Optimizing AppSec by Enhancing Integration with Jira
Discover Mend.io's new enhancement to its Jira integration capabilities.
Read about application security, DevSecOps, license compliance, supply chain security, and malicious packages.
Discover Mend.io's new enhancement to its Jira integration capabilities.
Mend.io has achieved Amazon Web Services (AWS) Security Competency status. This designation recognizes that Mend.io has demonstrated proven technology and deep expertise to help customers achieve cloud security goals and reinforces Mend.io’s position as a trusted member of the AWS Partner Network (APN).
A new malicious package named 'Vibranced' has been detected on the Node Package Manager (npm) repository and poses a significant threat to users who may unknowingly install it. The package has been carefully crafted to mimic the popular ‘colors’ package.
Malicious packages are a growing threat, and they may already have infiltrated your applications. Malicious package attacks spiked significantly from 2021 to 2022, further indication of their growing security risk to the open source ecosystem. Mend.io research observed a 315 percent spike in the publication of malicious packages to open source registries such as npm...
Research from Mend.io’s new Malicious Packages Special Report: Attacks Move Beyond Vulnerabilities illustrates the growing threat of malicious packages, including a 315 percent increase in attacks from 2021 to 2022.
Discover how vulnerabilities in healthcare tech can threaten lives, and how the U.S. FDA has been granted authority to improve the security of medical devices and apps.
What are the implications for application security of the EU’s new cybersecurity regulations?
Learn why you should scan applications in the repository to accelerate and improve your application security.
The International Transgender Day of Visibility celebrates transgender people, shines a light on the discrimination they face worldwide, and celebrates their contributions to society.
Discover how integrating AppSec into your repository, like Bitbucket Cloud, can improve and simplify your application security.
As a foundational element of the digital world, applications are increasingly targeted by threat actors. To adapt to the constantly evolving threat landscape of today’s digital world, IT and security leaders need to build a modern AppSec strategy designed to support demanding development cycles while also ensuring application security. Learn how to build your AppSec...
Mend celebrates ten trailblazing women in tech for Women’s History Month.
How does the shift to the Cloud affect application security?
How do fintech companies address the risks posed by vulnerabilities like Spring4Shell? Here’s how Mend tackled the issue for MSCI to speedily thwart any potential threats.
Discover what the key considerations are for building a successful cloud security, according to a recent panel discussion attended by Mend’s Jack Marsal.
Learn the five key principles of modern application security and why they’re so vital.
Kubernetes security should be a primary concern and not an afterthought. Learn how to avoid risks by applying security best practices.
Mend celebrates International Women’s Day with insights from some of our talented women about building a career in technology.
Discover how financial services are embracing open source in this summary of the Fintech Open Source Foundation’s latest report.
New Biden Cybersecurity Strategy Assigns Responsibility to Tech Firms
Learn who should take responsibility for application security, according to Mend VP of Product Management Jeffrey Martin.
Learn about the key findings of Mend’s Open Source Risk Report, and how to secure your software supply chain.
Applications are now the number one attack vector and software supply chain attacks increased 650% in a year. Find out how to build a modern application security program.
Learn how CI/CD (continuous integration/continuous delivery) pushes frequent, incremental software updates & fixes regardless of size using automation tools.
Discover how you can build an effective modern application security program by increasing awareness and understanding in your organization.
Discover the essential features and best practices you should have in your license management tool.
Discover what you can do to protect your AppSec with a modern application security strategy.
Docker is a complicated beast, and there is no simple trick you can use to maintain Docker container security. We offer a set of best practices to help you.
What should you look for in a modern open source license management tool, why and how to do so, the challenges and the future of open source license management.
This report identifies the extent to which the financial services industry is active in open source, creating a baseline of understanding of governance, leadership, consumption, contribution, culture, and overall open source aspiration. Further, the report highlights the obstacles and challenges to improving industry-wide collaboration and concludes with a set of actionable insights for improving the...
Open source vulnerabilities are in permanent growth mode. A significant quarterly increase in the number of malicious packages published in registries such as npm and rubygems have shown the increasing need to protect against this trending attack. At the same time, companies struggle to close the remediation gap on known vulnerable open source code. It’s...
Threat actors operate by an ironclad rule: If it’s important to businesses, it’s important to them. And they certainly understand the crucial business role of applications. Applications are now the number one attack vector, while software supply chain attacks increased 650 percent in a year. Clearly, if you don’t already have a modern application security...
Learn how to build your open source security program.
Your Bitbucket Cloud repos are key to building best-in-breed applications and a great place to shift left for better open source security. With other software composition analysis (SCA) tools, keeping your repos safe can be a cumbersome process requiring frequent tool-switching. Now, you can integrate world-class open source security that automates remediation and reduces mean...
The final part of a series of three blogs on software and application security in banking and fintech.
Learn about the risks posed by leaked code and malicious packages at Russian tech giant Yandex.