Want Your R&D Team to Rock? 7 Tips to Help Your Developers Perform Like a Supergroup
Learn how to turn your R&D team into a coding supergroup. Discover how to help your developers perform like rockstars.
Read about application security, DevSecOps, license compliance, and software supply chain security.
Learn how to turn your R&D team into a coding supergroup. Discover how to help your developers perform like rockstars.
The National Vulnerability Database is the leading resource for software vulnerabilities. We break down what you need to know to make the most of it.
We ran the free OWASP Dependency-Check to see how it works. Here's our rundown of the pros and cons.
According to the latest open source security research report from WhiteSource, “The State of Open Source Vulnerabilities Management” for 2018, almost 97% of developers rely upon open source components in order to develop their applications nowadays. But with the recent spike in disclosed open source vulnerabilities, the question arises whether security and development teams have...
Learn about 5 female pioneers of software development we're grateful for. From Ada Lovelace to Barbara Liskov.
Learn how to overcome 3 DevOps security challenges, and how to integrate security into the DevOps pipeline.
Discover 5 common security mistakes haunting developers. Learn how to avoid vulnerabilities and protect your software from attacks.
DevSecOps represents a fundamental shift from the status quo by making security a much more collaborative effort. Applications are the business in this digital age. Securing the applications that drive your business is essential to providing safe digital experiences to your entire business ecosystem. With DevSecOps, security is automated and integrated into the development process....
September's list of Top 5 New Open Source Security Vulnerabilities includes both new and old players in the community, and vulnerabilities that are yet to be published in NVD
Learn how to create an effective open source policy template with 3 key points to ensure compliance and enforcement.
We've highlighted 7 different open source projects which junior developers should use when starting out.
Equifax breach review reveals vulnerabilities in Apache Struts are still unpatched by many companies. Learn why remediation is crucial.
Here are the top 5 open source vulnerabilities that shocked the open source community and could still be affecting us as we speak.
DevOps and DevSecOps are a generation apart from each other, representing a natural evolution to the integration of automated security into the DevOps movement.
Our research team has put together a list of July’s top 5 new known open source security vulnerabilities, collected by the Mend database.
Explore the pros & cons of dual licensing for open source components. Learn how it works, its benefits, challenges, & compliance requirements.
If you’re looking to draw in investors get yourself ready for a startup due diligence process. Prepare your startup for due diligence with these guidelines.
Despite the problems that DevOps solves, there are common mistakes that DevOps teams commit while working together to deliver the companies’ products.
Discover Bit, Mend's Open Source Project of the Month for July 2018. Learn how Bit streamlines software component sharing and collaboration.
Why does the “Drupalgeddon 2.0” vulnerability leave so many Drupal users exposed despite the fact that there is an available fix out there?
Discover and dispel 6 common concerns around using open source software in applications. Learn how to mitigate risks and harness its power.
Learn about the flaws in the Common Vulnerability Scoring System and how it may impact security professionals.
What happens when a cyber security researcher discovers a vulnerability? and what do you do when a vulnerability in a component you use has been disclosed?
Using components with known vulnerabilities is one of OWASPs' top 10 vulnerabilities. We explain what is the best way to deal with that risk.
WhiteSource’s Reut Netzer was featured in IMA’s Webinar. Reut presented The Top 3 Strategies to Reduce Your Open Source Security Risks. Please note that this webinar was in French.
Explore 7 groundbreaking Chinese open source projects like Vue and Dragonfly.
We’ve put together a list of the top 5 Linux Vulnerabilities that hit organizations so far in 2018, aggregated by the Mend database.
OS are valuable reusable software components. Hackers love them for targeting multiple victims. Learn how to defend against known vulnerabilities.
Learn about CVSS v3 and the challenges it brings for developers. Understand how to prioritize remediations & utilize effective usage analysis.
The folks behind these creative projects assembled below took the name creation to a new level. We have sought out some of the strangest and cleverest open source project names
financial institutions fall victim to breaches more often than companies in other industries.This is our breakdown of the top three challenges that we think fintechs should address head-on, yesterday.
DevSecOps offerings that are just DevOps lipstick on a traditional security-as-a-gate pig. Also, security specialists, especially at large organizations, believe that better security comes from robust independent gating. On the other hand, DevOps has proven that you can safely deploy an order of magnitude or more faster than human gating can achieve. What’s needed to...
We’ve put together a list of April’s top 5 new known open source security vulnerabilities, aggregated by the Mend database.
When a developer says something, it more often than not, it means something entirely different from their perspective. The same can be said of their jokes.Here are the top 5 we found.
Learn how to ensure you're using high-quality open source components with tips on security, licensing, and quality assessment.
The Equifax breach was the largest single breach in history, with 145.5 million records being uncovered. Today, 6 months later, we look at the industry and see what we have learned from Equifax.