Read about application security, DevSecOps, open source license compliance and audit
Monero (XMR) is an open-source, privacy-oriented cryptocurrency that was launched in 2014. It uses a public distributed ledger containing technology that obscures transaction details to ensure the anonymity of its users. Monero maintains egalitarian mining, allowing anyone to participate. As tempting as it may seem, some go a step further and use the infrastructure of...
Understand how software supply chains work in large enterprises, discover the most important elements of software supply chain management, and how Mend can address them.
On June 6th, 2022, the Mend research team detected and flagged a malicious dependency confusion attack in npm exfiltrating Windows SAM and SYSTEM files.
Mend announces integration of Supply Chain Defender (formerly Diffend) with JFrog Artifactory Plug-In.
When it comes to rebranding, it’s not about the destination, it’s about the journey How important is a company name, really? Turns out that it is pretty important, especially if the name you currently have does not represent what the company has become, or where it is going. Our name is what defines the vision,...
Volunteer delegation and charitable donations made to assist and aid those fleeing the crisis in the Ukraine
Learn about the NIST C-SCRM program, its approach to supply chain security, and 4 critical best practices NIST recommends to secure your digital supply chains.
Learn how vulnerability assessment tools work, key features and capabilities, and discover five great tools that can help you scan and remediate vulnerabilities.
From the factory floor to online shopping, the benefits of automation are clear: Larger quantities of products and services can be produced much faster. But automation can also be used for malicious purposes, as illustrated by the ongoing software supply chain attack targeting the NPM package repository. By automating the process of creating and publishing...
Learn how the most popular JavaScript package manager, npm, is being used by malicious actors to launch attacks, run botnets and steal credentials and cryptocurrency. Attend this webinar to: Gain insight into the 1,300 malicious npm packages found by WhiteSource Diffend Learn how threat actors are using npms to launch attacks—and how to stop them...
Understand the types of Ruby supply chain attacks. Learn the best practices for preventing supply chain security risks in your Ruby projects.
Learn how to implement a software supply chain risk management strategy in your enterprise. Discover risk management best practices, benefits, and more.