Welcome to Mend Blog

Read about application security, DevSecOps, open source license compliance and audit

Choose Your Type

Choose Your Topic

Our Latest Blog Posts

Software and AppSec Challenges and Opportunities in Banking and Fintech — Part Three

In the third and final part of our blog series on software and application security challenges and opportunities in banking and fintech, we look at some more considerations that were discussed in our recent webinar, featuring Rhys Arkins, Mend’s VP of Product Management; James McLeod, Director of Community of the Fintech Open Source Foundation (FINOS);...

Yandex Data Leak Triggers Malicious Package Publication

It would be big news, to say the least, if a large quantity of Google source code found its way into the public domain. Now imagine if the leak also included source code from Amazon and Uber. That’s the scale of the data leak that hit Russian tech giant Yandex. The risk here is that...

Application Security Requires Concerted, Continuous Efforts

According to Forrester Research, applications are the top cause of external breaches because cybercriminals consider them to be one of the easiest entry points to attack organizations’ code bases. As supply chain attacks increase, it has become increasingly important for organizations to implement and maintain a continuous application security program and make it a priority. ...

How to Manage Risk Effectively in Cloud-Native Environments

We’ve all got our heads in the cloud, or if not yet, we’re well on our way there. In other words, the process of digital transformation is happening at such a pace that almost all organizations will soon be working in the cloud and using cloud-native technology. Analyst Gartner has predicted that by 2025, over...

Building a Modern Application Security Strategy. Part One: Threats, Opportunities, and Challenges

First of a two-part series The online world is now packed with applications, so it’s unsurprising that they’re a top target for threat actors. However, traditional application security (AppSec) strategies often prove ineffective. To defend themselves against the rapidly evolving threat landscape, organizations need to build a modern AppSec strategy that addresses these fast-changing conditions....

In Modern AppSec, DevSecOps Demands Cultural Change

Building a modern application security program requires a robust DevSecOps environment built on collaboration. For many companies, that means shifting away from IT silos towards a shared-responsibility mindset regarding security across the organization.

Renovate Reaches 10K!

The Renovate open source project for automating dependency update hit some big Github milestones, so we put together a little appreciation for our favorite dependency update bot.