulnerability CVE-2021-45105 & how to protect your applications. Learn how to fix & prevent exploitation
Log4j Vulnerability CVE-2021-45046 Now a Critical 9.0
What you need to know about Log4j Vulnerability CVE-2021-45046, and how to remediate it.
Join our subscriber list to get the latest news and updates
Thanks for signing up!