Read about application security, DevSecOps, open source license compliance and audit
Learn what happened, the impact of the attack, how it was discovered, and what you can do to prevent it from affecting your apps
The financial sector has embraced open source, now they need to manage and secure it using a Software Composition Analysis solution.
The Forrester Wave on Software Composition Analysis helps identify which vendor offers the best solution to protecting your open source.
Mend hosted industry experts at a roundtable to provide their insights and tips on the challenges of digital native security.
An in-depth look at Prototype Pollution vulnerabilities and how to mitigate them.
Learn how packages’ external resources threaten your supply chain, and how you can mitigate the risks.
Let’s look at 5 organizations that teach programming to kids to nurture the next generation of software developers while also trying to close the gender and race gap in tech.
Mend in partnership with Jonathan Leitschuh found over 100,000 libraries affected by Maven vulnerability CVE-2021-26291.
Learn how developers can adopt easy practices to secure the open source supply chain without slowing down development.
The relationship between security and developers has traditionally been like two teams competing at a tug-o-war. On one end developers are pulling to produce functional products at breakneck...
In order to incorporate security into your DevOps cycle you need to know the most innovative automated DevSecOps tools around that will help you secure your application without slowing you down.
In the hopes of clearing up some of the confusion, we’ve mapped out some of the elements that can help us conduct an actionable open source license comparison.
President Biden’s executive order places strict standards on software sold to the US government. Learn about the executive order and software supply chain attacks.
Many enterprises consider applications to be the highest security risk. This survey by Ponemon Institute looks at AppSec risks.
We analyzed published open source security vulnerabilities in Struts and Spring to learn more about the state of vulnerability management.
Read the latest supply chain security news and updates to learn about new supply chain methods exploited in April.
Learn what a developer security champion is and how it will help your developers shift security left.