Mend.io Blog

Discover the top 8 due diligence questions to prepare your startup for investment. From technology roadmaps to scalability.

Renovate supports raising Pull Requests immediately for any JavaScript or Python package identified as having a vulnerable version by GitHub’s Vulnerability Alerts.

Discover and dispel 6 common concerns around using open source software in applications. Learn how to mitigate risks and harness its power.

Renovate allows raising issues to warn a repository if it is using deprecated npm packages. This helps prevent that a dependency you are using may never get updates again.

Learn about the flaws in the Common Vulnerability Scoring System and how it may impact security professionals.

Learn about vulnerability disclosure and how to find bugs in your code before hackers do.

Learn why using components with known vulnerabilities is a major issue in application security and how to address it with OWASP guidelines.

Explore 7 groundbreaking Chinese open source projects like Vue and Dragonfly.

Discover the risks of known open source vulnerabilities in reusable software components and how hackers exploit them.

Learn about CVSS v3 and the challenges it brings for developers. Understand how to prioritize remediations & utilize effective usage analysis.

Discover the top 10 weirdest names for open source projects. From Pig to CockroachDB, learn about these unique projects and their purposes.

Discover the top 3 challenges for fintech in the post-Equifax era: stringent regulations, securing customer trust, and application security.

Discover the top 5 developer jokes explained. Understand the humor behind coding and programming with insights from fellow developers.

The Equifax breach was the largest single breach in history, with 145.5 million records being uncovered. Today, 6 months later, we look at the industry and see what we have learned from Equifax.

Explore the open source license trends of 2017 vs. 2016 and the many security issues spanning across each.

The top 5 new open source vulnerabilities in March 2018, including Drupal, Microsoft ChakraCore, Jackson-databind, Moment.js, and Marked.js.