First started as an open-source project in 2018, Mend Renovate automates open source dependency updates in software projects. Renovate has enabled a diverse user base across github.com and gitlab.com, reducing risk by mitigating security vulnerabilities and saving developers’ time. Renovate is now endorsed by OpenSSF and Google as the industry standard tool for dependency updates.
TFiR has produced its brand-new video show called Let’s See. This is the first time that TFiR has come up with a demo show where we will get to see how some of the technologies and products work.
Modern organizations are adopting a cloud-native approach to their application development. While this approach provides many benefits, it also makes organizations face several challenges, including the challenge of securing the application with a completely different approach. In this blog, we will discuss how software changes and how organizations should think about securing it.
‘Tis the season for a busy weekend of software supply chain attacks. Over the past three days, the Mend research team identified two separate attacks that published malicious packages to npm. Mend Supply Chain Defender quickly identified the malicious code; the owners were notified, and the packages were removed. That does not fully remove the risk, however. The first package has 9.5 million downloads, while account CI keys were compromised in the second, which can cause significant damage.
Just like shopping on Black Friday, AWS re:Invent has become a post-Thanksgiving tradition for some of us at Datadog. We were excited to join tens of thousands of fellow AWS users and partners for this annual gathering that features new product announcements, technical sessions, networking, and fun. This year, we saw three themes emerge from the conference announcements and sessions.
