Mend.io Resource Center

Read about application security, DevSecOps, license compliance, supply chain security, and malicious packages.

Choose Your Type

Choose Your Topic

Our Latest Content

Operationalizing DevSecOps

DevSecOps best practices are increasingly being adopted to better secure software supply chains. The challenge, though, is finding ways to operationalize these processes so they’re seamless and development and deployment don’t slow down. Join Shiri Arad Ivtsan, Senior Director of Product Management – Mend.io, in this editorial roundtable as these experts explore the challenges DevOps...

Securing the Software Supply Chain: Key Findings From the Mend Open Source Risk Report

Open source vulnerabilities are in permanent growth mode. A significant quarterly increase in the number of malicious packages published in registries such as npm and rubygems have shown the increasing need to protect against this trending attack. At the same time, companies struggle to close the remediation gap on known vulnerable open source code. It’s...

The Need for Speed: Accelerated AppSec Scanning in Azure DevOps Repos

Until recently, application security testing was cumbersome and time-consuming. Now, enterprises using Azure DevOps Repos can add automated application security testing directly to the repo. This DevSecOps approach combines convenience for developers along with features that security professionals want such as centralized deployment, management and policy enforcement. If your organization uses Azure DevOps, attend this...

In Modern AppSec, DevSecOps Demands Cultural Change

Building a modern application security program requires a robust DevSecOps environment built on collaboration. For many companies, that means shifting away from IT silos towards a shared-responsibility mindset regarding security across the organization.

DevSecOps Roundtable Discussion

Attacks on software supply chains have greatly accelerated the rate at which organizations are now embracing DevSecOps best practices to secure both legacy monolithic and emerging cloud-native applications. Adopting a DevSecOps approach can help maintain the speed of application development and deployment while ensuring the security and stability of applications. But the range of technologies...