Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

mend

Best Application Security Testing Services to Know

Nov 5, 2025 By Tiffany Jennings In Mend
Application Security Testing (AST) services use automated tools and manual techniques to find and fix security vulnerabilities in software, integrating security into the entire development lifecycle (SDLC) to prevent threats and protect applications from attacks. Key services include Static Application Security Testing (SAST) for code-level analysis, Dynamic Application Security Testing (DAST) for runtime testing, and Interactive Application Security Testing (IAST) which combines both.
Read Post
mend

Ultimate Guide to Open Source Security: Risks, Attacks & Defenses

Oct 28, 2025 By Tiffany Jennings In Mend
Unlike closed-source code or proprietary applications, open source software (OSS) exposes its source code, allowing anyone to view, modify, or contribute to it. This transparency delivers both opportunities and unique threats; developer communities can uncover flaws faster, but attackers can also examine code for weaknesses and even easily leverage known reported open source vulnerabilities.
Read Post
mend

Mend.io Expands AI Native AppSec to Windsurf, CoPilot, Claude Code, and Amazon Q Developer

Oct 21, 2025 By Mend.io Team In Mend
Today, Mend.io is expanding its AppSec capabilities to secure the five most popular agentic IDEs — including Windsurf, CoPilot, Claude Code, Amazon Q Developer, and Cursor — ensuring that developers can move at AI speed without compromising security.
Read Post
mend

Building Strong Container Security for Modern Applications

Oct 16, 2025 By Mend.io Team In Mend
Containers have transformed how modern applications are built and deployed. They’re lightweight, portable, and allow teams to move software from development to production faster than ever before. But as adoption has accelerated, so have security concerns. From vulnerable base images to exposed Kubernetes clusters, container security has become a top priority for AppSec and DevSecOps professionals.
Read Post

Why Security Can Be Stricter: A Zero Trust Approach to AppSec with AI | Mend.io

Oct 16, 2025 By Mend In Mend
Is AI making application security easier or harder? We spoke to Amit Chita, Field CTO at Mend.io, the rise of AI agents in the Software Development Lifecycle (SDLC) presents a unique opportunity for security teams to be stricter than ever before. As developers increasingly use AI agents and integrate LLMs into applications, the attack surface is evolving in ways traditional security can't handle. The only way forward is a Zero Trust approach to your own AI models. Join Ashish Rajan and Amit Chita as they discuss the new threats introduced by AI and how to build a resilient security program for this new era.
View Video

Securing AI Applications in the Cloud: Shadow AI, RAG & Real Risks | Mend.io

Oct 16, 2025 By Mend In Mend
What does it take to secure AI-based applications in the cloud? In this episode, host Ashish Rajan sits down with Bar-el Tayouri, Head of Mend AI at Mend.io, to dive deep into the evolving world of AI security. From uncovering the hidden dangers of shadow AI to understanding the layers of an AI Bill of Materials (AIBOM), Bar-el breaks down the complexities of securing AI-driven systems. Learn about the risks of malicious models, the importance of red teaming, and how to balance innovation with security in a dynamic AI landscape. What is an AIBOM and why it matters The stages of AI adoption.
View Video
mend

Code Scanning in 2025: Why, How & the Role of Scanning in AI Security

Oct 15, 2025 By Mend.io Team In Mend
Code scanning is the process of automatically analyzing source code to identify potential security vulnerabilities, bugs, and other code quality issues. It’s a crucial part of secure application development, helping teams detect and fix problems early in the software development lifecycle. Code scanning tools mainly use static analysis methods (examining code without running it), in contrast to dynamic analysis tools which analyze applications while they are running.
Read Post

The AppSec Bottleneck: Why Fixing Can't Wait

Oct 13, 2025 By Mend In Mend
Vulnerability detection isn’t the main problem - remediation is. In today’s fast-paced development world, security teams are overwhelmed with alerts, while developers struggle to keep up with security tasks that feel disconnected from their workflow. The real risk? Vulnerabilities that sit unaddressed in a growing backlog. Join Daniel Wyrzykowski, Product Manager at Mend.io and Saoirse Hinksmon, Senior Product Marketing Manager at Mend.io as they explore.
View Video
mend

Mend.io is Recognized in the 2025 GartnerMagic Quadrant for Application Security Testing

Oct 7, 2025 By Mend.io Team In Mend
The software security landscape is evolving faster than ever, and AI is accelerating this change. As generative and embedded AI become core to how software is developed, tested, and deployed, security must adapt to protect an entirely new layer of risk. At Mend.io, we’ve spent the past year reimagining what Application Security Testing (AST) looks like in this new reality.
Read Post
mend

LLM Security in 2025: Risks, Mitigations & What's Next

Oct 6, 2025 By Mend.io Team In Mend
Large language model (LLM) security refers to the strategies and practices that protect the confidentiality, integrity, and availability of AI systems that use large language models. These models, such as OpenAI’s GPT series, are trained on vast datasets and can generate, translate, summarize, and analyze text. However, like any complex software component, LLMs present unique attack surfaces because they can be influenced by the data they process and the prompts they receive from users.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.