Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Today, we’re thrilled to announce Mend Forge, our new AI native innovation engine and your window into what’s next in application security. At Mend.io, we believe that security innovation shouldn’t happen in a black box. The security landscape is shifting fast, driven by the explosive growth of AI generated code, AI powered applications, and rapidly evolving software supply chains.

Our DevOps environment moves fast. Cloud instances spin up and down. Containers launch and retire. New APIs appear without warning. Trying to track it all with scripts, spreadsheets, and one-off scans meant I often missed things. A TLS certificate would slip through. An open port would go unnoticed. I’d spend hours chasing down who owned an asset.

Everyone talks about it, now one knows how others do it. Until now. Read on…

Every pipeline shift introduces a new blind spot. SAST catches coding flaws, and SCA catches dependency risks; however, as delivery moves to CI/CD, new risks have emerged, not in the code itself, but in how it is executed. From broken access controls and authentication drift to logic flaws behind feature flags, these threats show up in production. Continuous DAST in CI/CD pipelines isn’t just “another layer” but a runtime check that’s most likely to catch what gets exploited.

As generative AI tools like ChatGPT, Claude, and others become increasingly integrated into enterprise workflows, a new security imperative has emerged: system prompt hardening. A system prompt is a set of instructions given to an AI model that defines its role, behavior, tone, and constraints for a session. It sets the foundation for how the model responds to user input and remains active throughout the conversation.