Mend API Helps Make SBOMs Simple
Learn how Mend API simplifies the creation of SBOMs for better supply chain security. Stay ahead in DevSecOps with our automated tool.
Read about application security, DevSecOps, license compliance, and software supply chain security.
Learn how Mend API simplifies the creation of SBOMs for better supply chain security. Stay ahead in DevSecOps with our automated tool.
Discover how encrypted JSON files are being used to hide malicious code. Learn about the latest security findings and how to protect your apps.
Learn how attackers leverage example apps and reproduction scripts to target open source software maintainers.
Learn how to conquer Remote Code Execution (RCE) attacks in npm. Find out why npm is susceptible, the threats of RCE, and more.
Discover the truth about Application Testing with SAST. Learn about common myths, integration, and reducing false positives for security.
Learn how to reduce enterprise application security risks without disrupting deadlines. Join in a discussion on closing the gap.
A comprehensive guide to cloud-native applications, technology, and security. Learn about containers, microservices, CI/CD, and more.
Attacker floods npm with crypto-mining packages that mine Monero with default configuration. Learn about supply chain security and more.
Mend stands with employees after the U.S. Supreme Court abortion ruling, providing support for access to care for medical procedures.
Celebrate Pride 2022 with Mend as we support LGBTQ+ in tech. Hear from employees on their experiences and advice for the tech workplace.
Discover six key steps to achieve zero trust in application security. Learn how to protect your organization from cyberattacks.
Discover how a single author uploaded 168 malicious npm packages in a dependency confusion attack. Learn how Mend blocked these threats.
Learn about the 3 critical best practices of software supply chain security to protect your organization from malicious packages.
Learn about the latest GitHub features to enhance your code security and dependency management. Stay ahead of vulnerabilities.
Discover how a weaponized npm package was detected and removed, how it targeting sensitive information in Windows and UNIX systems.
Mend team recaps their week at RSA 2022 in San Francisco, discussing the importance of automating application security remediation and trends
Learn about Cloud Security Architecture. Understand the importance, core principles, and threats to secure your cloud environment effectively.
Discover how Mend Supply Chain Defender integrates with JFrog Artifactory to block malicious software threats in your code base.
Discover the Era of Automated SAST with Mend.io's Application Security Platform. Automated remediation, fast scanning, and language support.
Learn how Mend is bringing RSA 2022’s “transform” theme to life with its own transformation, what that means for customers, and what we’re anticipating from the conference.
From WhiteSource to Mend—A Rebrand Journey. Follow our evolution from open source to all code application security.
Mend, formerly WhiteSource, focuses on automating application security with a remediation-first approach for open source and custom code.
Practical guide to vulnerability remediation for developers & security teams. Learn how to detect, prioritize, fix, & monitor vulnerabilities.
Learn about the impact analysis of CVE-2022-29218, a vulnerability allowing unauthorized takeover of new Gem versions via cache poisoning.
Discover the latest typosquatting attack on the npm package 'colors' using a cross-language technique.
Impact Analysis of RubyGems Critical CVE-2022-29176 Unauthorized Package Takeover. Learn about the vulnerability, impact assessment, and more
Discover the NIST Supply Chain Risk Management Program.. Learn how to manage cybersecurity risks in digital supply chains effectively.
Learn how to protect your open-source software with a modern security plan. Join the WhiteSource and Microsoft webinar.
Learn why vulnerability management must go beyond CVSS to priority scoring for better open source security and remediation prioritization.
Discover how AWS was targeted by a malicious package backfill attack, the methods used by attackers, and how to protect against such attacks.
Discover the top 5 vulnerability assessment scanning tools and learn how to prioritize and remediate vulnerabilities to secure your org.
Mend.io specializes in AppSec to protect orgs from cyber threats. Learn about their journey, products, and solutions to combat new threats.
Discover how threat actors are using hex encoding and delayed execution to deploy malicious packages. Learn how to protect your applications.
Learn how combining Static Application Security Testing (SAST) and Software Composition Analysis (SCA) strengthens your security.
Join Mend in supporting Ukrainian war refugees with volunteer efforts in Poland. Hear firsthand experiences from Mend team members.
Learn best practices for immediate remediation of the Spring4Shell vulnerability, including detection, and prioritization.