Mend.io Blog

Learn how AppSec teams can extend existing security and compliance practices seamlessly to AI.

Robust AI governance and threat detection with Mend AI Premium.

Discover the top 11 web vulnerability scanners and learn why they are essential for protecting your web applications from hackers.

This post breaks down the differences between securing AI, secure AI use, AI for security, and AI safety.

Learn about a fake VS-code extension on npm—truffelvscode—typosquatting the popular truffle for VS-code extension.

An overview of the top vulnerabilities affecting large language model (LLM) applications.

See how Mend SAST's AI powered automated remediation eliminates vulnerabilities with speed & accuracy.

Announcing a partnership between Mend.io and JetBrains for IDE and Qodana.

Announcing the launch of our cloud-based solution for automated dependency updates.

CVSS base scores are up in the latest version of the scoring system. What does that mean for AppSec practitioners?

An Apache Tomcat web server vulnerability has been published, exposing the platform to remote code execution through a race condition failure.

Backstage offers wide views and controls across the development process and with the Mend.io plugin, deep insights into application risks overall or by project.

This post covers the attack flow, how it happened, and the importance of supply chain security.

SBOMs alone are overwhelming. Learn how VEX adds context, highlighting real threats for efficient risk management.

See why Mend.io is recognized as a Strong Performer in The Forrester Wave™ Software Composition Analysis (SCA) Q4 2024 report.

Learn about Infrastructure as Code (IaC) best practices, benefits, and tools.