Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Mend

mend

Securing AI vs AI Security: What Are We Talking About?

Feb 20, 2025 By Sarah Moglia In Mend
Lately, it seems like the only thing anyone is talking about in the technology sector is Artificial Intelligence. With good reason! AI is an incredibly powerful tool that is only going to grow in usage and scope. However, there seems to be a lot of confusion around various terms involving AI and security. The focus of this blog will be breaking down the differences between securing AI, secure AI use, AI for security, and AI safety.
Read Post
mend

2025 OWASP Top 10 for LLM Applications: A Quick Guide

Feb 6, 2025 By Aurora Starita In Mend
Published first as a whitepaper in late 2024, the 2025 OWASP Top 10 for LLM Applications is yet another monumental effort from OWASP made possible by a large number of experts in the fields of AI, cybersecurity, cloud technology, and beyond—including Mend.io Head of AI Bar-El Tayouri. LLMs are still new to the market but beginning to mature, and the OWASP Top 10 for LLM Applications is maturing alongside it.
Read Post
mend

Fake VS Code Extension on npm Spreads Multi-Stage Malware

Feb 6, 2025 By Tom Abai In Mend
In a recent discovery, our research team uncovered a fake VS-code extension—truffelvscode—typosquatting the popular truffle for VS-code extension. This extension serves as a trojan horse for multi-stage malware. This blog takes a closer look at how the malicious extension operates, its obfuscation techniques, and IOCs related to this incident.
Read Post

The Truth Behind Successful Security Operations Centers (SOC)

Feb 4, 2025 By Mend In Mend
In this eye-opening episode, Reanna Schultz, an experienced Security Operations Center (SOC) team leader, pulls back the curtain on what makes a modern SOC truly effective. Drawing from her six-year journey through various cybersecurity roles, she reveals how SOCs serve as an organization's first line of defense against cyber threats.
View Video
mend

AI-Powered Remediation: Mend SAST Performs +46% Better Than Competitors

Jan 28, 2025 By Aurora Starita In Mend
Security teams face limited resources and a growing attack surface while developers struggle with security responsibilities that feel burdensome, annoying, or seem to conflict with their first priorities. AppSec teams turn to static application security testing (SAST) tools to identify vulnerabilities in first-party code early in the software development lifecycle while developers can still fix issues before the code is old and forgotten about.
Read Post
mend

Mend.io and JetBrains Partner to Bring Enhanced Code Security to Developers

Jan 21, 2025 By Mend.io Communications In Mend
At Mend.io, we’re passionate about code security. That’s why we’re thrilled to announce a strategic partnership with JetBrains that integrates Mend.io’s robust security solutions directly into JetBrains IDEs and Qodana environments. With the help of Mend.io, JetBrains users will now have access to robust Software Composition Analysis (SCA) and malicious package detection.
Read Post

Building Trust in Cybersecurity: Insights from Veteran CISO Rob Wood

Jan 21, 2025 By Mend In Mend
Trust is the invisible currency of business, and it's built in drops but lost in buckets. As security professionals, we often focus on competence - having the right controls, frameworks, and processes in place. But competence alone isn't enough when things go wrong. When a security incident happens, your customers' trust in you hangs in the balance. They're scared, frustrated, and looking for leadership. This is where benevolence and integrity become crucial.
View Video

How Ping Identity Automated Security: From Manual Scans to 15min Results | Customer Success Story

Jan 20, 2025 By Mend In Mend
Join Bruno Lavit, Risk Manager at Ping Identity, as he shares how they transformed their application security process using Mend IO. Learn how Ping Identity went from time-consuming manual security scans to fully automated CI/CD pipeline integration, reducing scanning time from weeks to minutes. Ping Identity improved their security posture while accelerating software development. Perfect for AppSec managers, CSOs, and risk managers looking to enhance their security automation.
View Video
mend

Mend Renovate Enterprise Cloud: Dependency Updates at Scale

Jan 15, 2025 By Mend.io Communications In Mend
If there’s one thing development and security teams can agree on, it’s that updating dependencies is a worthwhile endeavor. Keeping open-source dependencies up to date reduces bugs—both now and in the long run. And whether those bugs are security vulnerabilities or functional issues, everyone is happy to see them go.
Read Post

Yahoo's AppSec Journey: Scaling Security with Mend.io

Jan 14, 2025 By Mend In Mend
Join Chris Madden, Distinguished Technical Security Engineer at Yahoo, as he shares how Yahoo scaled its application security program with Mend.io. In this insightful video, Chris details the challenges Yahoo faced in managing open source security and compliance risks, and how Mend.io's AppSec platform helped them: Discover how Mend.io enabled Yahoo to address critical vulnerabilities like Log4Shell, codify security policies, and achieve quantifiable benefits across their organization. If you're looking to improve your AppSec posture, especially at enterprise scale, this video is a must-watch!
View Video

Copyright © 2024 OpsMatters™. All rights reserved.