Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

October 2023

Mend.io Launches Mend Renovate Enterprise Edition

Mend Renovate is the industry leader in dependency management, downloaded more than a billion times — including by most of the top 10 tech giants — to help keep their applications safe and up to date. Its primary job is to scan your application software looking for external dependencies, and if newer versions are available, it will suggest code changes to upgrade you to the latest.

Add to Your AppSec Arsenal with Mend.io's Integration with Secure Code Warrior

We’re delighted to announce that Mend.io has launched a new integration with Secure Code Warrior®, a platform that provides secure coding training and tools that help shift developer focus from vulnerability reaction to prevention.

Let's Embrace Death in the Software Development Lifecycle

The leaves are turning brilliant colors before they fall off and blow away here where I live just a few minutes outside of Salem, Massachusetts where autumn — Halloween specifically — is a very big deal. I’m not morbid but it’s a natural time to think about how things wind down and finally breathe their last breath. Nothing lasts forever. Not trees. Not animals. Not people. Not cars. Not houses. Not software. Especially not software.

New ESG Research Report Outlines Best Practices for Effective Application Security Programs

New research from TechTarget’s Enterprise Strategy Group (ESG) has identified that organizations’ application security programs struggle to keep up with the pace of software development, and it reveals best practices to secure modern software applications.

The Latest Trends in API Security: The 2023 OWASP API Security Top Ten

The Open Web Application Security Project (OWASP) has published the latest edition of its API Security Top Ten, which was first published in 2019. The Top Ten is a significant daughter list of the OWASP Top Ten, which is one of the most definitive lists of the most severe web application risks. Why is this important? What are its main findings? And what does this mean for application security?

Why Dependency Management Reduces Your Enterprise's Technical Debt

There are many ways to incur technical debt but the broadest reason it both exists and persists is that most applications are old and most software developers are working on new things. In an ideal world, agile organizations would have very little technical debt because they should always return to their code and improve it. But in the real world, the fast pace of continuous rollouts means agile organizations can be especially prone to collecting large amounts of technical debt.

Cybersecurity Awareness Month 2023: Five Reasons You Need Automatic Software Updates for Your Application Security.

October 2023 marks the 20th anniversary of Cybersecurity Awareness Month. The initiative is spearheaded by the U.S. National Cybersecurity Alliance (NCA) and the Cybersecurity and Infrastructure Agency (CISA). It is a collaboration between these U.S. government agencies and industry to raise awareness about cybersecurity, the risks we face from digital crime and cyberattacks, and how to protect ourselves from them. This year, the campaign promotes four key behaviors to strengthen cybersecurity.