%term

The latest News and Information on Application Security including monitoring, testing, and open source.

The True Cost of Data Overload: Why Strategic Data Management Matters

May 23, 2025 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about The True Cost of Data Overload: Why Strategic Data Management Matters

Bug Bounty Secrets: Scope, Rules, & Hacker Invites REVEALED!

May 22, 2025 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about Bug Bounty Secrets: Scope, Rules, & Hacker Invites REVEALED!

Old Data: Are You Keeping Too Much? Incident Response Risks! #appsec #cybersecurity

May 21, 2025 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about Old Data: Are You Keeping Too Much? Incident Response Risks! #appsec #cybersecurity

Reducing Cybersecurity Debt with AI Autotriage

May 21, 2025 By Charlie Eriksen In Aikido

The boy who cried wolf goes back to a fable where a shepherd boy mocked the other villagers by telling them that a wolf was attacking the flock. The villagers believed him at first, but he was just laughing with them. When the shepherd boy repeated his joke, villagers started to ignore him and at some point a real wolf comes and attacks the sheep. The boy ‘cried wolf’ but nobody believed him anymore.

Read Post

Aikido

Read more about Reducing Cybersecurity Debt with AI Autotriage

Application Security Testing: Security Scanning and Runtime Protection Tools

May 20, 2025 By Mend.io Communications In Mend

Application security testing (AST) is the process of identifying and fixing security vulnerabilities in software applications. It ensures that applications are protected against threats such as unauthorized access, data breaches, and code manipulation. The application layer continues to be the most attacked and hardest to defend in the enterprise software stack.

Read Post

Mend

Read more about Application Security Testing: Security Scanning and Runtime Protection Tools

Pen Test Results Dropping? Here's Why (And How to Fix It!) #cybersecurity #bountyprograms

May 20, 2025 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about Pen Test Results Dropping? Here's Why (And How to Fix It!) #cybersecurity #bountyprograms

Understanding SBOM Standards: A Look at CycloneDX, SPDX, and SWID

May 20, 2025 By Mackenzie Jackson In Aikido

Modern applications are no longer giant monoliths, they are a collection of micro services, open-source components, and third-party tools. But this makes it very difficult to actually understand the insides of our applications, particularly when you consider that our open-source dependencies also have open-source dependencies! The Software Bill of Materials (SBOM) plays a key role here. SBOMs provide a detailed inventory of all software components.

Read Post

Aikido

Read more about Understanding SBOM Standards: A Look at CycloneDX, SPDX, and SWID

Vibe check: The vibe coder's security checklist

May 19, 2025 By The Aikido Team In Aikido

If it’s worth building, it’s worth securing. Vibe coding has been generating a lot of buzz. While automating and coding with AI isn’t new, vibe coding holds the promise of democratizing software development: simply describe what you want in natural language and let the LLM do the rest.

Read Post

Aikido

Read more about Vibe check: The vibe coder's security checklist

Why You Can't "SAST" Your Way Through AI Security #AppSec #LLMs #CloudSecurity #Cybersecurity

May 19, 2025 By Mend In Mend

AI apps break the traditional rules of application security. Here’s why: AI is cloud-native from day one. That means you’ve got runtime risk before your app even launches. Static analysis (SAST) doesn’t cut it. You can’t predict risk from just looking at code. AI models are just vectors. You need new methods.

View Video

Mend

Read more about Why You Can't "SAST" Your Way Through AI Security #AppSec #LLMs #CloudSecurity #Cybersecurity

CrowdStrike Falcon Application Security Posture Management (ASPM)

May 16, 2025 By CrowdStrike In CrowdStrike

Falcon ASPM extends visibility beyond endpoints and cloud to automatically prioritize the most impactful risks in custom applications. Contact us to learn how you can find threats faster with Falcon Cloud Security.

View Video