%term

The latest News and Information on Application Security including monitoring, testing, and open source.

Ethical Hackers & Bug Bounty: Our Security Journey #applicationsecurity #cybersecurity

May 16, 2025 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about Ethical Hackers & Bug Bounty: Our Security Journey #applicationsecurity #cybersecurity

Splunk Delivers Unified Security and Observability to Protect Applications

May 15, 2025 By Kashyap Merchant In Splunk

Bring application and security teams together with end-to-end application threat detection and response—right inside Splunk.

Read Post

Splunk

Read more about Splunk Delivers Unified Security and Observability to Protect Applications

Unlocking Security: Why Bug Bounty Programs Are a MUST-HAVE #bugbounty #cybersecurity

May 15, 2025 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about Unlocking Security: Why Bug Bounty Programs Are a MUST-HAVE #bugbounty #cybersecurity

Hackers REVEALED: The TRUTH About Bug Bounty Programs #cybersecurity #bugbounty

May 14, 2025 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about Hackers REVEALED: The TRUTH About Bug Bounty Programs #cybersecurity #bugbounty

5 SAST Purchasing Tips That Actually Maximize ROI

May 14, 2025 By Mend In Mend

Following these 5 tips when purchasing a SAST tool will save you headaches and regrets. A flashy demo or “industry-leading” badge doesn’t mean much if the tool doesn’t work for your code, your developers, or your workflow. This short video covers 5 things every AppSec or engineering team should consider before signing on the dotted line. Because choosing the wrong tool won’t just cost you budget, it’ll cost you trust.

View Video

Mend

Read more about 5 SAST Purchasing Tips That Actually Maximize ROI

Bridging ASPM and Vulnerability Management for Scalable Application Security

May 13, 2025 By Nucleus Security In Nucleus

In this webinar, "Bridging ASPM and RBVM for Scalable AppSec," security leaders from Cycode and Nucleus explore how to unify application and infrastructure vulnerability management in complex, cloud-native environments.

View Video

Nucleus

Read more about Bridging ASPM and Vulnerability Management for Scalable Application Security

Is Your Code Safe? Hidden Risks & Security Measures | Mend.io #cybersecurity #softwaresecurity

May 13, 2025 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about Is Your Code Safe? Hidden Risks & Security Measures | Mend.io #cybersecurity #softwaresecurity

You're Invited: Delivering malware via Google Calendar invites and PUAs

May 13, 2025 By Mackenzie Jackson In Aikido

On March 19th, 2025, we discovered a package called os-info-checker-es6 and were taken aback. We could tell it was not doing what it said on the tin. But what's the deal? We decided to investigate the matter and initially hit some dead ends. But patience pays off, and we eventually got most of the answers we sought. We also learned about Unicode PUAs (No, not pick-up artists). It was a roller coaster ride of emotions!

Read Post

Aikido

Read more about You're Invited: Delivering malware via Google Calendar invites and PUAs

Container Security is Hard - Aikido Container Autofix to Make it Easy

May 12, 2025 By Charlie Eriksen In Aikido

Container security starts with your base image. But here’s the catch: In this post, we’ll explore why updating base images is harder than it seems, walk through real examples, and show how you can automate safe, intelligent upgrades without breaking your app.

Read Post

Aikido

Read more about Container Security is Hard - Aikido Container Autofix to Make it Easy

Leveling Up AppSec: Overcome Vulnerability Management Challenges in Game Development

May 12, 2025 By Kevin Swan In Seemplicity

Game development studios face enormous pressure to deliver immersive, high-performance experiences on a rigid schedule, all while ensuring that every release meets the highest standards for quality and security. For security teams, keeping up with fast-moving codebases, short release cycles, and a flood of vulnerabilities is no easy feat.

Read Post