Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Securing AI Isn't Just About Your Pipeline #AIsecurity #DevSecOps #AppSec #redteaming

Apr 28, 2025 By Mend In Mend
Building AI apps securely is not just about plugging tools into your dev pipeline. It’s about knowing what to do with those tools after they give you results. What risks matter? What policies should you apply? And when is the right time to integrate AI security into your CI/CD? Bar-El Tayouri sits down with Ashish Rajan from The Cloud Security Podcast to discuss why red teaming and scanning aren’t enough and how getting comfortable with AI security before production pays off long-term.
View Video
mend

Mend.io & HeroDevs Partnership: Eliminate Risks in Deprecated Package

Apr 22, 2025 By Sarah Moglia In Mend
The increasing reliance on open-source software coupled with the accelerated pace of software development has created a growing need for support of deprecated packages. The significant majority of open-source software packages are not actively maintained, meaning vulnerabilities are not patched, thereby leaving systems open to attack. Malicious actors often target deprecated open-source packages for this very reason.
Read Post
mend

Vector and Embedding Weaknesses in AI Systems

Apr 16, 2025 By Bar-El Tayouri In Mend
AI security threats are evolving at roughly the same speed that AI itself is: extremely fast. One of the most recent—and least understood—vulnerabilities involves vector and embedding weaknesses. These issues have gained attention with their addition to the OWASP Top 10 for LLMs, and the risks are becoming more urgent as Retrieval-Augmented Generation (RAG) continues to dominate enterprise AI adoption.
Read Post
mend

MITRE CVE Program Uncertainty: Mend.io's commitment to uninterrupted vulnerability protection

Apr 16, 2025 By Mend.io Communications In Mend
As many of you may know, MITRE’s DHS contract to manage the CVE and CWE programs expired on April 16, 2025. While emergency funding has since been restored for a short time, the long-term future of these programs still remains uncertain. Understandably, this situation has raised concerns throughout the cybersecurity community about the stability and continuity of vulnerability tracking and management systems that many organizations have come to rely upon.
Read Post

Securing AI: How Mend.io & OWASP Are Making AI Safer for Enterprises #securitymanagement #shorts

Mar 29, 2025 By Mend In Mend
Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.
View Video

Fixing AppSec's Data Problem: Context-Driven Security for Smarter Risk Management #short

Mar 29, 2025 By Mend In Mend
Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.
View Video

Keeping Your Code Secure With Latest Software Updates #appsec #short #coding

Mar 28, 2025 By Mend In Mend
Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.
View Video

Understanding CVE Scores: How #SoftwareVulnerabilities Are Rated & Reported #short #cybersecurity

Mar 28, 2025 By Mend In Mend
Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.
View Video
mend

Introducing the Mend.io Value Dashboard: Measure and Showcase Your Security Impact

Mar 26, 2025 By Mend.io Communications In Mend
Security teams today face increasing pressure to quantify the effectiveness of their application security programs. Whether it’s justifying security investments to leadership or demonstrating compliance with regulations like PCI DSS, HIPAA, and GDPR, teams struggle to showcase the real impact of their security efforts. Without clear, actionable data, proving that an AppSec program is actively reducing risk becomes a challenge. That changes today.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.