Mend.io Customer Success Story - WTW

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks. With a proven track record of successfully meeting complex and large-scale application security needs, Mend.io is the go-to technology for the world’s most demanding development and security teams. The company has more than 1,000 customers, including 25 percent of the Fortune 100, and manages Renovate, the open source automated dependency update project.

Private Status Page: A Comprehensive Guide

Private status pages are very special websites used to maintain transparent communication between the company's employees and other stakeholders. It's mostly used for important performance updates but also for disruption and downtime notifications (and every other problem that should be addressed on short notice). The purpose of any private status page is to encourage communication and support to those who have access to it, providing updates on issue status and incident management.

How Executive Order on Artificial Intelligence Addresses Cybersecurity Risk

Unlike in the 1800s when a safety brake increased the public’s acceptance of elevators, artificial intelligence (AI) was accepted by the public much before guardrails came to be. “ChatGPT had 1 million users within the first five days of being available,” shares Forbes.

PCI 4.0: What is coming, and what do you need to do about it?

PCI DSS 4.0 is coming, and getting your organization up to speed will be no small task. Don't wait until the last minute. Hear Payment Card Industry (PCI) Qualified Security Assessors Brian Dean and Joe Moser as they explain the key differences between PCI 4.0 and PCI 3.2.1, what to expect with the new release, and which steps you need to take right away to prepare.

The Evolving Role of the CISO and the Language of Resilience with Marene Allison

In this episode of Cyber Security Decoded, Steve Stone, Head of Rubrik Zero Labs, is joined by a former CISO at Johnson & Johnson to discuss the ever-evolving role of the CISO. They discuss what she has learned from the biggest threat intrusions in her career, how the role of the CISO is evolving to adapt to new cyber threats, and what we can tactically do to empower more professionals from different backgrounds to pursue a career in cybersecurity.

Solarwinds and Cisco 10.0: Big Problems for Big Companies

In this week's episode, Robin and Bill explore the recent SEC charges against Solarwinds (and their Chief Information Security Officer) with fraud, as well as a CVE with a perfect CVSS rating of 10.0 against Cisco! Why is a CISO getting charged with fraud? What does a a CVSS rating of 10 mean, and why should you be worried if you use Cisco IOS or IOS XE today? Learn all this and more on the latest episode.

How Security Ratings Empower CISOs in an Era of Burnout

When I bring up the topic of security ratings to my CISO colleagues, I typically get one of two reactions. The first half complains about misattribution of issues along with reporting fix times (although accuracy has improved). But the other half understand how to leverage this technology to their benefit to make their jobs easier and their organizations safer. Read below to get under the hood of how to leverage the evolving application of this technology to secure your supply chain.