Mend.io Blog

Discover the SaaS loophole in GPL open source licenses and how it affects software distribution. Learn about the AGPL solution.

Learn all about open source attribution reports and how they help ensure compliance with open source licenses.

Get all your questions about the Eclipse Public License answered. Learn about its terms, compatibility, and differences with other licenses.

Master vulnerability remediation with our 3-step guide. Find out how to identify, prioritize, and fix vulnerabilities.

Learn all about Interactive Application Security Testing (IAST). Understand how IAST compares to SAST and DAST, its pros and cons.

Learn how to perform Yarn upgrades to the latest version, ensuring consistent and reliable JavaScript package installations.

Learn best practices for open source governance to manage risks, avoid vulnerabilities, and ensure compliance.

Learn about the importance of IoT application security and the risks associated with vulnerabilities.

Learn about the importance of open source audits to gain visibility, compliance, and security. Understand when and why you need an audit.

Learn about the 3 key considerations for DevOps automation. Understand the importance of automation tools in achieving agile goals.

Learn about different software development life cycle models like Waterfall, Agile, and Hybrid.

Learn about the importance of secure coding in software development. Discover practical tips and principles to ensure your code is secure.

Discover why it's essential to advance from open source code scanners to software composition analysis solutions. Learn about the pitfalls of outdated scanners and the benefits of modern tools.

Discover the $100 million court case for open source license compliance between CoKinetic Systems and Panasonic.

Discover Forrester’s key findings on application security in 2020. Learn why app vulnerabilities are a major threat and how to strengthen your security practices.

Learn about how GDPR impacts open source security expectations and the importance of using automated Software Composition Analysis tools to ensure compliance and protect user data.