What You Should Know About Open Source License Compliance for M&A Activity
Learn why open source license compliance is essential and what you can do to ensure compliance in readiness for M&A activity
Read about application security, DevSecOps, license compliance, supply chain security, and malicious packages.
Learn why open source license compliance is essential and what you can do to ensure compliance in readiness for M&A activity
Find out what a Software Composition Analysis tool is and why it should be part of your application security portfolio.
Key takeaways from five of the more noteworthy sessions we attended at RSA 2023.
Read on to hear our predictions on the hot topics at RSA this year, and what Mend.io will be up to at the show.
Research from Mend.io’s new Malicious Packages Special Report: Attacks Move Beyond Vulnerabilities illustrates the growing threat of malicious packages, including a 315 percent increase in attacks from 2021 to 2022.
Discover the essential features and best practices you should have in your license management tool.
What should you look for in a modern open source license management tool, why and how to do so, the challenges and the future of open source license management.
Increase your knowledge of open source licenses by learning what the main types are, how they work, and how they differ.
Mend’s new Open Source Risk Report delves into the significant risk posed by the ongoing rise in open source vulnerabilities and software supply chain attacks.
Mend researchers identify a new type of malicious code that deletes directories.
Open source license management has become so important that governments are seeking to mandate it.
Mend’s new Open Source Risk Report delves into the significant risk posed by the ongoing rise in open source vulnerabilities and software supply chain attacks.
Learn why teams that pay attention to governance by using a CSIRP are more successful at combating the continued growth of cyberattacks.
Get to know all about DevSecOps and the main tools and practices that organizations should adopt in order to implement a DevSecOps pipeline.
On the PeerSpot technology review site, reviews from Mend SCA users highlighted the three top priorities that SCA users generally want: ease of use, risk mitigation, and a strong feature set and integration capabilities.
What we know about the new OpenSSL critical security vulnerability.
To mark Cybersecurity Awareness Month, this primer helps simplify the complex subject of application security
We’ve been watching the global transition to an app-driven world for some time now, as companies develop and deploy innovative software at warp speed. And we’ve also watched application security teams struggle to keep up. Many try to use yesterday’s tools for today’s AppSec reality, while others wrestle with immature application security programs. And that’s...
Rami Sass, CEO of Mend, sets out his vision in Forbes, on what enterprises should do to safeguard themselves against cybercriminals and cyberattacks.
By comparing current malicious package trends with malware’s evolution over the past 20 years, we can predict a likely future direction for malicious packages.
When it comes to rebranding, it’s not about the destination, it’s about the journey How important is a company name, really? Turns out that it is pretty important, especially if the name you currently have does not represent what the company has become, or where it is going. Our name is what defines the vision,...
Volunteer delegation and charitable donations made to assist and aid those fleeing the crisis in the Ukraine
An overview of open source licensing trends in 2021 and predictions for what we can expect in open source in 2022
The Complete Guide for Open Source Licenses 2022
To celebrate Pride month, Mend is highlighting a few of our favorite open source projects and programs that support LGBTQ+ communities.
10 questions & answers about GPL - GNU’s General Public License, and one of the most popular open source licenses.
What is technical due diligence, why it is important for M&As, and which items you need to cover in your technical due diligence checklist.
In the hopes of clearing up some of the confusion, we’ve mapped out some of the elements that can help us conduct an actionable open source license comparison.
We’ve compiled a list of the top 10 questions and answers about the Apache open source software license.
We here at Mend often get asked if we use our own software when we’re developing our product. It’s a fair question. Like most of our customers, we write a lot of code. A lot of code. And we want it to be secure. Really secure. So it should come as no surprise that the answer to...
OpenChain ISO/IEC 5230 is the International Standard for open source license compliance. Its relevance to modern software development is growing and it allows companies of all sizes and in all sectors to adopt the key requirements of a quality open source compliance program. The need to manage the software supply chain has never been more important given the ever-increasing dependence on third party...
Myths persist about the usage of open source components. The following are the top 3 concerns associated with open source use.
The software world is alive with talk of shifting left – but what does it really mean? Theoretically, it means shifting responsibility for security & compliance to developers. In practice, it largely means enriching CI/CD processes to detect problematic licenses & vulnerabilities before they reach the main branch or production. Shiri Arad Ivtsan, Director of Product Management at WhiteSource will discuss...
Encompassing over two-thirds of the average commercial software, open-source has become an essential part of modern software development. Undermanaging the consumption and redistribution of Open source expose the enterprise to extensive legal and security risks and is no longer a viable option. Having an effective Open Source compliance program is a key differentiator marking industry-leading...
What's the difference between copyleft and permissive? Should you use a GNU GPL or MIT open source license? Open source licensing basics explained.
How to set up and implement an open source strategy that will ensure open source security and compliance.