%term

The latest News and Information on Application Security including monitoring, testing, and open source.

AWS and Mend.io Webinar: Five Principles of Modern Application Security Programs

Sep 20, 2023 By Mend In Mend

Organizations of all kinds are experiencing increasing volumes, frequency, and severity of cyberattacks. 71% of IT and security leaders say that their portfolio of applications has become more vulnerable in the last year alone, and cybercrime is expected to cost companies worldwide around $10.5 trillion annually by 2025. To fight this trend, organizations need a resilient AppSec strategy that can reinforce trust, reliability, and security when faced with adverse conditions.

View Video

Mend

Read more about AWS and Mend.io Webinar: Five Principles of Modern Application Security Programs

How Supply Chain Attacks Work - And What You Can Do to Stop Them

Sep 20, 2023 By Mend In Mend

Supply chain attacks made headlines in 2022, sending shockwaves through the industry as security and business leaders scrambled to reexamine the security of their own supply chains. In this webinar, experts talk through the stages of a supply chain attack and the different types of attacks to look for. You will also learn what tools and strategies you can start using immediately to assess your own supply chain security and put defenses in place to keep your supply chain protected.

View Video

Mend

Read more about How Supply Chain Attacks Work - And What You Can Do to Stop Them

The CISO's Guide to AppSec Innovation

Sep 20, 2023 By Mend In Mend

Threat actors operate by an ironclad rule: If it’s important to businesses, it’s important to them. And they certainly understand the crucial business role of applications. Applications are now the number one attack vector, while software supply chain attacks increased 650 percent in a year. Clearly, if you don’t already have a modern application security program that can support today’s digital world, you need to build one.

View Video

Mend

Read more about The CISO's Guide to AppSec Innovation

Securing the Software Supply Chain: Key Findings From the Mend Open Source Risk Report

Sep 20, 2023 By Mend In Mend

Open source vulnerabilities are in permanent growth mode. A significant quarterly increase in the number of malicious packages published in registries such as npm and rubygems have shown the increasing need to protect against this trending attack. At the same time, companies struggle to close the remediation gap on known vulnerable open source code. It’s all in The Mend Open Source Risk Report, which details these and other significant risks posed by the ongoing rise in open source vulnerabilities and software supply chain attacks.

View Video

Mend

Read more about Securing the Software Supply Chain: Key Findings From the Mend Open Source Risk Report

Operationalizing DevSecOps Roundtable

Sep 20, 2023 By Mend In Mend

DevSecOps best practices are increasingly being adopted to better secure software supply chains. The challenge, though, is finding ways to operationalize these processes so they’re seamless and development and deployment don’t slow down. Join Shiri Arad Ivtsan, Senior Director of Product Management – Mend.io, in this editorial roundtable as these experts explore the challenges DevOps teams and developers face in operationalizing security into their workflows and processes, what’s taking so long to do so and how AI and automation can help.

View Video

Mend

Read more about Operationalizing DevSecOps Roundtable

Release with Trust or Die. Key swampUP 2023 Announcements

Sep 14, 2023 By Yoav Landman In JFrog

Every year, JFrog brings the DevOps community and some of the world’s leading corporations together for the annual swampUP conference, aimed at providing real solutions to developers and development teams in practical ways to prepare us all for what’s coming next.

Read Post

JFrog

Read more about Release with Trust or Die. Key swampUP 2023 Announcements

Container Security Fundamentals - Linux Capabilities (Part 1)

Sep 11, 2023 By Datadog In Datadog

In this video we're looking at how Linux capabilities can be used by general programs and containers to provide only specific rights they need instead of providing "root" privileges. To learn more, read our blog on Datadog’s Security Labs site.

View Video

Datadog

Read more about Container Security Fundamentals - Linux Capabilities (Part 1)

7 AppSec tips from Snowflake's Director of Product Security

Aug 31, 2023 By Brian Piper In Snyk

At this year’s AWS re:Invent, Mic McCully, Field CTO at Snyk, spoke with Jacob Salassi, Director of Product Security at Snowflake. They discussed what it looked like for Snowflake to overcome various security challenges with the right combination of processes, company culture shifts, and tool partners (including Snyk!). Read on to learn about the practices Jacob and his team established to create a successful application security program.

Read Post

Snyk

Read more about 7 AppSec tips from Snowflake's Director of Product Security

Malicious Packages Special Report Overview

Aug 24, 2023 By Mend In Mend

Malicious Packages: A Growing Threat to the Software Supply Chain The global economy runs on software applications, and their function and security are critical to every company’s success. Many applications have exploitable vulnerabilities that modern defenders struggle to effectively detect and remediate. In addition to the growing number of vulnerabilities, today’s security teams face the emerging challenge of malicious packages.

View Video

Mend

Read more about Malicious Packages Special Report Overview

Five Key Application Security Best Practices and Benefits for Maintaining Up-to-Date Dependencies

Aug 22, 2023 By Rhys Arkins In Mend

We’re using more code, software components, and dependencies than ever before, making security breaches an ever-growing threat. It’s easy for developers and DevOps teams to neglect dependency updates when faced with such high volume, but doing so allows applications to fall behind the latest versions if not properly managed. This typically leaves applications using outdated dependencies, which exposes them to ever-increasing security debt and risk.

Read Post