Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Vanta TPRM transforms vendor assessments into an automated, intelligent workflow, helping your team move faster without sacrificing depth. In this demo, see how Vanta's AI-powered assessment gathers evidence, answers questions, and surfaces key findings—so you can evaluate vendor risk with greater speed, consistency, and confidence.

Vanta TPRM brings structure to vendor discovery and onboarding, turning scattered processes into a centralized, scalable system of record. In this demo, see how teams setup their third party risk program with Vanta. We'll show you how to define risk criteria, and stand up a tailored TPRM program. From initial discovery through procurement intake, Vanta helps you get organized and operational without the manual overhead.

This week on the podcast, we discuss a recent warning from the FBI about hacking leading to stolen shipments. Before that, we cover the Vercel software supply chain incident before discussing the Vect Ransomware-as-a-service turned accidental wiper.

GPT-5.5 vs Claude Opus 4.7 - two flagship AI models dropped one week apart, and both claim to be the best at agentic coding. We put that to the test by giving each model the exact same prompt: build a production-ready, secure note-taking application from scratch. But we didn't stop at reviewing the code. We actually tried to break it by running real security tests against each app to see whether AI-generated code can be trusted with user data. The results were not what we expected.

At this year’s RSA Conference, Keeper Security CEO and Co-founder Darren Guccione connected with Cybercrime Magazine to share how Keeper is innovating to meet the industry’s evolving needs.

The deepest threat is not that AI finds one clever bug, it is that it can do offensive work at a scale humans never could. Tasks that once demanded time, money and elite skill can now be accelerated, repeated and widened far beyond the limits of a traditional red team.

The next phase of cyber conflict may not be human against human, but attacking agents against defending agents at machine speed. Offensive models will probe, adapt and retry, while defensive models learn to counter them, leaving humans to supervise a battle fought mostly by software.

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.