Supply Chain Security

What are Malicious Packages? How Do They Work?

May 9th, 2023 Carol Hildebrand

Learn about malicious packages, how they work, and the growing threat they pose to software supply chains.

RSA Conference 2023: Takeaways From Our 5 Favorite Sessions

RSA Conference 2023: Key Takeaways From Our Five Favorite Sessions

May 2nd, 2023 Carol Hildebrand

RSA 2023 takeaways, including sessions on supply chain security, translating security for the board, & the psychology of DevSecOps.

The Five Key Principles of Modern Application Security

March 14th, 2023 Angelika Skrobot

Discover the key principles of modern application security. Learn how to secure your software and protect against evolving threats.

Just Who Exactly Should Take Responsibility for Application Security?

March 2nd, 2023 Carol Hildebrand

Explore the complexities of application security responsibility in the age of DevSecOps and supply chain breaches. Who should take the lead?

Securing the Software Supply Chain: Key Findings from the Mend Open Source Risk Report

February 28th, 2023 Adam Murray

Discover key findings from the Mend Open Source Risk Report on securing the software supply chain. Watch the webinar for more insights.

Yandex Data Leak Triggers Malicious Package Publication

January 30th, 2023 Lisa Haas

Discover how the Yandex data leak triggered malicious package publication, leading to supply chain security risks.

Malicious Code Deletes Directories If You Do Not Have a License

January 10th, 2023 Angelika Skrobot

Discover how malicious code can delete directories if you don’t have a license. Learn about supply chain security and license compliance.

Mend’s Trends for 2023

January 6th, 2023 Carol Hildebrand

Stay ahead of cyber threats with Mend’s Trends for 2023. Experts predict a rise in AI-driven cybercrime and open source vulnerabilities.

Introducing the Mend Open Source Risk Report

December 15th, 2022 Carol Hildebrand

Discover the latest insights on open source risk management in the Mend Open Source Risk Report.

A Guide To Securely Managing Your Devops Workflow

DevSecOps: A Comprehensive Guide to Securely Managing Your DevOps Workflow

November 4th, 2022 Adam Murray

Get to know all about DevSecOps and the main tools and practices that organizations should adopt in order to implement a DevSecOps pipeline.

Top Three User Priorities for Software Composition Analysis

November 2nd, 2022 Adam Murray

Discover the top three user priorities for Software Composition Analysis including application security, DevSecOps, and license compliance.

Advisory: New OpenSSL Critical Security Vulnerability

October 31st, 2022 Carol Hildebrand

Learn about the new OpenSSL critical security vulnerabilities CVE-2022-3786 and CVE-2022-3602. Discover their impact, and protect your systems.

Six Golden Rules for Software and Application Security

October 4th, 2022 Adam Murray

Learn the six golden rules for software and application security.. Stay safe during Cybersecurity Awareness Month 2022!

PSingle Author Uploaded 168 Packages To NPM

Cybercriminals targeted users of packages with a total of 1.5 billion weekly downloads on npm

October 2nd, 2022 Lisa Haas

Stay informed about the latest supply chain security incident targeting npm users. Learn about the malicious packages and more.

Popular Cryptocurrency Exchange dYdX Has Had Its NPM Account Hacked

September 23rd, 2022 Angelika Skrobot

dYdX, a popular cryptocurrency exchange, had its NPM account hacked in a supply chain attack. Learn how to protect against similar attacks.

Mend API Helps Make SBOMs Simple

August 10th, 2022 Adam Murray

Learn how Mend API simplifies the creation of SBOMs for better supply chain security. Stay ahead in DevSecOps with our automated tool.

MEND PLATFORM

Expand AppSec Coverage

Featured

From Reactive to Effective: Building Application Security that Works

Enhance Supply Chain Security with Proactive SBOM Management