3 Critical Best Practices of Software Supply Chain Security:
Understand how software supply chains work in large enterprises, discover the most important elements of software supply chain management, and how Mend can address them.
Choose Your Type
Choose Your Topic
Our Latest Content
3 New GitHub Features to Reinforce Your Code, Repo, and Dependency Security
Discover three great new GitHub features to strengthen your security and learn why dependency security is vital to safeguarding your code and data.
A Weaponized npm Package ‘@core-pas/cyb-core’ Proclaimed Pentesting Related
On June 6th, 2022, the Mend research team detected and flagged a malicious dependency confusion attack in npm exfiltrating Windows SAM and SYSTEM files.
RSA 2022–What a Week!
After two years of virtual events, the Mend team was beyond excited to gather in San Francisco’s Moscone Center and connect with the tech community face to face. This year’s theme was ‘transformation,’ which couldn’t be more appropriate for us as we unveiled our new company name and integrated application security platform with automated remediation...
Cloud Security Architecture: A Practical Guide
Learn about the importance of a cloud security architecture, the main risks you should consider when building it, and key principles to guide your work.
Introducing Mend Supply Chain Defender Integration with JFrog Artifactory
Mend announces integration of Supply Chain Defender (formerly Diffend) with JFrog Artifactory Plug-In.
The Era of Automated SAST has Begun
Introducing the Mend Application Security Platform, which offers automated remediation for both open source and custom code.
Mend Epitomizes RSA 2022 Theme, “Transform”
Learn how Mend is bringing RSA 2022’s “transform” theme to life with its own transformation, what that means for customers, and what we’re anticipating from the conference.
From WhiteSource to Mend—A Rebrand Journey
When it comes to rebranding, it’s not about the destination, it’s about the journey How important is a company name, really? Turns out that it is pretty important, especially if the name you currently have does not represent what the company has become, or where it is going. Our name is what defines the vision,...
WhiteSource is Now Mend: You Code, We Cure
Volunteer delegation and charitable donations made to assist and aid those fleeing the crisis in the Ukraine
Vulnerability Remediation: A Practical Guide
Understand the difference between vulnerability remediation and mitigation. Discover tools and an organizational process that can help you remediate vulnerabilities.
Impact Analysis: CVE-2022-29218, Allows Unauthorized Takeover of New Gem Versions via Cache Poisoning
WhiteSource security analyzed the possible impact of a newly discovered RubyGems vulnerability that uses cache poisoning to implement an unauthorized takeover of new gem versions.