Mend.io Resource Center

Read about application security, DevSecOps, license compliance, and software supply chain security.

Choose Your Type

Choose Your Topic

Our Latest Content

Panel: The Next Generation of Application Security

Application security is an effective tool for defending against attacks. But as IT infrastructures shift to “software-defined everything” and move to the cloud, traditional AppSec models no longer are enough to protect the application. This webinar takes a look at how companies are addressing new models to address more dispersed and dynamically connected applications, from...

Taking Open Source Security to the Next Level

Join us for a webinar featuring Forrester VP and Research Director Amy DeMartine to learn more about why open source security has become critical for securing modern applications, the main considerations when evaluating an open source security and license compliance solution and what she sees in store for the future. Additionally, WhiteSource Senior Director of...

360° Kubernetes Security: From Source Code to K8s Configuration Security

Kubernetes has become the default way for many organizations to scale and orchestrate their use of containers. However, organizations are starting to find themselves needing to take the necessary steps to protect their containers. Automating security checks throughout the development life cycle can help reduce risk and allow organizations to develop and deploy securely. Join Shiri Ivstan, Senior Product Manager at WhiteSource and Yaniv Peleg Tsabari, Senior...

Webinar: Deep Dive into Container Security

Many organizations are using containers to develop and manage their applications. Containers enable development teams work faster, deploy more easily and efficiently, and operate at a much larger scale. However, there are many security measures that need to be taken across the entire software development lifecycle, especially when it comes to open source security. In...

Panel Discussion: 10 Tips for Achieving Cultural Change in DevOps

DevOps success depends on three things: people, processes and tools. While tools and processes can be easy enough to address, the people part of the equation can be more difficult to tackle. Changing the culture of an organization can be akin to turning a cruise ship midstream. Join this webinar to hear the top 10...

Webinar: Demystifying PCI Software Security Framework

The Payment Card Industry (PCI) Security Standards Council recently released a new security framework to replace the previous standard (PCI PA-DSS). The new framework is set to better address the changes that the software development industry has seen in the past few years. Agile and DevOps methodologies, cloud and containerized environments and widespread open source...

Panel: DevOps Takes On The World

DevOps is a global phenomenon, with organizations in countries far and wide adopting DevOps tools, processes and culture to increase the speed, efficiency and reliability of their applications. In this webinar, we’ll delve into why DevOps has such a global reach and take a look at some of the international companies that have found success...

Transforming from DevOps to DevSecOps at Scale

Many security specialists, especially at large organizations, believe that better security comes from robust independent gating. On the other hand, DevOps has proven that you can safely deploy orders of magnitude faster than human gating can achieve. Similarly, security groups believe that policy enforcement is their biggest (only?) lever… “If we can just update the...

Container Security at the Speed of CI/CD

DevSecOps is often associated with securing a development pipeline in traditional CI/CD frameworks. Join this session, held by Henrik Johansson, Principal – Office of the CISO at AWS, as he discusses and shows: – how public cloud technology enables you to fully embrace security automation in your infrastructure – how to account security using managed...

Webinar: Lessons Learnt By An Agent Of Chaos From DevOps

Is your organization ready to embrace a DevOps mindset? Receive a pragmatic view from an agent of chaos, who’s promoting the goal for a single continuous integration and delivery pipeline, shifting testing, security, code reviews, and other opportunities to improve information sharing and quality to the left, shifting configuration to the right, and most importantly,...

Webinar: Do Your Pipelines Remember? They Must If You Want to Go Fast With Static Analysis

All static analysis tools produce false positives, and often require developer context to determine exploitability of a security risk. Automating a static scan is usually straightforward but building automation workflows around SAST findings require that your Pipelines become smarter over time. Optimizing the data provided by SAST tools is an often overlooked aspect to integrating...

DevSecOps In The Cloud Is More Than Just CI/CD

DevSecOps is often associated with securing a development pipeline in traditional CI/CD frameworks. Join this session, held by Henrik Johansson, Principal – Office of the CISO at AWS, as he discusses and shows: – how public cloud technology enables you to fully embrace security automation in your infrastructure – how to account security using managed...

Securing Container-Based Applications at the Speed of DevOps

Thanks to containerization and automation, applications are being developed and delivered faster than ever. With tools such as AWS ECR, developers are able to store, manage and deploy Docker container images without having to worry about operating their own container repositories or scaling the underlying infrastructure. With this, however, arise challenges around managing the security...