Welcome To Mend Resource Center

Read about application security, DevSecOps, open source license compliance and audit

Choose Your Type

Choose Your Topic

Our Latest Content

Plan and Protect: A Modern Plan for Open-Source Security

In today’s digital world, open-source software is vital to modern application development. And as we know, what’s important to the business world is important to threat actors. But how can companies successfully combat the rising tide of vulnerabilities? Join experts from WhiteSource and Microsoft as they discuss the value of blending proactive practices to code...

AWS Targeted by a Package Backfill Attack

On April 28 and April 30, respectively, Mend Diffend identified, blocked, and reported two packages we deemed were malicious versions of original Amazon Web Services (AWS) packages. Whitesource security experts have reached out to contacts at Amazon to notify them of our findings.  This discovery may point to a new takeover method that targets packages...

How SAST and SCA together make your security stronger?

Risks from application vulnerabilities have multiplied as more applications get developed. To address this issue, Static Application Security Testing (SAST) identifies security vulnerabilities in the custom code written by application developers. Simultaneously, Software Composition Analysis (SCA) safeguards the open-source components that comprise between 60% and 80% of the codebase in modern applications. Join Susan St.Clair,...