So your chatbot just insulted a customer? #cybersecurity #appsec

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

Strategic Signals from Money20/20: Digital Identity, Stablecoins, Open Banking

At this year’s Money20/20 Europe, the focus was clear and pragmatic. Three themes came through consistently: digital identity, stablecoins, and open banking. Each reflects a broader shift underway. Institutions are moving from exploration to implementation. Regulatory frameworks are taking shape. Infrastructure is evolving to meet new demands. These priorities emerged across our discussions with partners, customers, and colleagues—and signal where the market is heading.

Cybersecurity in UK Hospitality: Navigating Compliance, Threats, and Resource Constraints

Many of the largest hospitality organizations operate on a global scale. While guest demands remain relatively constant across regions, cyberthreats and defensive capabilities can vary significantly. Trustwave SpiderLabs recently released the 2025 Trustwave Risk Radar Report: Hospitality Sector, providing updated insights and strategies to enhance data security across the industry.

Understanding Runtime Reachability 5th Episode

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

Security Debt in Government Software: The Hidden Risk You Can't Ignore

When we think about software security risks, we often focus on immediate threats—new vulnerabilities discovered in the latest release or zero-day exploits making headlines. But beneath the surface lies a more insidious problem, especially in the public sector: security debt. This hidden risk accumulates quietly, but its impact can be severe, eroding the integrity, resilience, and trustworthiness of government software systems.

EP 9 - J&J's former CISO on trust, identity, and the future of cybersecurity

In this episode of Security Matters, host David Puner sits down with Marene Allison, former Chief Information Security Officer (CISO) of Johnson & Johnson, for a candid and wide-ranging conversation on trust, identity, and leadership in cybersecurity. From securing global vaccine supply chains during the COVID-19 pandemic to navigating the rise of AI and machine identities, Marene shares hard-earned insights from her decades-long career in national security and the private sector.

Innovations in Splunk Security Expands Unified TDIR Experience to On-Premises and FedRamp Moderate Environments

At RSAC 2025 Conference we announced new innovations to Splunk Security. Today, we are pleased to announce the general availability of Splunk Enterprise Security 8.1. Splunk becomes the only vendor to bring truly unified threat detection, investigation, and response (TDIR) workflows fueled by automation to both customer managed deployments and FedRAMP Moderate environments.

EASM Buyer's Guide 2025: A guide for a futureproof EASM solution

Your external attack surface is growing — whether you’re aware of it or not. Cloud migration, IoT, AI, and remote work are all contributing to the rapid expansion of organizations’ external attack surfaces, and many security teams are struggling to keep up. According to a 2021 report, 69% of organizations admitted they had experienced at least one cyberattack that was initiated through exploiting an unknown or unmanaged internet-facing asset.