Mend, formerly WhiteSource, focuses on automating application security with a remediation-first approach for open source and custom code.
Practical guide to vulnerability remediation for developers & security teams. Learn how to detect, prioritize, fix, & monitor vulnerabilities.
Discover the latest typosquatting attack on the npm package ‘colors’ using a cross-language technique.
Impact Analysis of RubyGems Critical CVE-2022-29176 Unauthorized Package Takeover. Learn about the vulnerability, impact assessment, and more
Discover the NIST Supply Chain Risk Management Program.. Learn how to manage cybersecurity risks in digital supply chains effectively.
Learn why vulnerability management must go beyond CVSS to priority scoring for better open source security and remediation prioritization.
Discover how AWS was targeted by a malicious package backfill attack, the methods used by attackers, and how to protect against such attacks.
Discover the top 5 vulnerability assessment scanning tools and learn how to prioritize and remediate vulnerabilities to secure your org.
Learn best practices for immediate remediation of the Spring4Shell vulnerability, including detection, and prioritization.
Learn about the Spring4Shell vulnerability (CVE-2022-22965), its potential impact, and how to prepare your Java applications.
Learn why automated software supply chain attacks are a growing threat. Discover how to protecting your org from malicious NPM packages.
Learn about the Spring4Shell Zero-Day Vulnerability CVE-2022-22965 with information, updates, mitigation guidance, and more.
Learn how to set benchmarks for false positives in SAST tools to enhance application security and improve developer efficiency.
Discover the top 7 Static Application Security Testing (SAST) Tools compared in this blog post. Learn about features, pricing, & languages.
Address SAST false positives in your application security testing. Explore causes, preventive measures, and the benefits of using Mend SAST.
Understand the types of Ruby supply chain attacks. Learn the best practices for preventing supply chain security risks in your Ruby projects.
Join our subscriber list to get the latest news and updates
Thanks for signing up!
