Watch webinars about application security, DevSecOps, license compliance and software supply chain security.
Learn how to apply security and risk reduction techniques at each stage of the SDLC. And, why automating risk reduction is the only way to reduce cloud-native application risk at an enterprise scale.
Learn practical steps to building a sustainable application and software supply chain security strategy that meets today’s business demands and those that may arise in the future.
Learn more about the need to identify open-source code and the license types being used. And, why you need to identify not just direct dependencies but also transitive dependencies.
Learn more about the growing threat of malicious packages in this webinar with Jeanette Sherman, Sr. Product Marketing Manager - Mend.io.
Join Shiri Arad Ivtsan, Senior Director of Product Management - Mend.io, in this editorial roundtable to explore the challenges DevOps teams and developers face in operationalizing security into their workflows and processes, and how AI and automation can help.
Join Jeff Martin, Vice President of Product Management - Mend.io to learn how software supply chain threats and increasing regulatory pressures make supply chain security a top priority for software organizations.
Join Sam Quackenbush, Sr. Director of Field Innovation & Strategy – Mend.io for this live panel roundtable to discuss some of the top cyberlaw and legal topics affecting software supply chain security.
Learn more about shrinking your security debt by reducing the attack surface early on and throughout development.
Join Rhys Arkins, Vice President of Product Management – Mend.io in this panel of application and software security experts as they discuss strategies for addressing the malicious packages threat vector.
Learn more about the risk of not evaluating open source in M&A, how companies can prepare to avoid legal risks of non-compliance, and the role of open source license compliance.
Join VP of Product Management, Jeff Martin and Principal Product Architect, Maciej Mensfeld as they dig into the findings from the Mend Malicious Packages Special Report.
Learn what DevOps can do to strengthen application security and the key principles of effective AppSec programs.
In this webinar, learn the stages of a software supply chain attack and the different types of attacks to look for.
Join Mend.io CEO Rami Sass, Jeff Martin, VP of product management, and CMO Arabella Hallawell for a panel discussion on the growing significance of AppSec, why traditional approaches fall short, and how to create a modern, effective AppSec program.
Join Jeff Martin, Vice President of Product Management at Mend.io, as he discusses key findings from the Open Source Risk Report.
Join Chris Lindsey, Senior Solutions Architect - Mend.io, to learn how to make an effective application security program that can support today’s digital world.
Learn how to integrate open source security that automates remediation and reduces mean time to recovery (MTTR) by 80% or more, while staying in the Bitbucket Cloud repositories that your teams know and love.
Join Jeff Martin, VP of Product at Mend.io in this application security roundtable discussion.
Learn how you can implement modern AppSec strategies in a fireside chat with the experts from Amazon Web Services (AWS) and Mend.io.
If your organization uses Azure DevOps, attend this webinar to learn how easy it is to add application security testing to your repo.
Join Jack Marsal, Sr Director of Product Marketing at Mend.io, in this DevSecOps roundtable discussion.
Learn about software security challenges & opportunities and how you can detect, identify, and remediate software vulnerabilities as fast as possible, to reinforce application security most effectively.
Join Jeffrey Martin, VP of Outbound Product Management at Mend, and guest speaker Janet Worthington, Senior Analyst at Forrester as they discuss the state of application security today in a constantly changing environment.
Attend this webinar to learn more about how software composition analysis (SCA) works and how recent advances have made SCA easier than ever to use.
Discover how you can use just one interface to find and fix open source and proprietary code security issues, and how to reduce the time it takes to fix issues, so no time is wasted researching.
In today’s digital world, open-source software is vital to modern application development. And as we know, what’s important to the business world is important to threat actors. But how can companies successfully combat the rising tide of vulnerabilities? Join experts from WhiteSource and Microsoft as they discuss the value of blending proactive practices to code...
Risks from application vulnerabilities have multiplied as more applications get developed. To address this issue, Static Application Security Testing (SAST) identifies security vulnerabilities in the custom code written by application developers. Simultaneously, Software Composition Analysis (SCA) safeguards the open-source components that comprise between 60% and 80% of the codebase in modern applications. Join Susan St.Clair,...
How prepared was your firm to handle the Log4j vulnerability that was announced in December 2021? The best firms were prepared and loaded for bear, and they completely mitigated and remediated their risk within hours of the announcement. What can you learn from their approach and how can you prepare for the next inevitable widespread...
Learn how the most popular JavaScript package manager, npm, is being used by malicious actors to launch attacks, run botnets and steal credentials and cryptocurrency. Attend this webinar to: Gain insight into the 1,300 malicious npm packages found by WhiteSource Diffend Learn how threat actors are using npms to launch attacks—and how to stop them...
Historically, if organizations wanted to automate and enforce application security testing, the best place to do that was within CI/CD pipelines. As time went on, we realized that while pipeline scanning has its place in securing applications, it doesn’t scale as more and more plugins are needed and with that, the task of managing them...
Join us to learn about typical time frames for NPM vulnerability detection and how to find the quickest and least painful path to remediation.
The announcement of Log4j vulnerability sent security and development teams into a tailspin — not once, but multiple times. Throughout it all, WhiteSource has been providing tools for discovery and automated remediation, and working closely with our customers. Join our experts to learn what has been going on, such as: What percentage of organizations were...
As Kubernetes adoption grows, its attack surface expands with it, allowing bad actors to find and exploit vulnerabilities in the cloud-native stack. In addition, the complexity of Kubernetes and the lack of proper security controls make the attacks targeting Kubernetes clusters and containers hosted in them a real risk for organizations. With the threat landscape...
When the zero-day vulnerability in Log4j was reported, most organizations immediately sprung into action. But anyone who’s dealt with a vulnerability this critical and ubiquitous in an enterprise organization knows it’s not an easy task. Even with the right tools and policies, mitigating this type of threat is always a challenge. In this webinar, our...
Research shows that open source supply chain attacks are now the #2 most common attack vector. The breach of SolarWinds showed just how devastating a software supply chain attack can be. Protecting the software supply chain is a complex challenge that includes code signing, identity and access management, policy and software composition analysis (SCA).
When you ask developers their thoughts on security, they’ll likely tell you security is slowing them down and getting in the way of their ‘actual’ job. But it doesn’t have to be that way; with the right tools and processes in place, the friction between developers and security teams can be reduced, if not eliminated...