Guides
Protect AI models, data, and systems
Test for behavioral risks in conversational AI
Mitigating risks and future trends
AppSec types, tools, and best practices
Automating dependency updates
Manage open source code
Keep source code safe
Improve transparency, security, and compliance
Pre-production scanning and runtime protection
Secure containerized applications
Log4j Vulnerability CVE-2021-45105: What You Need to Know
Stay informed about the latest Log4j vulnerability CVE-2021-45105 & how to protect your applications. Learn how to fix & prevent exploitation
Log4j Vulnerability CVE-2021-45046 Now a Critical 9.0
What you need to know about Log4j Vulnerability CVE-2021-45046, and how to remediate it.
New Log4j Vulnerability CVE-2021-44228: Info and Remediation
How to remediate the newly published critical vulnerability in Apache’s widely popular Log4j Java library, CVE-2021-44228.
How to Make Your Vulnerability Management Metrics Count
Learn how to make your vulnerability management metrics count. Discover key metrics to track and prioritize vulnerabilities effectively.
Vulnerability Management — What You Need To Know
Understand the four stages, metrics, policy setup, and prioritization for effective security through Vulnerability Management.
Mend Research: Fixing Vulnerable npm Packages Quickly and Painlessly
Learn how Mend Research is helping developers fix vulnerable npm packages quickly and painlessly.
The Future of Vulnerability Management Programs
Discover the future of vulnerability management programs in the ever-changing digital world. Learn about detection, prioritization, & more.
What You Need to Know About Code Risk Management
Learn about code risk management and how it can help minimize technical debt and prevent errors in your development process.
Popular JavaScript Library ua-parser-js Compromised via Account Takeover
Popular JavaScript library ua-parser-js was compromised via account takeover, releasing malicious versions.
Why Adopting Zero Trust Security Is Necessary For DevSecOps
Discover why adopting Zero Trust security is essential for DevSecOps in the ever-evolving world of digital assets.
How To Transition Your Team From DevOps To DevSecOps
Learn how to transition from DevOps to DevSecOps with our step-by-step guide. Discover the benefits, challenges, and best practices.
Mend Cure: Automated Remediation for Developers
Mend Cure provides automated remediation for developers to address AppSec risks, saving time and promoting secure coding.
Using Zero Trust to Mitigate Supply Chain Risks
Discover how Zero Trust can help mitigate supply chain risks and enhance your software security.
Supply Chain Security Update: How Secure is Composer?
Stay updated on supply chain security with our blog post on the vulnerability in Composer. Learn how the issue was detected and fixed.
Open Source Risk Management in the Financial Sector
Explore how financial institutions manage open source risks to innovate securely, including adopting Software Composition Analysis (SCA).
Securing Your Package Manager’s Lockfiles
Learn how to secure your package manager's lockfiles to protect your application from supply chain risks and ensure version consistency.
Never miss a post. Opt-out at any time.
You’re all set to receive our latest posts.
Map your maturity against the global standards. Receive a personalized readiness report in under 5 minutes.
