5 Scary Security Mistakes That Are Haunting Your Developers
Halloween special: teams of developers aren't haunted by your typical ghosts, witches, and vampires. So what are developers’ really afraid of?
Read about application security, DevSecOps, license compliance, and software supply chain security.
Halloween special: teams of developers aren't haunted by your typical ghosts, witches, and vampires. So what are developers’ really afraid of?
DevSecOps represents a fundamental shift from the status quo by making security a much more collaborative effort. Applications are the business in this digital age. Securing the applications that drive your business is essential to providing safe digital experiences to your entire business ecosystem. With DevSecOps, security is automated and integrated into the development process....
September's list of Top 5 New Open Source Security Vulnerabilities includes both new and old players in the community, and vulnerabilities that are yet to be published in NVD
How to create an open source policy templates without leaving out critical aspects of policy implementation. Read these three crucial points.
We've highlighted 7 different open source projects which junior developers should use when starting out.
One Year to the Equifax data breach, what are organizations doing to address vulnerable open source components?
Here are the top 5 open source vulnerabilities that shocked the open source community and could still be affecting us as we speak.
DevOps and DevSecOps are a generation apart from each other, representing a natural evolution to the integration of automated security into the DevOps movement.
Our research team has put together a list of July’s top 5 new known open source security vulnerabilities, collected by the Mend database.
Dual licensing for open source components: why companies use both GPL and commercial license for one product.
If you’re looking to draw in investors get yourself ready for a startup due diligence process. Prepare your startup for due diligence with these guidelines.
Despite the problems that DevOps solves, there are common mistakes that DevOps teams commit while working together to deliver the companies’ products.
Bit is Mend's open source project of the month for July 2018. Bit helps speed software development through collaboration and reuse of code components.
Why does the “Drupalgeddon 2.0” vulnerability leave so many Drupal users exposed despite the fact that there is an available fix out there?
How many times have you heard that "open source is not secure". We are here to dispel this and other open source software security concerns.
Prioritization based on real knowledge of where your organization is most at risk can play a big role the proper allocation of resources. Does CVSS V3 help you prioritize?
What happens when a cyber security researcher discovers a vulnerability? and what do you do when a vulnerability in a component you use has been disclosed?
Using components with known vulnerabilities is one of OWASPs' top 10 vulnerabilities. We explain what is the best way to deal with that risk.
WhiteSource’s Reut Netzer was featured in IMA’s Webinar. Reut presented The Top 3 Strategies to Reduce Your Open Source Security Risks. Please note that this webinar was in French.
In recent years, we have seen significant growth in the number of Chinese repositories on sites like GitHub as developers contribute to local projects. We highlight 7 of them.
We’ve put together a list of the top 5 Linux Vulnerabilities that hit organizations so far in 2018, aggregated by the Mend database.
OS are valuable reusable software components. Hackers love them for targeting multiple victims. Learn how to defend against known vulnerabilities.
We explain why CVSS v3 is challenging developers in prioritizing open source vulnerabilities and how determining vulnerabilities’ effectiveness may help.
The folks behind these creative projects assembled below took the name creation to a new level. We have sought out some of the strangest and cleverest open source project names
financial institutions fall victim to breaches more often than companies in other industries.This is our breakdown of the top three challenges that we think fintechs should address head-on, yesterday.
DevSecOps offerings that are just DevOps lipstick on a traditional security-as-a-gate pig. Also, security specialists, especially at large organizations, believe that better security comes from robust independent gating. On the other hand, DevOps has proven that you can safely deploy an order of magnitude or more faster than human gating can achieve. What’s needed to...
We’ve put together a list of April’s top 5 new known open source security vulnerabilities, aggregated by the Mend database.
When a developer says something, it more often than not, it means something entirely different from their perspective. The same can be said of their jokes.Here are the top 5 we found.
Way back in the day (in software production speak that means three years ago), professionals in our ecosystem were still going back and forth about free and open source software vs. proprietary....
The Equifax breach was the largest single breach in history, with 145.5 million records being uncovered. Today, 6 months later, we look at the industry and see what we have learned from Equifax.
Our research team analyzed our database of over 3M open source components and 70M source files, to see which open source licenses were most popular in 2017, in comparison to 2016
This month’s roundup of the top 5 new open source security vulnerabilities, was aggregated by the Mend database, which is updated continuously from the NVD
Love it or hate, the annual RSA Conference (RSAC) in San Francisco is the largest cyber security conference in the world. It is where the world comes to talk and learn security. Inevitably every year at RSAC there are some technologies that become the industry buzzwords and hot buttons. These generally stay on top of...
Cheer on your favorite repositories as they go for the win Few things in the world of programming are as universal as GitHub. Boasting over 4 million users, the code-sharing site prides itself on...
The world of how work gets done has changed dramatically, moving at a faster pace with a far greater emphasis on collaboration for improving productivity. Today, virtually all software has a cloud...
Open Source has become the key building block for application development in today’s market, where companies are under constant pressure to accelerate time to market. The increasing adoption of open source components, however, has introduced new security challenges that most teams are not prepared to mitigate in their current posture. In this webinar, we will...