Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

What terrifies experts isn’t rogue AI - it’s humans trusting AI too soon, in the wrong places.

Join Jeson Taylor, Senior Cybersecurity Program Analyst, as he breaks down the key updates in NIST CSF 2.0 in this informative webinar. Gain valuable insights into what’s changed from NIST CSF 1.1 to 2.0, and what organizations need to know to stay aligned with the latest cybersecurity framework. This is the recording of our live webinar—perfect for anyone looking to understand the evolution of NIST CSF and how it impacts security programs moving forward.

ISO 27001 is the leading international standard for Information Security Management Systems (ISMS), designed to help organizations protect sensitive data and manage information security risks.

Union-based SQL injection is one of the oldest—and most dangerous—ways attackers steal sensitive data from your databases. By exploiting the UNION operator in SQL, they can merge malicious queries with legitimate ones and extract usernames, emails, passwords, and more. This video explains how the attack works, why it's still a threat, and what steps you can take to prevent it.

Most organizations have no idea how many APIs are running in their environment – and that's a significant security problem. In this essential discussion, A10's security experts Akhilesh Dhawan and Jamison Utter tackle one of cybersecurity's biggest blind spots: API compliance and protection. Unlike traditional applications, APIs operate without standardized functionality requirements, creating a regulatory nightmare. This lack of standards renders APIs nearly impossible to govern effectively, making API discovery a mission-critical security function. If you can't see it, you can't protect it.

Discover how CrowdStrike Falcon Adversary OverWatch with Next-Gen SIEM expands threat hunting across endpoints, identities, cloud, and third-party data to stop breaches quickly. By correlating subtle signals and enhancing them with world-class intelligence, OverWatch helps detect threats earlier and reduce alert fatigue. Gain 24/7 proactive threat hunting across your entire environment because breaches never wait.

Principal Engineer Kevin Guthrie walks us through his blog post, “Performance measurements… and the people who love them,” which explores how teams can better measure, visualize, and communicate web performance—beyond just raw metrics. Part of the “This Week in NET” show/podcast.

In this episode, host João Tomé is joined in Cloudflare’s Lisbon office by our Senior Research Engineer Thibault Meunier to explore a new proposal that could reshape how bots interact with the web in the age of AI. Timestamps: We go into Cloudflare’s proposal of using cryptographic signatures for bots, enabling websites to verify their identity. Why is this important? As AI systems rely increasingly on online content, this standard could help build a better relationship between content creators and AI platforms.

Malware and viruses are often used interchangeably, but they’re not the same! Watch this short video to learn the key differences between the two, how they work and how to protect yourself from them.