Mend.io Resource Center

Read about application security, DevSecOps, license compliance, supply chain security, and malicious packages.

Choose Your Type

Choose Your Topic

Our Latest Content

Are You CODEfident?

We’ve been watching the global transition to an app-driven world for some time now, as companies develop and deploy innovative software at warp speed. And we’ve also watched application security teams struggle to keep up. Many try to use yesterday’s tools for today’s AppSec reality, while others wrestle with immature application security programs. And that’s...

Building a Modern Application Security Strategy for an App-Run World

As a foundational element of the online world, applications are a top target for threat actors. However, traditional application security (AppSec) strategies often prove ineffective. To adapt and defend against our constantly evolving threat landscape, organizations need to build a modern AppSec strategy based on today’s digital world. Join Jeffrey Martin, VP of Outbound Product...

White House Issues New Guidelines on Software Supply Chain Security – What Are the Challenges and Possible Outcomes?

The White House and the Executive Office of the President of the U.S, issued a memorandum of guidelines to enhance the security of the software supply chain through secure software development practices. Discover what their key points are, why they've been introduced, and how they might shape the future of cybersecurity.

Attacker Floods npm With Crypto-Mining Packages that Mine Monero When Installed with Default Configuration

Monero (XMR) is an open-source, privacy-oriented cryptocurrency that was launched in 2014. It uses a public distributed ledger containing technology that obscures transaction details to ensure the anonymity of its users. Monero maintains egalitarian mining, allowing anyone to participate. As tempting as it may seem, some go a step further and use the infrastructure of...