Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The latest News and Information on Application Security including monitoring, testing, and open source.

GitGuardian Partners with GuidePoint Security to Strengthen Application Security Offerings

GitGuardian and GuidePoint Security have partnered to deliver enhanced secrets detection and non-human identity security solutions to North American customers, offering tools to combat secrets sprawl and mismanaged identities.

Your Code Might Be Using Risky AI Models

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

Top Automated Pentesting Tools Every DevSecOps Team Should Know

Penetration testing (“pentesting”) has shifted from a once-a-year checkbox to a continuous necessity. In fact, by 2025 the pentesting industry is expected to hit $4.5 billion as companies race to find vulnerabilities before attackers do. Yet 38% of companies only run 1–2 pentests per year – leaving long gaps where new flaws can creep in. That’s a dangerous game when 73% of breaches involve exploiting web app vulnerabilities.

From Cloud to AI: Innovation, Risk & Business Strategy #ai #podcast

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

What Our Ransomware Simulation Taught Us #cybersecurity #ransomware

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

Veracode: Application Risk Management for today's AI-driven world

Discover Veracode, the comprehensive application risk management platform designed for today's AI-driven world. This video provides an overview of how Veracode empowers organizations to build and deploy secure software by offering unified visibility, AI-driven prioritization, and integrated tools for detecting and remediating vulnerabilities. Learn about Veracode's key capabilities, including static analysis (SAST), dynamic analysis (DAST), software composition analysis (SCA), and risk management.

What does 'software reachability granularity' really mean 2nd Episode

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

Transform Your AppSec Program With the Power of Snyk Analytics

As AI-generated code continues to boost developer productivity – and with it the number of vulnerabilities in code – the need for a programmatic approach to security within a fully AI-enabled reality is key. AI Trust and governance is the new standard for the AI era, and is achieved through visibility, prioritization, and policy. With this in mind, over time, Snyk has expanded the number of reports and analytics provided in its platform to address this need.

So your chatbot just insulted a customer? #cybersecurity #appsec

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

Understanding Runtime Reachability 5th Episode

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.