Welcome to Mend Blog

Read about application security, DevSecOps, open source license compliance and audit

Choose Your Type

Choose Your Topic

Our Latest Blog Posts

Are You CODEfident?

We’ve been watching the global transition to an app-driven world for some time now, as companies develop and deploy innovative software at warp speed. And we’ve also watched application security teams struggle to keep up. Many try to use yesterday’s tools for today’s AppSec reality, while others wrestle with immature application security programs. And that’s...

Growth Through Mentorship at Mend

It’s a common claim from many companies that their people are their most valuable asset. What’s less common, however, is the evidence to back this up. But at Mend, we have matched our commitment to our teams with learning and development opportunities to support the personal and professional growth of our Menders. As the company...

White House Issues New Guidelines on Software Supply Chain Security – What Are the Challenges and Possible Outcomes?

The White House and the Executive Office of the President of the U.S, have just issued a memorandum of guidelines to enhance the security of the software supply chain through secure software development practices. This follows two new acts from U.S. Congress that strengthen cybersecurity and information security and an executive order on cybersecurity from the office of the U.S. President. Discover what their key points are, why they've been introduced, and how they might shape the future of cybersecurity.

Application Security Debt – Warnings and Solutions

In an interview with Michael Vizard from the Techstrong Group, Jeff Martin VP product for Mend, outlines his view on why security must now be an integral part of shipping software, how far security automation can currently go, and the importance of making security a vital part of developers’ education.

3 Key Questions for Smart AppSec Automation

Automating AppSec could prove tremendously helpful, but many security teams are slow to trust automated tools. These three questions can help cybersecurity professionals embrace automation without increasing risk.

Empowering Women for Leadership at Mend

Mend marks Women’s Equality Day by describing how the company meets the challenge of equality with its “Ready to Grow” program, and the success it has achieved so far in promoting equality in leadership and opportunities for women and others

Attacker Floods npm With Crypto-Mining Packages that Mine Monero When Installed with Default Configuration

Monero (XMR) is an open-source, privacy-oriented cryptocurrency that was launched in 2014. It uses a public distributed ledger containing technology that obscures transaction details to ensure the anonymity of its users. Monero maintains egalitarian mining, allowing anyone to participate. As tempting as it may seem, some go a step further and use the infrastructure of...

Statement from Mend on the U.S. Supreme Court Decision

In light of the Supreme Court decision in Dobbs versus Jackson Women’s Healthcare, which nullified the federal right to an abortion, we remain committed to protecting the rights of our employees. The health and well-being of our Mend team members are paramount to all that we do, and we do not take this news lightly. ...

RSA 2022–What a Week! 

After two years of virtual events, the Mend team was beyond excited to gather in San Francisco’s Moscone Center and connect with the tech community face to face. This year’s theme was ‘transformation,’ which couldn’t be more appropriate for us as we unveiled our new company name and integrated application security platform with automated remediation...

The Era of Automated SAST has Begun

Introducing the Mend Application Security Platform, which offers automated remediation for both open source and custom code.