Launches AppSec Risk Assessment Program to Aid Understanding and Prioritization of Application Risk Launches AppSec Risk Assessment Program to Aid Understanding and Prioritization of Application Risk

TEL AVIV, Israel and BOSTON, June 13, 2023 --, a leader in application security, today announced the launch of a new AppSec Risk Assessment program to help organizations understand and prioritize their application risk.

The AppSec Risk Assessment Program pairs organizations with a cybersecurity expert who will scan their applications, evaluate their risk, and provide prioritized remediation advice based on the most serious sources of risk present in their applications.

"Application risk is multiplying on a number of fronts, and it can be difficult for organizations to evaluate which sources of risk they should be addressing first, or which should concern them the most during the development process," said Sam Quakenbush, senior director of field innovation and strategy at In fact, the Mend Open Source Risk Report shows 33 percent growth in the number of open-source software vulnerabilities in the vulnerability database from 2021 to 2022.

Continued Quakenbush, "Our AppSec Risk Assessment program is all about helping organizations quantify and prioritize the risks that already exist in their applications."

Leveraging's SAST (static application security testing), SCA (software composition analysis), Supply Chain Defender, and Renovate technologies, the assessment evaluates risks such as:

  • Open-source vulnerabilities (CVEs), including critical vulnerabilities
  • Custom code weaknesses
  • Out-of-date dependencies, including components that are more than three versions out of date
  • Malicious packages/open source malware, an emerging area of risk with serious potential for exfiltration of confidential data
  • Open-source licensing issues that could present costly legal risks

To learn if your company qualifies for this free service from, click here to schedule a discussion with a representative.

About, formerly known as WhiteSource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks. With a proven track record of successfully meeting complex and large-scale application security needs, is the go-to technology for the world's most demanding development and security teams. The company has more than 1,000 customers, including 25 percent of the Fortune 100, and manages Renovate, the open source automated dependency update project. For more information, visit, the blog, and on LinkedIn and Twitter.