AI Governance in AppSec: The More Things Change, The More They Stay the Same
Learn how AppSec teams can extend existing security and compliance practices seamlessly to AI.
Introducing Mend AI Premium
Robust AI governance and threat detection with Mend AI Premium.
The Top 11 Web Vulnerability Scanners
Discover the top 11 web vulnerability scanners and learn why they are essential for protecting your web applications from hackers.
Securing AI vs AI for security: What are we talking about?
This post breaks down the differences between securing AI, secure AI use, AI for security, and AI safety.
Fake VS Code Extension on npm Spreads Multi-Stage Malware
Learn about a fake VS-code extension on npm—truffelvscode—typosquatting the popular truffle for VS-code extension.
2025 OWASP Top 10 for LLM Applications: A Quick Guide
An overview of the top vulnerabilities affecting large language model (LLM) applications.
AI Powered Remediation: Mend SAST Performs +46% Better Than Competitors
See how Mend SAST's AI powered automated remediation eliminates vulnerabilities with speed & accuracy.
Mend.io and JetBrains Partner to Bring Enhanced Code Security to Developers
Announcing a partnership between Mend.io and JetBrains for IDE and Qodana.
Mend Renovate Enterprise Cloud: Dependency Updates at Scale
Announcing the launch of our cloud-based solution for automated dependency updates.
CVSS 3.1 vs CVSS 4.0: A Look at the Data
CVSS base scores are up in the latest version of the scoring system. What does that mean for AppSec practitioners?
CVE-2024-50379: A Critical Race Condition in Apache Tomcat
An Apache Tomcat web server vulnerability has been published, exposing the platform to remote code execution through a race condition failure.
Mend.io – Backstage Integration: Bringing Security Insights Where You Need Them
Backstage offers wide views and controls across the development process and with the Mend.io plugin, deep insights into application risks overall or by project.
The @Solana/web3.js Incident: Another Wake-Up Call for Supply Chain Security
This post covers the attack flow, how it happened, and the importance of supply chain security.
Benefits of VEX for SBOMs
SBOMs alone are overwhelming. Learn how VEX adds context, highlighting real threats for efficient risk management.
Mend.io is a Strong Performer in the Forrester Wave™ Software Composition Analysis, Q4 2024
See why Mend.io is recognized as a Strong Performer in The Forrester Wave™ Software Composition Analysis (SCA) Q4 2024 report.
Infrastructure as Code: How It Works & Top Tools in 2025
Learn about Infrastructure as Code (IaC) best practices, benefits, and tools.
Join our subscriber list to get the latest news and updates
Thanks for signing up!