Mend.io Launches AppSec Risk Assessment Program

At Mend.io, we’re always looking for ways to help organizations understand their application security risk. This week, we’re proud to announce a new initiative designed to make it easier than ever for organizations to visualize and remediate their biggest sources of risk: the Mend.io AppSec Risk Assessment Program.

The AppSec Risk Assessment Program pairs organizations with a Mend.io cybersecurity expert who will scan their applications, evaluate their risk, and provide prioritized remediation advice based on the most serious sources of risk present in their applications. 

Leveraging Mend.io’s SAST (static application security testing), SCA (software composition analysis), Supply Chain Defender, and Renovate technologies, the assessment has a holistic perspective that allows organizations to prioritize risks from multiple sources.

The Mend.io AppSec Risk Assessment Program can evaluate a range of risks, including:

• Open-source vulnerabilities (CVEs), including critical vulnerabilities
• Custom code weaknesses
• Out-of-date dependencies, including components that are more than three versions out of date
• Malicious packages—also known as open-source malware—an emerging area of risk with serious potential for exfiltration of confidential data
• Open-source licensing issues that could present costly legal risks

During the assessment process, the cybersecurity expert from Mend.io will offer suggestions for prioritized remediation to quickly reduce risks in the application being assessed. After the assessment period is complete, organizations will receive a comprehensive overview of the risk assessment results, including remediation advice. 

The Mend.io Application Risk Assessment Program is available with no cost or obligation to qualifying organizations.