Mend.io Resource Center

Read about application security, DevSecOps, license compliance, supply chain security, and malicious packages.

Choose Your Type

Choose Your Topic

Our Latest Content

FINOS: The 2022 State of Open Source in Financial Services

This report identifies the extent to which the financial services industry is active in open source, creating a baseline of understanding of governance, leadership, consumption, contribution, culture, and overall open source aspiration. Further, the report highlights the obstacles and challenges to improving industry-wide collaboration and concludes with a set of actionable insights for improving the...

The CISO’s Guide to AppSec Innovation

Threat actors operate by an ironclad rule: If it’s important to businesses, it’s important to them. And they certainly understand the crucial business role of applications. Applications are now the number one attack vector, while software supply chain attacks increased 650 percent in a year. Clearly, if you don’t already have a modern application security...

Guide to Open Source Software Security

This white paper from Mend, the market leader in SCA, explains how to build an open source security program that gives you confidence that everything is visible, policies are being followed, and your developers are actually using the security tools provided for them. Learn how to build your open source security program today – download...

More Security, Less Tool Switching: Mend SCA for Bitbucket Cloud

Your Bitbucket Cloud repos are key to building best-in-breed applications and a great place to shift left for better open source security. With other software composition analysis (SCA) tools, keeping your repos safe can be a cumbersome process requiring frequent tool-switching. Now, you can integrate world-class open source security that automates remediation and reduces mean...

Application Security Roundtable Discussion

Recent high-profile software supply chain breaches have sharpened the focus on application security. However, as cybersecurity professionals know all too well, concern doesn’t always equate to action. In theory, the rise of DevSecOps best practices that shift responsibility for application security further left should reduce, or outright eliminate, the vulnerabilities that now routinely make it...

AWS-Mend Fireside Chat: Building a Modern AppSec Program

The modern AppSec approach includes strategies and technologies that help teams prioritize. By giving them tools that efficiently identify security vulnerabilities that present the biggest risk, they can address them as quickly as possible. Learn how you can implement these strategies in a fireside chat with the experts from Amazon Web Services (AWS) and Mend....

The Need for Speed: Accelerated AppSec Scanning in Azure DevOps Repos

Until recently, application security testing was cumbersome and time-consuming. Now, enterprises using Azure DevOps Repos can add automated application security testing directly to the repo. This DevSecOps approach combines convenience for developers along with features that security professionals want such as centralized deployment, management and policy enforcement. If your organization uses Azure DevOps, attend this...