Mend.io Webinars

Watch webinars about application security, DevSecOps, license compliance, supply chain security, and malicious packages.

Choose Your Type

Choose Your Topic

Our Latest Webinars

The CISO’s Guide to AppSec Innovation

Threat actors operate by an ironclad rule: If it’s important to businesses, it’s important to them. And they certainly understand the crucial business role of applications. Applications are now the number one attack vector, while software supply chain attacks increased 650 percent in a year. Clearly, if you don’t already have a modern application security...

More Security, Less Tool Switching: Mend SCA for Bitbucket Cloud

Your Bitbucket Cloud repos are key to building best-in-breed applications and a great place to shift left for better open source security. With other software composition analysis (SCA) tools, keeping your repos safe can be a cumbersome process requiring frequent tool-switching. Now, you can integrate world-class open source security that automates remediation and reduces mean...

Application Security Roundtable Discussion

Recent high-profile software supply chain breaches have sharpened the focus on application security. However, as cybersecurity professionals know all too well, concern doesn’t always equate to action. In theory, the rise of DevSecOps best practices that shift responsibility for application security further left should reduce, or outright eliminate, the vulnerabilities that now routinely make it...

AWS-Mend Fireside Chat: Building a Modern AppSec Program

The modern AppSec approach includes strategies and technologies that help teams prioritize. By giving them tools that efficiently identify security vulnerabilities that present the biggest risk, they can address them as quickly as possible. Learn how you can implement these strategies in a fireside chat with the experts from Amazon Web Services (AWS) and Mend....

The Need for Speed: Accelerated AppSec Scanning in Azure DevOps Repos

Until recently, application security testing was cumbersome and time-consuming. Now, enterprises using Azure DevOps Repos can add automated application security testing directly to the repo. This DevSecOps approach combines convenience for developers along with features that security professionals want such as centralized deployment, management and policy enforcement. If your organization uses Azure DevOps, attend this...

DevSecOps Roundtable Discussion

Attacks on software supply chains have greatly accelerated the rate at which organizations are now embracing DevSecOps best practices to secure both legacy monolithic and emerging cloud-native applications. Adopting a DevSecOps approach can help maintain the speed of application development and deployment while ensuring the security and stability of applications. But the range of technologies...

Software Security Challenges & Opportunities in Banking

The banking industry lives and dies by being fast, accurate, and completely dependable. It’s critical that you can detect, identify, and remediate software vulnerabilities as fast as possible, to reinforce application security most effectively. This is particularly vital with open source software that is increasingly prevalent in your sector, where its use continues to grow...

Building a Modern Application Security Strategy for an App-Run World

As a foundational element of the online world, applications are a top target for threat actors. However, traditional application security (AppSec) strategies often prove ineffective. To adapt and defend against our constantly evolving threat landscape, organizations need to build a modern AppSec strategy based on today’s digital world. Join Jeffrey Martin, VP of Outbound Product...

Why Software Composition Analysis is “Transformational” Technology

While software composition analysis (SCA) has been around for years, today’s analysts are enhancing their recommendation for enterprise development teams to use the technology. One example: at the recent Gartner Security and Risk Management Summit, Gartner analyst Dale Gardner said: “Managing open-source software is the easiest and most impactful thing you can do to improve...

Plan and Protect: A Modern Plan for Open-Source Security

In today’s digital world, open-source software is vital to modern application development. And as we know, what’s important to the business world is important to threat actors. But how can companies successfully combat the rising tide of vulnerabilities? Join experts from WhiteSource and Microsoft as they discuss the value of blending proactive practices to code...

How SAST and SCA together make your security stronger?

Risks from application vulnerabilities have multiplied as more applications get developed. To address this issue, Static Application Security Testing (SAST) identifies security vulnerabilities in the custom code written by application developers. Simultaneously, Software Composition Analysis (SCA) safeguards the open-source components that comprise between 60% and 80% of the codebase in modern applications. Join Susan St.Clair,...

How to Build a Threat Model for Kubernetes Systems

As Kubernetes adoption grows, its attack surface expands with it, allowing bad actors to find and exploit vulnerabilities in the cloud-native stack. In addition, the complexity of Kubernetes and the lack of proper security controls make the attacks targeting Kubernetes clusters and containers hosted in them a real risk for organizations. With the threat landscape...

SCA Your First Step Toward Supply Chain Security

Research shows that open source supply chain attacks are now the #2 most common attack vector. The breach of SolarWinds showed just how devastating a software supply chain attack can be. Protecting the software supply chain is a complex challenge that includes code signing, identity and access management, policy and software composition analysis (SCA).

Hidden Risks of Using Open Source Software

With each passing year, open source software use increases. But this trend does not come without a price. Modern software’s heavy reliance on open source components created space for exploitation by malicious actors. New threats are challenging to detect and to protect against. This session should arm you with knowledge about the risks and practical...

Addressing Security Debt with a Developer First approach webinar

As organizations struggle to keep the application layer secure, more security tasks are added to developers’ already heavy workloads. The result: alert fatigue, friction between security and development teams and, ultimately, higher risk as security debt continues to grow. Clearly, requiring developers to become instant security experts is not a viable option. What are the...

Managing Supply Chain Security Risks in the Enterprise

The sharp increase in attacks on organizations’ software supply chains requires policy makers to address supply chain risks with a more structured approach. President Biden’s Cybersecurity Executive Order #14028 and NTIA’s Software Component Transparency initiative aim to strengthen supply chain security through advanced visibility over organizations’ software bill of materials (SBOM). It’s crucial to formulate...

Reducing Open Source Security Risks in Apps & IoT Devices

Over the past years, attacks on the application layer have become more and more common. Recent research reports on reducing enterprise AppSec risks have found that the highest level of security risk is considered by many to be in the application layer. Applications remain a top cause of external breaches, and the prevalence of open...

Removing Technical and Security Debt with Dev – First AppSec tooling

As organizations AppSec tools and practices shift left in the DevOps pipeline, development teams are required to assume responsibility for security tasks. While this is an important step toward achieving DevSecOps maturity, integrating application security testing tools risks burying developers under a seemingly never-ending list of security alerts. How can organizations make sure that development...

Accelerating Innovation With Open Source and Agile Compliance in the Financial Sector

Open source adoption is increasing rapidly within the financial services industry. Thanks to cutting edge technologies, affordability, flexibility, and the power of the open source community – more and more financial institutions are encouraged to integrate open source components into their investment and more data processing systems. Meanwhile, the industry’s growing list of compliance initiatives...

Ataques Cibernéticos – Uma Perspectiva Open Source (Portuguese)

O volume de ataques maliciosos a sistemas continua aumentando ano após ano, com um número cada vez maior de hackers aproveitando o uso crescente do código aberto durante o desenvolvimento de software para distribuir pacotes maliciosos e explorar vulnerabilidades novas ou já conhecidas. Inscreva-se neste webinário onde vamos tratar de soluções para ajudar no desafio...

How Vonage Uses SCA to Automate Open Source Security & Compliance

With the growing adoption of SCA, a technology that provides both developer-focused tools and governance solutions, more companies place developers, IT, security, and legal on the same page. This is the case of global cloud communications provider Vonage, which needed a SCA solution that could integrate both open source security and license compliance checks automatically...

Achieving Automated Open Source Security with DevSecOps

Achieving Automated Open Source Security with DevSecOps DevSecOps sets out to relieve the costly and stressful delays that can occur when security testing is performed late in the game, by setting up processes and tools for “shifting left” so security testing can happen early and often. As organizations continue to embrace this DevSecOps approach, testing...

Shifting Priorities of Digital Native Security

Should a modern security strategy be based on the assumptions that source code will never be leaked, or that “internal” networks will never be breached? Join AWS, HackerOne and WhiteSource’s upcoming virtual roundtable discussion where our industry experts will discuss how the importance of security threats have changed as companies and products shift to a...

Open Source Risk Management in the Financial Sector

The days when financial institutions were hesitant to adopt open source software are over. Today, even the largest firms and banks in the financial sector have realized the massive benefits of using open source technology to build powerful, innovative applications at a reduced time-to-market. Join our live panel discussion led by industry leaders from Wells...

The Main Appsec for 2021

It’s no secret that 2020 was a difficult year. The pandemic and as a result, the lockdowns and quarantines sent tens of millions of global workers home, and the remote work caused a dramatic increase in the number of ransomware, phishing attacks, and accidental breaches by employees working at home. Despite the increases in these...

Selecting Technology Solution To Comply With OpenChain ISO Standard

OpenChain ISO/IEC 5230 is the International Standard for open source license compliance. Its relevance to modern software development is growing and it allows companies of all sizes and in all sectors to adopt the key requirements of a quality open source compliance program. The need to manage the software supply chain has never been more important given the ever-increasing dependence on third party...