We are excited to announce the inaugural edition of the Mend.io Open-Source Reliability Leaderboard! Powered by data from Renovate, the wildly popular open-source dependency management tool, the Leaderboard presents the top packages in terms of reliability across three of the most widely used languages.

This is the second article in our Application Security 101 mini-series. Read our first blog on how to configure HTTP response headers with security best practices. This time we’re going to discuss another misconfiguration that we often find during website penetration testing. This is not necessarily a ‘vulnerability’, however information disclosure via HTTP response headers can provide exact version information of the web server or web technologies in use on the underlying host.

In an ever-evolving threat landscape, safeguarding the integrity of applications is a real concern. The consequences of a single security breach can be devastating, leading to data links, financial losses, and irreparable damage to a company’s reputation. Organizations across industries must equip themselves with reasonable defense mechanisms to fortify their applications against malicious actors.

Mend.io CEO Rami Sass, Jeff Martin, VP of product management, and CMO Arabella Hallawell recently sat down for a panel discussion on AppSec today. In this second of a two-part series, they get tactical, as they discuss seven best practices for building modern AppSec programs.

At Mend.io, we’re always looking for ways to help organizations understand their application security risk. This week, we’re proud to announce a new initiative designed to make it easier than ever for organizations to visualize and remediate their biggest sources of risk: the Mend.io AppSec Risk Assessment Program.

In the rapidly evolving digital landscape, ensuring robust application security is paramount for organizations. With the emergence of AI-powered attacks and other sophisticated threats, it is crucial to integrate comprehensive Application Security Testing (AST) into the Software Development Lifecycle (SDLC).

In today’s digital landscape, the importance of application security cannot be overstated, as businesses worldwide face evolving cyber threats. Both defenders and attackers are now harnessing the power of Artificial Intelligence (AI) to their advantage. As AI-driven attacks become increasingly sophisticated, it is crucial for organizations to adopt a comprehensive approach to application security that effectively addresses this emerging threat landscape.

In today's digital landscape, ensuring the security of your applications is of paramount importance. AppSec, short for Application Security, involves safeguarding your software applications against potential threats and vulnerabilities. While implementing robust AppSec practices is crucial, effective leadership plays a vital role in setting up your business for AppSec success.

As we approach the second half of 2023, both security and development teams are seeing seismic shifts in the application security world. AI is powering a productivity revolution in development, enabling developers of all types (and even non-developers) to introduce code faster than ever. Meanwhile, it’s more difficult than ever for developers and AppSec professionals to identify and prioritize true risk to the business.

Security is an increasingly critical aspect of application development. As the volume of applications rapidly expands, so does the volume of source code, components, and dependencies used to create them. With them comes a growth in the potential attack surface and an escalation in the variety of threats to your application security.