Over 100 Malicious Packages Target Popular ML PyPi Libraries
The Mend.io research team detected more than 100 malicious packages targeting the most popular machine learning (ML) libraries from the PyPi registry.
Read about application security, DevSecOps, license compliance, and software supply chain security.
The Mend.io research team detected more than 100 malicious packages targeting the most popular machine learning (ML) libraries from the PyPi registry.
A not so model citizen: how AI trained on bad data leads to discrimination against women.
Patch the right apps first. Learn how EPSS scores help prioritize critical vulnerabilities & go beyond CVSS.
Stop reacting and start preventing with SAST & secure code training. Prioritize risks and empower developers to write secure code.
Read our guide on creating an effective container security program with reachability analysis.
Mend Container finds runtime threats and secrets, scans Kubernetes clusters for in-use containers, and provides full coverage from development to deployment.
Join us for an in-depth discussion of what it takes to stop playing defense when it comes to application security.
The NVD has a large backlog of unanalyzed vulnerabilities. See if you're impacted.
Announcing the launch of our new tool, Mend AI to identify, track, and secure AI and AI-generated code.
Can you scan your containers with any old SCA and still get good results?
Join experts from AWS and Mend.io discussing strategies for optimizing container security in the AWS cloud.
Find ways to reduce security debt and overall risk without negatively impacting either the development process or software functionality. Learn more in this white paper.
Using SBOMs to create software inventories to meet compliance or industry requirements is a great start. However, the possibilities beyond compliance are even more compelling. Ultimately, the real value lies in evolving SBOMs from informational resources to actionable business tools. Learn more in this white paper.
Learn the importance of scanning container images for vulnerabilities to keep your containerized environments safe.
Learn about secrets detection and management – very important but often overlooked parts of application security.
Learn about the Common Vulnerability Scoring Systems 4.0 update as well as new metrics.
Drowning in SAST alerts or afraid to even add SAST to your AppSec arsenal? Let's talk about how to use SAST effectively.
Watch this webinar to learn how automating your dependency updates improves developer efficiency and reduces technical debt.
Learn how AI and LLM technology amplifies existing cybersecurity threats and how to harden security against them.
Learn more about free tools for generating SBOMs easily and automatically.
Find out what EPSS scores are and how to use them for better remediation prioritization.
What are license compliance and copyright challenges of AI-generated software code?
Join us as we discuss essential best practices for establishing robust application security programs from our recently released survey with TechTarget’s Enterprise Strategy Group.
Discover six more essential tips for great holistic AppSec and software supply chain security.
Learn six top tips for great holistic AppSec and software supply chain security.
Mend.io’s Chris Lindsey offers his advice on dealing with security team turnover, building relationships with developers, and choosing the best security tools.
Updating dependencies not only improves application quality, it also shrinks the potential attack surface for your apps. Learn more in this white paper.
Increase your knowledge of open source licenses by learning what the main types are, how they work, and how they differ.
Development and security teams should be friends, not adversaries. Learn how to build trust and empathy between your teams.
Learn about the big threats that come with AI and LLM technology.
Learn how to apply security and risk reduction techniques at each stage of the SDLC. And, why automating risk reduction is the only way to reduce cloud-native application risk at an enterprise scale.
Incorporate security into your development processes. Set your developers up for security success with these tips.
Discover what the latest research commissioned by Mend.io says about optimizing application security.
See best practices that drive the efficiency needed to rapidly remediate application security vulnerabilities to mitigate risk and prevent incidents.
Learn about Mend Renovate Enterprise Edition, which offers automated dependency management and technical debt reduction at scale.
Discover issues in the current cybersecurity landscape that have the attention of six of Mend.io’s leading experts.