As the pace of application development accelerates, many companies face a growing challenge: how to reinforce security while keeping pace with the schedule of releases.

Mend Renovate is the industry leader in dependency management, downloaded more than a billion times — including by most of the top 10 tech giants — to help keep their applications safe and up to date. Its primary job is to scan your application software looking for external dependencies, and if newer versions are available, it will suggest code changes to upgrade you to the latest.

During Cybersecurity Awareness Month, we asked a panel of Mend.io’s finest minds what’s got their attention in the current cybersecurity landscape.

We’re delighted to announce that Mend.io has launched a new integration with Secure Code Warrior®, a platform that provides secure coding training and tools that help shift developer focus from vulnerability reaction to prevention.

The leaves are turning brilliant colors before they fall off and blow away here where I live just a few minutes outside of Salem, Massachusetts where autumn — Halloween specifically — is a very big deal. I’m not morbid but it’s a natural time to think about how things wind down and finally breathe their last breath. Nothing lasts forever. Not trees. Not animals. Not people. Not cars. Not houses. Not software. Especially not software.

New research from TechTarget’s Enterprise Strategy Group (ESG) has identified that organizations’ application security programs struggle to keep up with the pace of software development, and it reveals best practices to secure modern software applications.

October is officially Cybersecurity Awareness Month in the United States but September was a good month for it, too.

The Open Web Application Security Project (OWASP) has published the latest edition of its API Security Top Ten, which was first published in 2019. The Top Ten is a significant daughter list of the OWASP Top Ten, which is one of the most definitive lists of the most severe web application risks. Why is this important? What are its main findings? And what does this mean for application security?

There are many ways to incur technical debt but the broadest reason it both exists and persists is that most applications are old and most software developers are working on new things. In an ideal world, agile organizations would have very little technical debt because they should always return to their code and improve it. But in the real world, the fast pace of continuous rollouts means agile organizations can be especially prone to collecting large amounts of technical debt.

October 2023 marks the 20th anniversary of Cybersecurity Awareness Month. The initiative is spearheaded by the U.S. National Cybersecurity Alliance (NCA) and the Cybersecurity and Infrastructure Agency (CISA). It is a collaboration between these U.S. government agencies and industry to raise awareness about cybersecurity, the risks we face from digital crime and cyberattacks, and how to protect ourselves from them. This year, the campaign promotes four key behaviors to strengthen cybersecurity.