What’s Driving the Adoption of SBOMs? What’s Next for Them?
Discover two of the key drivers behind the demand and adoption of SBOMs: technical and legislative.
Learn more about application security, DevSecOps, license compliance, supply chain security, and malicious packages.
Discover two of the key drivers behind the demand and adoption of SBOMs: technical and legislative.
Mend.io research discovered a threat actor takeover of the name ‘gemnasium-gitlab-service', a retired Ruby gem with more than two million downloads. Existing projects that haven't updated their dependencies might unwittingly pull in this new version, assuming it's a continuation of the original. Given that the new gem is now controlled by an unknown entity, it could be altered to include malicious code or to perform undesirable actions.
Learn how Mend.io integration enhancements for Jira Security build seamless adoption and collaborative DevSecOps.
We’re proud to announce that Mend has been recognized as a Visionary in the 2023 Gartner Magic Quadrant for Application Security Testing.
Learn why open source license compliance is essential and what you can do to ensure compliance in readiness for M&A activity
Learn more about challenges, best practices, and good strategies for dependency management, and discover our three favorite tips.
Find out what a Software Composition Analysis tool is and why it should be part of your application security portfolio.
Open source code package repositories allow anyone to store or publish packages, and unfortunately that can include packages containing malware. These are known as malicious packages. Read on to learn about what they are and how they work.
Learn how to choose an SBOM format that fits your company’s needs.
Key takeaways from five of the more noteworthy sessions we attended at RSA 2023.
What Mend.io’s collaboration with Kondukto’s new Demo Hub means when choosing your AppSec solution
What do Australia’s cybersecurity plans teach us all about the need for advanced application security?
Read on to hear our predictions on the hot topics at RSA this year, and what Mend.io will be up to at the show.
Discover Mend.io's new enhancement to its Jira integration capabilities.
Mend.io has achieved Amazon Web Services (AWS) Security Competency status. This designation recognizes that Mend.io has demonstrated proven technology and deep expertise to help customers achieve cloud security goals and reinforces Mend.io’s position as a trusted member of the AWS Partner Network (APN).
A new malicious package named 'Vibranced' has been detected on the Node Package Manager (npm) repository and poses a significant threat to users who may unknowingly install it. The package has been carefully crafted to mimic the popular ‘colors’ package.
Research from Mend.io’s new Malicious Packages Special Report: Attacks Move Beyond Vulnerabilities illustrates the growing threat of malicious packages, including a 315 percent increase in attacks from 2021 to 2022.
Discover how vulnerabilities in healthcare tech can threaten lives, and how the U.S. FDA has been granted authority to improve the security of medical devices and apps.
What are the implications for application security of the EU’s new cybersecurity regulations?
Learn why you should scan applications in the repository to accelerate and improve your application security.
The International Transgender Day of Visibility celebrates transgender people, shines a light on the discrimination they face worldwide, and celebrates their contributions to society.
Discover how integrating AppSec into your repository, like Bitbucket Cloud, can improve and simplify your application security.
Mend celebrates ten trailblazing women in tech for Women’s History Month.
How does the shift to the Cloud affect application security?
How do fintech companies address the risks posed by vulnerabilities like Spring4Shell? Here’s how Mend tackled the issue for MSCI to speedily thwart any potential threats.
Discover what the key considerations are for building a successful cloud security, according to a recent panel discussion attended by Mend’s Jack Marsal.
Learn the five key principles of modern application security and why they’re so vital.
Kubernetes security should be a primary concern and not an afterthought. Learn how to avoid risks by applying security best practices.
Mend celebrates International Women’s Day with insights from some of our talented women about building a career in technology.
Discover how financial services are embracing open source in this summary of the Fintech Open Source Foundation’s latest report.
New Biden Cybersecurity Strategy Assigns Responsibility to Tech Firms
Learn who should take responsibility for application security, according to Mend VP of Product Management Jeffrey Martin.
Learn about the key findings of Mend’s Open Source Risk Report, and how to secure your software supply chain.
Learn how CI/CD (continuous integration/continuous delivery) pushes frequent, incremental software updates & fixes regardless of size using automation tools.
Discover how you can build an effective modern application security program by increasing awareness and understanding in your organization.
Discover the essential features and best practices you should have in your license management tool.