Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Build Trust Now: Transparent Dialogue for a Trustworthy Organization #trust #cybersecurity

May 7, 2025 By Mend In Mend
Building trust shouldn't start when there's already a problem. Learn how to proactively create transparent, trust-first conversations with customers—and why trust must be engineered into your security programs from the start. Building trust isn't reactive—it’s proactive. Discover how to open transparent conversations before issues arise, why trust must be built into every layer of your security program, and how to communicate that trust effectively during the sales process.
View Video
mend

Dynamic Application Security Testing: DAST Basics

May 5, 2025 By Mend.io Communications In Mend
DAST is a security tool that attempts to penetrate an application from the outside by checking its exposed interfaces for vulnerabilities and flaws. Sometimes called a web application vulnerability scanner, it is a type of black-box security test. It looks for security vulnerabilities by simulating external attacks on an application while the application is running.
Read Post
mend

Introducing Mend's Integration with Microsoft Defender for Cloud

Apr 29, 2025 By Mend.io Communications In Mend
We’re excited to announce a powerful new integration between Mend.io and Microsoft Defender for Cloud (MDC)—a step forward in our mission to bring intelligent, actionable, and context-rich open source security directly into the cloud security workflow. As organizations embrace cloud-native architectures, security teams face the growing challenge of identifying and prioritizing the open source software risks that truly matter.
Read Post

Securing AI Isn't Just About Your Pipeline #AIsecurity #DevSecOps #AppSec #redteaming

Apr 28, 2025 By Mend In Mend
Building AI apps securely is not just about plugging tools into your dev pipeline. It’s about knowing what to do with those tools after they give you results. What risks matter? What policies should you apply? And when is the right time to integrate AI security into your CI/CD? Bar-El Tayouri sits down with Ashish Rajan from The Cloud Security Podcast to discuss why red teaming and scanning aren’t enough and how getting comfortable with AI security before production pays off long-term.
View Video
mend

Mend.io & HeroDevs Partnership: Eliminate Risks in Deprecated Package

Apr 22, 2025 By Sarah Moglia In Mend
The increasing reliance on open-source software coupled with the accelerated pace of software development has created a growing need for support of deprecated packages. The significant majority of open-source software packages are not actively maintained, meaning vulnerabilities are not patched, thereby leaving systems open to attack. Malicious actors often target deprecated open-source packages for this very reason.
Read Post
mend

Vector and Embedding Weaknesses in AI Systems

Apr 16, 2025 By Bar-El Tayouri In Mend
AI security threats are evolving at roughly the same speed that AI itself is: extremely fast. One of the most recent—and least understood—vulnerabilities involves vector and embedding weaknesses. These issues have gained attention with their addition to the OWASP Top 10 for LLMs, and the risks are becoming more urgent as Retrieval-Augmented Generation (RAG) continues to dominate enterprise AI adoption.
Read Post
mend

MITRE CVE Program Uncertainty: Mend.io's commitment to uninterrupted vulnerability protection

Apr 16, 2025 By Mend.io Communications In Mend
As many of you may know, MITRE’s DHS contract to manage the CVE and CWE programs expired on April 16, 2025. While emergency funding has since been restored for a short time, the long-term future of these programs still remains uncertain. Understandably, this situation has raised concerns throughout the cybersecurity community about the stability and continuity of vulnerability tracking and management systems that many organizations have come to rely upon.
Read Post

Securing AI: How Mend.io & OWASP Are Making AI Safer for Enterprises #securitymanagement #shorts

Mar 29, 2025 By Mend In Mend
Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.
View Video

Fixing AppSec's Data Problem: Context-Driven Security for Smarter Risk Management #short

Mar 29, 2025 By Mend In Mend
Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.