Six Top Tips For Holistic AppSec and Software Supply Chain Security
Learn six top tips for great holistic AppSec and software supply chain security.
Choose Your Type
Choose Your Topic
Our Latest Content
Turnover, Relationships, and Tools in Cybersecurity
Mend.io’s Chris Lindsey offers his advice on dealing with security team turnover, building relationships with developers, and choosing the best security tools.
Building Security Culture Starts with Building Relationships
Development and security teams should be friends, not adversaries. Learn how to build trust and empathy between your teams.
What New Security Threats Arise from The Boom in AI and LLMs?
Learn about the big threats that come with AI and LLM technology.
Securing Cloud-Native Applications Across the Software Development Life Cycle
Learn how to apply security and risk reduction techniques at each stage of the SDLC. And, why automating risk reduction is the only way to reduce cloud-native application risk at an enterprise scale.
Let’s Embrace Death in the Software Development Lifecycle
At some point we must say goodbye to our beloved products. Mend.io VP of Product Jeff Martin explains why letting go keeps companies alive.
New ESG Research Report Outlines Best Practices for Effective Application Security Programs
Learn what the latest research says about why application security programs struggle and what you can do to strengthen your AppSec.
Why The US Government Continues to Push for Software Supply Chain Security
What goals arose from the OpenSFF summit and what do they tell us about the US government’s stance on software supply chain security?
Cybersecurity Awareness Month 2023: Five Reasons You Need Automatic Software Updates for Your Application Security.
To mark Cybersecurity Awareness Month 2023, discover five key reasons why automated software updates are so vital for your application security.
Holistic AppSec and Software Supply Chain Security
Learn practical steps to building a sustainable application and software supply chain security strategy that meets today’s business demands and those that may arise in the future.
What Role Should Dependency Management Play as the Regulation of the Software Supply Chain Escalates?
Discover why and how dependency management has become more significant as regulation and governance of the software supply chain escalates.
Adversaries Are Using Automation. Software Vendors Must Catch Up
Attackers are using automation to escalate their attacks. Here’s why and how you can use automation to defend your apps, software and codebase.
Communicating the Value of Your Company With SBOMs
An SBOM is more than just a box to tick, it’s an opportunity to build trust with your customers. Here’s why and how to do that.
Software Supply Chain Security: The Basics and Four Critical Best Practices
Learn about supply chain security, supply chain attacks, and how to protect your organization against this severe threat.
How Software Supply Chain Security Regulation Will Develop, and What Will It Look Like?
Discover how software supply chain security regulations could develop and evolve, and what the outcome could be.
Why Legal Regulation Shifts Responsibility for Software Supply Chain Security to Vendors
The recent publication of cybersecurity strategies by governments of leading economies could create significant change in software supply chain security by shifting responsibility towards vendors and imposing best practices. This blog looks at why this is happening, what the changes might be, and what challenges they could pose.
Are You Protected from the 12 Most Exploited Vulnerabilities?
Discover the 12 most exploited vulnerabilities that threaten organizations’ software and what dependency management strategies and tools will protect you from them.
The State of Supply Chain Threats
Download this report to learn what organizations are doing to mitigate software supply chain risk.
Eight Considerations for Thwarting Malicious Packages
Discover eight key considerations to help you thwart the escalating threat of malicious packages and secure your software and applications.
Handling Open Source Context Licensing: Wrong Answers Only
Learn more about the need to identify open-source code and the license types being used. And, why you need to identify not just direct dependencies but also transitive dependencies.
What You Can Do to Stop Software Supply Chain Attacks
Discover the best practices you can employ to strengthen your software supply chain security.
How Software Supply Chain Attacks Work, and How to Assess Your Software Supply Chain Security
Discover how software supply chain attacks work, their typical characteristics, and how you can assess the security of your software supply chain.
Seven DevSecOps Best Practices: Challenges and How to Address Them
Discover seven key considerations for a successful and secure DevSecOps methodology to secure your software supply chain.
Operationalizing DevSecOps
Join Shiri Arad Ivtsan, Senior Director of Product Management - Mend.io, in this editorial roundtable to explore the challenges DevOps teams and developers face in operationalizing security into their workflows and processes, and how AI and automation can help.
What Risks Do You Run from Brandjacking, and How Do You Overcome Them?
What is brandjacking, why is it such a threat, and what role do AppSec security practices play in thwarting it?
What Cybersecurity Risks Does Typosquatting Pose, and How Can You Beat Them?
Find out what typosquatting is, why it is such a threat, and what you can do to stop it.
SBOMs: A Roadmap for a Secure Software Journey
Join Jeff Martin, Vice President of Product Management - Mend.io to learn how software supply chain threats and increasing regulatory pressures make supply chain security a top priority for software organizations.
Strange Bedfellows: Software, Security and the Law
Join Sam Quackenbush, Sr. Director of Field Innovation & Strategy – Mend.io for this live panel roundtable to discuss some of the top cyberlaw and legal topics affecting software supply chain security.
Why is Software Vulnerability Patching Crucial for Your Software and Application Security?
Find out what software vulnerability patching is and why it's important for software and application security.
Software Supply Chain Compliance: Ensuring Security and Trust in Your Software and Applications
Find out the key facts about software supply chain compliance, why it’s important and how best to implement it.
Malicious Packages: A Growing Threat to the Software Supply Chain
In addition to the growing number of vulnerabilities, today’s security teams face the emerging challenge of malicious packages. Learn how to secure your applications with this White Paper.
How Does SLSA Help Strengthen Software Supply Chain Security?
Find out what SLSA is and how it contributes to software supply chain security.
Five Tips for Using SBOMs to Boost Supply Chain Security
Discover why SBOMs are so important for software supply chain security and how you can best use them to secure your software and applications.
Mend.io Launches AppSec Risk Assessment Program
Mend.io announces a new initiative designed to make it easier than ever for organizations to visualize and remediate their biggest sources of risk
Understanding the Anatomy of a Malicious Package Attack
Learn why malicious packages are a growing threat to application security, how they work, and what you can do to stop them
How Supply Chain Attacks Work – And What You Can Do to Stop Them
In this webinar, learn the stages of a software supply chain attack and the different types of attacks to look for.