Creating Your Open Source Policy Template: 3 Points You Don’t Want to Overlook
How to create an open source policy templates without leaving out critical aspects of policy implementation. Read these three crucial points.
Choose Your Type
Choose Your Topic
Our Latest Content
Top Open Source Projects To Use For Junior Developers
We've highlighted 7 different open source projects which junior developers should use when starting out.
Equifax Breach Year in Review: Vulnerabilities in Apache Struts Still Going Strong
One Year to the Equifax data breach, what are organizations doing to address vulnerable open source components?
Zombies: Top 5 Open Source Vulnerabilities That Refuse To Die
Here are the top 5 open source vulnerabilities that shocked the open source community and could still be affecting us as we speak.
The Next Generation of DevOps Adds Security into the Blend
DevOps and DevSecOps are a generation apart from each other, representing a natural evolution to the integration of automated security into the DevOps movement.
Top 5 New Open Source Security Vulnerabilities in July 2018
Our research team has put together a list of July’s top 5 new known open source security vulnerabilities, collected by the Mend database.
Dual Licensing for Open Source Components: Yeah or Meh?
Dual licensing for open source components: why companies use both GPL and commercial license for one product.
8 Startup Due Diligence Questions You want to Be Asking
If you’re looking to draw in investors get yourself ready for a startup due diligence process. Prepare your startup for due diligence with these guidelines.
The 5 Common Mistakes Your Devops Team is Making
Despite the problems that DevOps solves, there are common mistakes that DevOps teams commit while working together to deliver the companies’ products.
Bit — Mend’s Open Source Project of the Month for July 2018
Bit is Mend's open source project of the month for July 2018. Bit helps speed software development through collaboration and reuse of code components.
Why Drupalgeddon 2.0 May Still Be A Threat To Your Website
Why does the “Drupalgeddon 2.0” vulnerability leave so many Drupal users exposed despite the fact that there is an available fix out there?
6 Open Source Software Security Concerns Dispelled
How many times have you heard that "open source is not secure". We are here to dispel this and other open source software security concerns.
CVSS v3 Is Still Missing The Target For Prioritization
Prioritization based on real knowledge of where your organization is most at risk can play a big role the proper allocation of resources. Does CVSS V3 help you prioritize?
Vulnerability Disclosure: Find the Bugs in Your Code Before the Hackers Do
What happens when a cyber security researcher discovers a vulnerability? and what do you do when a vulnerability in a component you use has been disclosed?
You Can’t Ignore Using Components With Known Vulnerabilities
Using components with known vulnerabilities is one of OWASPs' top 10 vulnerabilities. We explain what is the best way to deal with that risk.
IMA- The Top 3 Strategies To Reduce Your Open Source Security Risks
WhiteSource’s Reut Netzer was featured in IMA’s Webinar. Reut presented The Top 3 Strategies to Reduce Your Open Source Security Risks. Please note that this webinar was in French.
7 Chinese Open Source Projects You Should Know About
In recent years, we have seen significant growth in the number of Chinese repositories on sites like GitHub as developers contribute to local projects. We highlight 7 of them.
Top 5 Linux Kernel Vulnerabilities in 2018
We’ve put together a list of the top 5 Linux Vulnerabilities that hit organizations so far in 2018, aggregated by the Mend database.
Known Open Source Vulnerabilities in Reusable Software Components: a Golden Goose For Hackers
OS are valuable reusable software components. Hackers love them for targeting multiple victims. Learn how to defend against known vulnerabilities.
CVSS v3 Creates New Challenges For Developers
We explain why CVSS v3 is challenging developers in prioritizing open source vulnerabilities and how determining vulnerabilities’ effectiveness may help.
Top 10 Weirdest Names for Open Source Projects
The folks behind these creative projects assembled below took the name creation to a new level. We have sought out some of the strangest and cleverest open source project names
Top 3 Challenges to Fintech in a Post-Equifax World
financial institutions fall victim to breaches more often than companies in other industries.This is our breakdown of the top three challenges that we think fintechs should address head-on, yesterday.
Webinar: a lean-agile approach to achieving DevSecOps culture
DevSecOps offerings that are just DevOps lipstick on a traditional security-as-a-gate pig. Also, security specialists, especially at large organizations, believe that better security comes from robust independent gating. On the other hand, DevOps has proven that you can safely deploy an order of magnitude or more faster than human gating can achieve. What’s needed to...
Top 5 New Open Source Vulnerabilities in April 2018
We’ve put together a list of April’s top 5 new known open source security vulnerabilities, aggregated by the Mend database.
Top 5 Developer Jokes Explained (Because We Don’t Get Them Either)
When a developer says something, it more often than not, it means something entirely different from their perspective. The same can be said of their jokes.Here are the top 5 we found.
How Can We Make Sure We’re Using High-Quality Open Source Components?
Way back in the day (in software production speak that means three years ago), professionals in our ecosystem were still going back and forth about free and open source software vs. proprietary....
The Equifax Hack: 6 Months Later, What Did We Learn?
The Equifax breach was the largest single breach in history, with 145.5 million records being uncovered. Today, 6 months later, we look at the industry and see what we have learned from Equifax.
Open Source License Trends: 2017 vs. 2016
Our research team analyzed our database of over 3M open source components and 70M source files, to see which open source licenses were most popular in 2017, in comparison to 2016
Top 5 New Open Source Vulnerabilities in March 2018
This month’s roundup of the top 5 new open source security vulnerabilities, was aggregated by the Mend database, which is updated continuously from the NVD
Panel Discussion: What’s Hot in the Cyber Security Space
Love it or hate, the annual RSA Conference (RSAC) in San Francisco is the largest cyber security conference in the world. It is where the world comes to talk and learn security. Inevitably every year at RSAC there are some technologies that become the industry buzzwords and hot buttons. These generally stay on top of...
March Madness Comes to GitHub
Cheer on your favorite repositories as they go for the win Few things in the world of programming are as universal as GitHub. Boasting over 4 million users, the code-sharing site prides itself on...
How to Keep Your Apps Secure After Moving to SaaS From On-Prem
The world of how work gets done has changed dramatically, moving at a faster pace with a far greater emphasis on collaboration for improving productivity. Today, virtually all software has a cloud...
Webinar: 5 Things Every CISO Needs To Know About OS Security
Open Source has become the key building block for application development in today’s market, where companies are under constant pressure to accelerate time to market. The increasing adoption of open source components, however, has introduced new security challenges that most teams are not prepared to mitigate in their current posture. In this webinar, we will...
Staying on Top of Your Organization’s Technical Debt
The famous, American poet Emily Dickinson is credited back in the 19th century as stating that “forever is composed of nows.” Today, the world of software is all about rapid releases, innovative...
Top 5 New Open Source Vulnerabilities in February 2018
Top 5 New Open Source Vulnerabilities in February 2018 Some things never change. For starters, February started with Punxsutawney Phil, the hero of Groundhog Day, once again coming out of...
The Top 10 Companies Contributing to Open Source
Which company’s GitHub users are the most active contributors when it comes to the top open source languages?