%term

Catch Bugs Early: Dynamic Scanning & the Cake Analogy Explained #cybersec

Sep 5, 2025 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about Catch Bugs Early: Dynamic Scanning & the Cake Analogy Explained #cybersec

Speedrun Incident Investigations Across GitHub, AWS, Okta, and More

Sep 5, 2025 By Jack Pitts In Teleport

Security teams spend hours stitching together logs from disconnected systems during investigations. Learn how to get clarity in minutes by tracing identity signals across everything in your stack.

Read Post

Teleport

Read more about Speedrun Incident Investigations Across GitHub, AWS, Okta, and More

The GhostAction Supply Chain Attack: Compromised GitHub Workflows And Stolen Secrets

Sep 5, 2025 By GitGuardian In GitGuardian

GitGuardian has uncovered GhostAction, a massive supply chain attack targeting 327 GitHub users and 817 repositories. Attackers injected malicious workflows that exfiltrated over 3,325 secrets, including npm, PyPI, and DockerHub tokens. Watch as GitGuardian's Senior Cybersecurity Researcher, Guillaume Valadon breaks down how this campaign unfolded, what was stolen, and what developers need to know to stay safe.

View Video

GitGuardian

Read more about The GhostAction Supply Chain Attack: Compromised GitHub Workflows And Stolen Secrets

Snyk MCP Found Security Flaws INSTANTLY with Gemini...

Sep 5, 2025 By Snyk In Snyk

Snyk MCP Found Security Flaws INSTANTLY with Gemini...

View Video

Snyk

Read more about Snyk MCP Found Security Flaws INSTANTLY with Gemini...

How to Identify your Configuration Settings File

Sep 4, 2025 By Snyk In Snyk

How to Identify your Configuration Settings File.

View Video

Snyk

Read more about How to Identify your Configuration Settings File

Why AI Security Tools Are Different and 9 Tools to Know in 2025

Sep 4, 2025 By Mend.io Team In Mend

As companies embed AI models into their applications, they face risks that traditional security tools weren’t designed to catch, such as prompt injection, data leakage, model poisoning, and shadow AI. Addressing these threats requires a new class of security tools built specifically for AI specific risk.

Read Post

Mend

Read more about Why AI Security Tools Are Different and 9 Tools to Know in 2025

Data Rejection and API Best Practice #cybersecurity

Sep 4, 2025 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about Data Rejection and API Best Practice #cybersecurity

Why We Built CertKit

Sep 3, 2025 By Todd H. Gardner In CertKit

SSL Certificates have always been a pain in the butt. From the magical OpenSSL incantations to generate a CSR to the various formats that each webserver requires. Remembering what hardware needs which certificates. Managing scheduled renewals and runbooks for which file goes where. Screw anything up and your site is “Not Secure”. And now Apple wants us to do it every 47 days. Remember when we had HTTP-only websites? Or when certificates lasted three years? Then one?

Read Post

CertKit

Read more about Why We Built CertKit

FFIEC Sunsets The Cybersecurity Assessment Tool (CAT)

Sep 2, 2025 By Jonny Gold In CalCom

The Federal Financial Institutions Examination Council (FFIEC) retired its Cybersecurity Assessment Tool (CAT) on August 31, 2025. This self-assessment resource, used by financial institutions to gauge cybersecurity risk and readiness, won’t be updated going forward. The FFIEC launched CAT in 2015 to help organizations measure their exposure to risk and assess their cyber preparedness.

Read Post

CalCom

Read more about FFIEC Sunsets The Cybersecurity Assessment Tool (CAT)

WTF are MCP servers and why do we need them

Sep 2, 2025 By Ben Hirschberg In ARMO

These days it seems everyone is obsessed with MCP servers, me included. After studying the topic and building a few MCP servers myself, I have decided to share the knowledge I have gained with a series of blogs on MCP servers and their security implications.

Read Post

ARMO

Read more about WTF are MCP servers and why do we need them

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Catch Bugs Early: Dynamic Scanning & the Cake Analogy Explained #cybersec

Speedrun Incident Investigations Across GitHub, AWS, Okta, and More

The GhostAction Supply Chain Attack: Compromised GitHub Workflows And Stolen Secrets

Snyk MCP Found Security Flaws INSTANTLY with Gemini...

How to Identify your Configuration Settings File

Why AI Security Tools Are Different and 9 Tools to Know in 2025

Data Rejection and API Best Practice #cybersecurity

Why We Built CertKit

FFIEC Sunsets The Cybersecurity Assessment Tool (CAT)

WTF are MCP servers and why do we need them

Monthly Archive

Follow Us