Mend.io Resource Center

Read about application security, DevSecOps, license compliance, supply chain security, and malicious packages.

Choose Your Type

Choose Your Topic

Our Latest Content

A New Version of Mend for Containers is Here

Mend for Containers allows you to scan container images and registries at scale, provides runtime vulnerability prioritization for Kubernetes clusters, and protects cloud-native applications from vulnerabilities and license risks throughout the SDLC.

SBOMs: A Roadmap for a Secure Software Journey

Software supply chain threats and increasing regulatory pressures make supply chain security a top priority for software organizations. Software bills of materials (SBOMs) have emerged as an essential tool and a roadmap for organizations on their secure software journey. Join Jeff Martin, Vice President of Product Management – Mend.io in this panel of software security...

Two Birds, One Stone: Shrinking Security Debt and Attack Surfaces

Cybersecurity teams and developers continually struggle to reconcile what can seem like two competing priorities: Delivering new capabilities and addressing existing security technical debt. Forward-leaning AppSec programs are finding smart ways to reduce security debt by instituting a strategic approach to managing security vulnerabilities. This approach starts by reducing the attack surface early on and...

Malicious Packages Special Report – Attacks Move Beyond Vulnerabilities

Threat actors are after our sensitive data. In 2023, the number of malicious packages published to Node Package Manager (npm) and RubyGems ballooned 315% compared to 2021, and 85% of malicious packages discovered in existing applications were capable of exfiltration – meaning they could cause an unauthorized transmission of information. Software packages containing malicious code...

The Importance of Adopting Modern AppSec Practices

Security is an increasingly critical aspect of application development. As the volume of applications rapidly expands, so does the volume of source code, components, and dependencies used to create them. With them comes a growth in the potential attack surface and an escalation in the variety of threats to your application security. Mend.io CEO Rami...