Mend API Helps Make SBOMs Simple
Discover how Mend has accelerated and automated the production of SBOMs with an API
Choose Your Type
Choose Your Topic
Our Latest Content
Today’s Security Tidbit: An Encrypted JSON File Containing Malicious Code
The Mend research team analyzes a malicious package in which the harmful code is not only in a JSON file, but is also fully encrypted.
How attackers leverage example apps/reproduction scripts to attack OSS maintainers
Discover how attackers can leverage example apps/reproduction scripts to attack OSS maintainers, why this is such a serious threat, and how to stop them
How to Conquer Remote Code Execution (RCE) in npm
Discover why npm is susceptible to RCE, why it’s such a serious threat, the characteristics of RCE in npm, what should be done to stop it, and how Mend Supply Chain Defender achieves this.
Three Big Myths About Application Testing With SAST Tools
Learn to differentiate between myths and facts in application testing with SAST security tools. Know how to adopt a successful SAST strategy.
Closing the Gap: Reducing Enterprise AppSec Risks Without Disrupting Deadlines
Join our webinar to discover how you can use just one interface to find and fix open source and proprietary code security issues, and how to reduce the time it takes to fix issues, so no time is wasted researching.
A Brief Guide to Cloud-Native Applications, Technology, and Security
Understand cloud native applications, the technology behind them, and their and security - why it’s important and how it relates to safeguarding cloud native applications
Forrester: The State Of Application Security, 2022
Application security teams face myriad challenges in 2022. Applications are once again the number one way in for malicious actors, and software supply chain vulnerabilities continue to climb. To move forward effectively, security professionals need to find a way to move beyond a tactical and reactive mindset to rebuild an application security that integrates tightly...
Six Steps to Achieve Zero Trust in Application Security
Discover the six steps to achieve zero trust in your application security and ensure that you can secure your application development quickly, early, and easily.
Single Author Uploaded 168 Packages to npm as Part of a Massive Dependency Confusion Attack
Mend Supply Chain Defender reported and blocked a massive dependency confusion attack involving a single author uploading 168 packages to npm.
3 New GitHub Features to Reinforce Your Code, Repo, and Dependency Security
Discover three great new GitHub features to strengthen your security and learn why dependency security is vital to safeguarding your code and data.
Mend Epitomizes RSA 2022 Theme, “Transform”
Learn how Mend is bringing RSA 2022’s “transform” theme to life with its own transformation, what that means for customers, and what we’re anticipating from the conference.