Forrester's State of Application Security, 2020: Key Takeaways
In its 2020 AppSec report, Forrester predicts application vulnerabilities will continue to be the most common external attack method. Read the key takeaways.
Choose Your Type
Choose Your Topic
Our Latest Blog Posts
How Does GDPR Impact Open Source Security Expectations?
Learn how to be better prepared for GDPR by adopting the right tools and getting on the right side of regulation easier, while building great software and serving customers.
DevSecOps vs. SecDevOps: A Rose by Any Other Name?
The terms DevSecOps and SecDevOps are often used interchangeably. Is there any real difference between them? Let’s explore whether there’s a difference.
Gartner 2020 Magic Quadrant for Application Security Testing: Key Takeaways
Get the key takeaways of the Gartner Magic Quadrant report for Application Security Testing 2020 to learn about new and continuing trends in the market
May Open Source Security Vulnerabilities Snapshot
Learn about April's new open source security vulnerabilities, their severity, top CWEs, vulnerabilities per programming language, new XSS in jQuery XSS, and more.
Top Tools and Tips to Improve Your DevOps Pipeline
Are you ready to build your DevOps pipeline? Time to tool up with these top 7 CI/CD technologies that will help you get your feet wet.
Docker Container Security: Challenges and Best Practices
Docker is a complicated beast, and there is no simple trick you can use to maintain Docker container security. We offer a set of best practices that should help you.
Observability: What You Need to Know
Learn why observability is important to DevOps organizations with distributed systems, how observability is different from monitoring, and how to approach the three pillars of observability.
Why You Should Avoid Copy & Paste Code
Copy and pasting code from open source projects is never a good idea from a licensing, bug fix and vulnerability perspective. Read to avoid the risks.
Open Source Analysis Extends Your Visibility
Open source analysis gives you visibility into your open source code and allows you to manage your open source components.
April Open Source Security Vulnerabilities Snapshot
Check in to learn about the new open source security vulnerabilities published in March, their severity, top CWEs, vulnerabilities per programming language, new critical FastXML jackson-databind seria
Kubernetes Pod Security Policy Best Practices
Using Kubernetes pod security policies to maximum effect takes some effort. this article explains how to get the most out of Kubernetes pod security policies.
Top Zoom Backgrounds We Love For April 1st
Our humble tribute to April Fools’ Day is this collection of our favorite Zoom backgrounds from our very own Mend crew.
Tips and Tools for Open Source Compliance
Open source is becoming indispensable to businesses and its usage continuously rises. The reasons why are clear: open source components are free, stable, and enable you to focus your resources on...
How to Balance Between Security and Agile Development the Right Way
What can be done to better balance between security and agile development? What steps can be taken to ensure agile development processes are done in a secure manner?
5 Ways to Speed Up Your Software Development Process
We all constantly face the challenge of reducing time-to-market to ensure our company will not lose market share. This challenge has made time the most valuable resource for every software...
5 Tips for Using Open Source Components More Wisely
What is the best way to use open source software (OSS) components? The choices range from copying a few lines into your project’s source code base to integrating open source libraries....
Web Application Security at Every Stage of the SDLC
Developments in web applications have increased the risk of malicious attacks. know the steps to secure your enterprise.
9 Expert AppSec Predictions for 2020
AppSec experts from across the industry give their predictions for application security in 2020 and beyond.
16 Women Paving the Way in AppSec
To celebrate International Women's Day, we rounded up the most inspiring women leading the way in AppSec.
March Open Source Security Vulnerabilities Snapshot
Learn about the new open source security vulnerabilities published in February, their severity, top CWEs, vulnerabilities per programming languages
InnerSource: How Open Source Best Practices Help Enterprise Development Teams
What are the benefits of InnerSource and how can organizations adopt InnerSource to improve their internal development processes?
What You Need to Know About the New OpenSSH Security Updates
OpenSSH's new v8.2 contains security updates to protect users. Why are the updates important and what do they mean for you?
7 Open Source Projects We Love
Celebrating Valentines with a shout-out to Kubernetes, Ansible, django, Apache Cassandra, TensorFlow, and more open source projects that we love
11 Best Security Conferences to Attend in 2020
From RSA to DEF CON, from OWASP to SANS, here are our recommendations for 11 security conferences you want to attend in 2020, and why.
GitOps Basics: Developers Are Gitting Into Deployment
Is GitOps a passing trend or a DevOps practice that's here to stay? How does the GitOps pipeline work and what are the benefits?
Top Ten Open Source Security Vulnerabilities in 2019
2019 is finally behind us, and we are all already speeding through 2020, full of promise and new resolutions. While there are many things we would all rather leave in the past, the issue of open source security vulnerabilities is still as relevant as ever. To keep you all in the know, our hard-working Knowledge...
Open Source Licenses: Trends and Predictions
In this article we'll take a look at the trends of open source license usage this year and compare them to previous years.
Top 20 Developer Advocates To Follow
Developer advocates engage with developer communities to help them use their tools more productively. Read about the top developer advocates to follow in 2020.
Top 5 New Open Source Security Vulnerabilities in December 2019
December's list of top 5 new open source security vulnerabilities includes some of the most popular projects like SQLite, TensorFlow, PHP, and npm
4 Steps Developers Should Take To Use npm Securely
How can you make sure that your NPM security is covered? Here are four NPM security tips for developers.
5 Free Developer Tools We're Grateful For
Here are five free tools to help developers create and deliver innovative, high-quality, and secure software, faster.
Key Take-Aways from Gartner's Technology Insight for Software Composition Analysis Report
Gartner’s first-ever report about Software Composition Analysis (SCA) covers how SCA addresses the need for managing open source usage, and how to choose an SCA tool.
Welcome to Mend, Renovate!
Mend Renovate joins the Mend family to offer developers a free dependency update tool that automatically resolves outdated dependencies saving developers’ time, reducing risk...
Top 5 New Open Source Security Vulnerabilities in October 2019
October's top 5 new open source security vulnerabilities list includes PuTTY, Go, Kubernetes, WordPress, and handlebars
Fitting Continuous Testing Into Your DevOps Pipeline
Continuous testing or testing automation? Where and how does CT fit into your DevOps pipeline? What are the benefits and best practices? Learn how to succeed at continuous testing.