• Platform
    Mend-io-logo-mark
    AI Native AppSec Platform Take a tour
    Spies among us: insider threats in open source environments - ai
    Mend AI Secure AI powered applications
    Mend sast icon
    Mend SAST Secure proprietary code 10x faster
    Mend container small icon
    Mend Container Container security done right
    Spies among us: insider threats in open source environments - sca
    Mend SCA Decrease open source risk
    Spies among us: insider threats in open source environments - renovate
    Mend Renovate Automate dependency updates
    Expand AppSec coverage
    Spies among us: insider threats in open source environments - dast icon 1 DAST Spies among us: insider threats in open source environments - apis icon 1 API security Spies among us: insider threats in open source environments - eol icon EOL support
    Platform Benefits
    Spies among us: insider threats in open source environments - repoi icon Repo integration Scalability-icon Scalability Spies among us: insider threats in open source environments - reachability icon Reachability
  • Solutions
    Ai models risk - nav bar icon
    AI app security Manage risks in AI models and agents
    Ai-red-teaming-icon-
    AI red teaming Test and secure conversational AI
    Spies among us: insider threats in open source environments - ai gen code security nav bar icon 36x36 1
    AI gen code security Real-time AI code security
    Sbom - nav bar icon
    SBOM Move from static to effective SBOMs
    Runtime-security-nav-bar-icon
    Dynamic testing Test for risks in running applications
    Code scanning - nav bar icon
    Code scanning Find and fix known vulnerabilities
    Open source license nav bar icon
    Open source security Prevent. Prioritize. Automate.
    Open source license - nav bar icon
    Open source compliance Risk management for OSS licenses
    Dependency updates - nav bar icon
    Dependency updates Reduced risk, better code
    Container security container security
    Container security Container security, simplified
  • Company
    About us - nav bar icon
    About us Who we are
    Careers nav bar icon
    Careers Join our team
    Partners - nav bar icon
    Partners Meet our partners
    Events - nav bar icon
    Events Upcoming events
    Newsroom - nav bar icon
    Newsroom The latest Mend.io news
    Contact-us nav bar icon
    Contact us Connect with us
  • Resources
    Resource center - nav bar icon
    Resource center View our latest resources
    Blog - nav bar icon
    Blog The latest AppSec news and insights
    Podcast-icon
    Podcast Insights from leading experts
    Customers - nav bar icon
    Customers View our customer case studies
    Integrations - nav bar icon
    Integrations Find your integration
    Langugages nav bar icon
    Languages Find your language
    Vulnerability database - nav bar icon
    Vulnerability database Mend.io's OSS vulnerability database
    Documentation - nav bar icon
    Documentation Product and feature documentation
    Featured
    Spies among us: insider threats in open source environments - featured image
    A CISO’s Guide to Securing AI from the Start
    Spies among us: insider threats in open source environments - practical guide to sast white paper image
    A Practical Guide to Making the Most of your SAST Investment
Schedule a Demo

Spies Among Us: Insider Threats in Open Source Environments

If you have not yet heard about a critical vulnerability found in XZ Utils, you aren’t paying attention to critical security news. After all, the discovery of a backdoor in a widely used Linux tool was serious enough to provoke comparisons to the infamous SolarWinds hack.

Read more at Dark Reading.

Spies Among Us: Insider Threats in Open Source Environments - Dark Reading logo

About Mend.io

Mend.io offers the first AI native application security platform, empowering organizations to build and run a proactive AppSec program tuned for AI powered development. The unified platform secures AI generated code and embedded AI components, drives risk reduction through AI powered remediation, automates compliance, and provides a holistic enterprise scale view of risks and clear actions for developers across your entire codebase.

© 2025 Mend.io (White Source Ltd.) All rights reserved.