%term

Mend.io

Jun 6, 2023 By Mend In Mend

Mend.io (formerly WhiteSource) is the leader in application security. Mend uniquely removes the burden of application security, allowing development teams to deliver quality, secure code, faster. With a proven track record of successfully meeting complex and large-scale application security needs, the world’s most demanding software developers rely on Mend. The company has more than 1,000 customers, including 25 percent of the Fortune 100, and manages Renovate, the open source automated dependency update project.

View Video

Mend

Read more about Mend.io

Mend.io Announces Integration of Crowdsourced Renovate Data to Reduce Open Source Attack Surface Risk Up to 80 Percent

Jun 5, 2023 By Mend In Mend

Mend SCA now enables full automation of high-confidence open-source updates without 'breaking the build'.

Read Post

Mend

Read more about Mend.io Announces Integration of Crowdsourced Renovate Data to Reduce Open Source Attack Surface Risk Up to 80 Percent

What's Driving the Adoption of SBOMs? What's Next for Them?

Jun 1, 2023 By Jeff Martin In Mend

As the software bill of materials (SBOM) becomes ubiquitous for compliance and security purposes, what has previously been a nice-to-have option is fast becoming indispensable. If you want to do business with significant partners, such as public and federal organizations, and if you want to grow your business by floating your company or engaging in M&A activity, then you’re going to need SBOMs. This demand is driven by two key trends, one technical and the other legislative.

Read Post

Mend

Read more about What's Driving the Adoption of SBOMs? What's Next for Them?

The Unseen Risks of Open Source Dependencies: The Case of an Abandoned Name

May 31, 2023 By Tom Abai In Mend

One often-overlooked risk in the bustling ecosystem of open-source software are vulnerabilities introduced through software dependencies. We mention this because today, a malicious actor took over a RubyGems package name with more than two million downloads. Mend.io technology detected the package before it could be used for an attack, but the case of ‘gemnasium-gitlab-service‘ serves as an important reminder of the risk of neglecting dependency management.

Read Post

Mend

Read more about The Unseen Risks of Open Source Dependencies: The Case of an Abandoned Name

Mend.io + Jira Security: Doing DevSecOps Better Together

May 26, 2023 By Carol Hildebrand In Mend

We hear a lot about the urgency of transition from DevOps to DevSecOps, and with good reason. The ongoing rise in cyberattacks across the software supply chain, coupled with a shifting regulatory landscape, highlights the growing urgency of improving application security. But it’s one thing to recognize the importance of integrating security into the software development process, and another thing to actually succeed at doing so.

Read Post

Mend

Read more about Mend.io + Jira Security: Doing DevSecOps Better Together

Mend CLI - Container Image Scanning

May 24, 2023 By Mend In Mend

You can scan a container image with the Mend CLI to check for security vulnerabilities and secrets, and view them as a formatted table directly in the CLI or within the user interface. This video is an overview of how to use the Mend CLI to scan your container images using a pipeline.

View Video

Mend

Read more about Mend CLI - Container Image Scanning

Magic Quadrant for Application Security Testing, 2023 Gartner report

May 23, 2023 By Rami Sass In Mend

We’re proud to announce that Mend.io has been recognized as a Visionary in the 2023 Gartner Magic Quadrant for Application Security Testing (authors Mark Horvath, Dale Gardner, Manjunath Bhat, Angela Zhao, Ravisha Chugh); (May 17, 2023).

Read Post

Mend

Read more about Magic Quadrant for Application Security Testing, 2023 Gartner report

What You Should Know About Open Source License Compliance for M&A Activity

May 18, 2023 By Sam Quakenbush In Mend

Companies are increasingly concerned about the security of applications built on open source components, especially when they’re involved in mergers and acquisitions. Just like copyright for works of art, each piece of open source software has a license that states legally binding conditions for its use.

Read Post

Mend

Read more about What You Should Know About Open Source License Compliance for M&A Activity

Dependency Management: A Guide and 3 Tips to Keep You Sane

May 16, 2023 By Adam Murray In Mend

Managing dependencies is not for the faint of heart. For a single project, you may be able to keep up with dependencies on your own. For software codebases with hundreds of modules, however, even the most seasoned developer will quickly descend into dependency hell. Don’t worry: dependency hell has happened to the best of us! There are some things you can do to keep yourself sane and improve application security.

Read Post

Mend

Read more about Dependency Management: A Guide and 3 Tips to Keep You Sane

How to Create a CycloneDX SBOM Using Mend

May 15, 2023 By Mend In Mend

In this short video, we will demonstrate how to create an NTIA compliant Software Bill of Materials for applications that have been scanned using Mend in the CycloneDX format. ...

View Video

Mend

Read more about How to Create a CycloneDX SBOM Using Mend

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Mend.io

Mend.io Announces Integration of Crowdsourced Renovate Data to Reduce Open Source Attack Surface Risk Up to 80 Percent

What's Driving the Adoption of SBOMs? What's Next for Them?

The Unseen Risks of Open Source Dependencies: The Case of an Abandoned Name

Mend.io + Jira Security: Doing DevSecOps Better Together

Mend CLI - Container Image Scanning

Magic Quadrant for Application Security Testing, 2023 Gartner report

What You Should Know About Open Source License Compliance for M&A Activity

Dependency Management: A Guide and 3 Tips to Keep You Sane

How to Create a CycloneDX SBOM Using Mend

Monthly Archive

Follow Us