Read about application security, DevSecOps, license compliance, and software supply chain security.
Part two of three blogs in a series that focuses on the challenges, opportunities and solutions for software and application security in banking and fintech.
Experts from Mend, FINOS, the Linux Foundation and Morgan Stanley discuss the challenges and opportunities of software and application security in banking and fintech. Part one of three.
Kubernetes is widely used but comes with security risks. Discover what these risks are, how they can be exploited, how to define and implement security for Kubernetes configurations, and how to protect Kubernetes applications.
Mend researchers identify a new type of malicious code that deletes directories.
Attacks targeting the software supply chain are on the rise. Learn why an SBOM is vital to Application Security and Compliance.
Our team detected an attack on npm packages that utilized typosquatting to compromise nearly 300 NPM packages.
Discover the top ten application security best practices to safeguard your applications and minimize the impact of vulnerabilities.
While detecting vulnerabilities is important, you also need to know the ones that pose the highest risk to your business. Learn why prioritizing vulnerabilities is vital to effective application security, the key considerations when prioritizing, and what an effective prioritization process looks like.
Updating software dependencies is vital to software and application security, but there are challenges. Learn the risks associated with updating dependencies, why they occur, and how you can address them.
Learn how you can implement modern AppSec strategies in a fireside chat with the experts from Amazon Web Services (AWS) and Mend.io.
If your organization uses Azure DevOps, attend this webinar to learn how easy it is to add application security testing to your repo.
Building a modern application security program requires a robust DevSecOps environment built on collaboration. For many companies, that means shifting away from IT silos towards a shared-responsibility mindset regarding security across the organization.
Cloud-native applications are at particular risk from vulnerabilities in their code. Discover why and how you should assess these risks in order to reinforce your security.
Over the past three days, the Mend research team identified two separate attacks that published malicious packages to npm: reverse remote shell as part of typosquatting attack on the popular ‘cors’ package, and an ATO attack on the “Just Eat” organization.
Mend SCA available as an action within new DevOps service, Amazon CodeCatalyst
Why is integrating dependency management into cloud services so important, how do you manage dependencies better, and what does Mend do with Amazon Web Services (AWS) to help you achieve this?
Mend’s new integration with Bitbucket Cloud brings smart, automated risk reduction to DevOps teams with ultra-fast rollouts and 100 percent adoption rates.
Learn why teams that pay attention to governance by using a CSIRP are more successful at combating the continued growth of cyberattacks.
Learn all about SAST - what it is, how it works, its strengths and weaknesses, how it can be improved and what to look for in SAST tools.
Discover what a good AppSec program should look like and the best practices to implement it, according to Ori Bach, EVP of Product at Mend, and Harry Mower, Director, AWS CodeSuite.
Discover why your DevOps platform should be complemented with a security solution, learn how to achieve this, and find out how Mend’s partnership with CloudBees delivers security that safeguards your code, software, and applications.
Get to know all about DevSecOps and the main tools and practices that organizations should adopt in order to implement a DevSecOps pipeline.