• Platform
    How to set a benchmark of false positives with sast tools - icon mend ai native appsec platform
    Mend AppSec Take a tour of the platform
    How to set a benchmark of false positives with sast tools - sca
    Mend SCA Decrease open source risk
    Mend sast icon
    Mend SAST Secure proprietary code 10x faster
    How to set a benchmark of false positives with sast tools - ai
    Mend AI Secure AI powered applications
    How to set a benchmark of false positives with sast tools - renovate
    Mend Renovate Automate dependency updates
    Expand AppSec coverage
    How to set a benchmark of false positives with sast tools - dast icon 1 DAST How to set a benchmark of false positives with sast tools - apis icon 1 API security How to set a benchmark of false positives with sast tools - eol icon EOL support
    Platform Benefits
    How to set a benchmark of false positives with sast tools - repoi icon Repo integration Scalability-icon Scalability How to set a benchmark of false positives with sast tools - reachability icon Reachability
  • Solutions
    Ai models risk - nav bar icon
    AI app security Manage risks in AI models and agents
    Ai-red-teaming-icon-
    AI red teaming Test and secure conversational AI
    How to set a benchmark of false positives with sast tools - ai gen code security nav bar icon 36x36 1
    AI gen code security Real-time AI code security
    How to set a benchmark of false positives with sast tools - ai based remediation icon
    AI based remediation workflows Automate remediation with AI
    Sbom - nav bar icon
    SBOM Move from static to effective SBOMs
    Runtime-security-nav-bar-icon
    Dynamic testing Test for risks in running applications
    Code scanning - nav bar icon
    Code scanning Find and fix known vulnerabilities
    Open source license nav bar icon
    Open source security Prevent. Prioritize. Automate.
    Open source license - nav bar icon
    Open source compliance Risk management for OSS licenses
    Dependency updates - nav bar icon
    Dependency updates Reduced risk, better code
    Software supply chain - nav bar icon
    Software supply chain security Ensure build integrity
    Container security container security
    Container security Container security, simplified
  • Company
    About us - nav bar icon
    About us Who we are
    Careers nav bar icon
    Careers Join our team
    Partners - nav bar icon
    Partners Meet our partners
    Events - nav bar icon
    Events Upcoming events
    Newsroom - nav bar icon
    Newsroom The latest Mend.io news
    Contact-us nav bar icon
    Contact us Connect with us
  • Resources
    Resource center - nav bar icon
    Resource center View our latest resources
    Blog - nav bar icon
    Blog The latest AppSec news and insights
    Podcast-icon
    Podcast Insights from leading experts
    Customers - nav bar icon
    Customers View our customer case studies
    Integrations - nav bar icon
    Integrations Find your integration
    Langugages nav bar icon
    Languages Find your language
    Vulnerability database - nav bar icon
    Vulnerability database Mend.io's OSS vulnerability database
    Documentation - nav bar icon
    Documentation Product and feature documentation
    FEATURED
    How to set a benchmark of false positives with sast tools - roi whitepaper featured image
    ROI of Automated Dependency Management with Mend Renovate Enterprise
    How to set a benchmark of false positives with sast tools - red teaming guide featured image
    AI Red Teaming Practical Guide
    How to set a benchmark of false positives with sast tools - featured image
    A CISO’s Guide to Securing AI from the Start
    How to set a benchmark of false positives with sast tools - practical guide to sast white paper image
    A Practical Guide to Making the Most of your SAST Investment
    How to set a benchmark of false positives with sast tools - icon guides

    Guides

    AI security

    Protect AI models, data, and systems

     AI red teaming

    Test for behavioral risks in conversational AI

     LLM security

    Mitigating risks and future trends

     Application security

    AppSec types, tools, and best practices

     Dependency management

    Automating dependency updates

     SCA

    Manage open source code

     SAST

    Keep source code safe

     Software bill of materials

    Improve transparency, security, and compliance

     Application security testing

    Pre-production scanning and runtime protection

     Container security

    Secure containerized applications
    See all guides
Schedule a Demo

Mend.io Blog

You can’t rely on open source for security — not even when ai is involved
Jeff Martin Feb 6, 2026

You can’t rely on open source for security — not even when AI is involved

LATEST
Learn more

Filter & Search

How to set a benchmark of false positives with sast tools - set a benchmark of false positives with sast tools

How To Set A Benchmark Of False Positives With SAST Tools

Tiffany Jennings Mar 24, 2022
SAST

Learn how to set benchmarks for false positives in SAST tools to enhance application security and improve developer efficiency.

Read More Read More
How to set a benchmark of false positives with sast tools - blog how to address sast false positives in application security testing

How To Address SAST False Positives In Application Security Testing

Alfrick Opidi Mar 10, 2022
SAST

Address SAST false positives in your application security testing. Explore causes, preventive measures, and the benefits of using Mend SAST.

Read More Read More
How to set a benchmark of false positives with sast tools - how to mitigate ruby supply chain security risks

Best Practices For Managing Ruby Supply Chain Security Risks

Alfrick Opidi Mar 3, 2022
Software Supply Chain

Understand the types of Ruby supply chain attacks. Learn the best practices for preventing supply chain security risks in your Ruby projects.

Read More Read More
How to set a benchmark of false positives with sast tools - supply chain risk managment guide

A Guide To Implementing Software Supply Chain Risk Management

Alfrick Opidi Feb 24, 2022
Software Supply Chain

Learn how to implement software supply chain risk management to safeguard your critical assets. Discover best practices, & more.

Read More Read More
How to set a benchmark of false positives with sast tools - sast blogs banners blog image

SAST vs. SCA: 7 Key Differences

Tiffany Jennings Feb 16, 2022
Open Source Security

Discover the 7 key differences between SAST and SCA tools in application security. Learn how they integrate into the SDLC process.

Read More Read More
How to set a benchmark of false positives with sast tools - sast blog hero

Mend SAST: The Next Generation of Application Security

Rami Sass Feb 15, 2022
SAST

Learn about our innovative approach to detecting and remediating custom code vulnerabilities for a more secure future.

Read More Read More
How to set a benchmark of false positives with sast tools - five critically important facts about npm package security

Five Critically Important Facts About npm Package Security

Maciej Mensfeld Feb 8, 2022
Open Source Security

Learn about the five critical facts about npm package security, including how attackers exploit trust, default behaviors, and dependency hell.

Read More Read More
How to set a benchmark of false positives with sast tools - malicious package npm

A Malicious Package Found Stealing AWS AIM data on npm has Similarities To Capital One Hack

Maciej Mensfeld Feb 2, 2022
Malicious Packages

Discover how a malicious package found stealing AWS AIM data on npm has similarities to the Capital One hack. Learn about the threat.

Read More Read More
How to set a benchmark of false positives with sast tools - cve 2021 44142 vulnerability 2

CVE-2021-44142: Vulnerability in Samba Enables Bad Actors to Execute Arbitrary Code as Root

Tiffany Jennings Feb 1, 2022
Open Source Security

CVE-2021-44142 allows bad actors to execute arbitrary code as root on Samba. Learn about the vulnerability, exploit, and how to fix it.

Read More Read More
How to set a benchmark of false positives with sast tools - cve 2021 4034 pwnkit

CVE-2021-4034: A Walkthrough of Pwnkit — the Latest Linux Privileges Escalation Vulnerability

Tiffany Jennings Jan 27, 2022
Open Source Security

Dive into CVE-2021-4034 PwnKit vulnerability: learn how a simple out-of-bounds access in Linux's pkexec can lead to root system privileges.

Read More Read More
How to set a benchmark of false positives with sast tools - top open source licenses explained post

Open Source Licenses Trends and Predictions

Tiffany Jennings Jan 27, 2022
Open Source Licenses

Open source licenses in 2022. Permissive licenses are on the rise, while copyleft licenses like GPL are decreasing in popularity.

Read More Read More
How to set a benchmark of false positives with sast tools - devsecops in an agile environment

DevSecOps in an Agile Environment

Alfrick Opidi Jan 20, 2022
DevSecOps

Discover how DevSecOps integrates with Agile to enhance security and speed in software development. Learn best practices & more.

Read More Read More
How to set a benchmark of false positives with sast tools - chief scientists series featured

Best Practices for Dealing With Log4j

Tiffany Jennings Jan 4, 2022
Open Source Security

Learn best practices for dealing with Log4j vulnerabilities, prevent future risks by sanitizing user input, and secure your App with our tips.

Read More Read More
How to set a benchmark of false positives with sast tools - log4j cves images 44832

CVE-2021-44832: A New Medium Severity Vulnerability Was Found in Log4j

Tiffany Jennings Dec 29, 2021
Open Source Security

Learn about CVE-2021-44832 in Log4j and how to protect your applications. Stay informed about the latest cybersecurity vulnerabilities.

Read More Read More
How to set a benchmark of false positives with sast tools - log4j cves images renovate

Fixing the Log4j Vulnerability with Mend

Rhys Arkins Dec 27, 2021
Open Source Security

Learn how to fix the Log4j vulnerability with Mend Renovate and Remediate. Keep your applications secure with automated dependency management.

Read More Read More
How to set a benchmark of false positives with sast tools - log4j and ruby

Log4Shell or LogThemAll: Log4Shell in Ruby Applications

Tiffany Jennings Dec 23, 2021
Open Source Security

Learn about the Log4Shell vulnerability in Ruby applications using Log4j jars in JRuby, exposing them to potential exploits.

Read More Read More
Previous
1 ... 16 17 18 19 20 21 22 ... 35
Next

Subscribe to our Blog

Never miss a post. Opt-out at any time.

Thank you

You’re all set to receive our latest posts.

© 2026 Mend.io (White Source Ltd.) All rights reserved.

AI Security & Compliance Assessment

Map your maturity against the global standards. Receive a personalized readiness report in under 5 minutes.

Get your report