Open Source Security
The OWASP Top 10 Vulnerabilities
Stay updated on the latest in application security with the OWASP Top 10 vulnerabilities ...
OWASP Dependency Check: How Does It Work?
Learn how OWASP Dependency Check helps secure open source components ...
Cybersecurity Insights with Contrast CISO David Lindner | 05/09/25
Insight No. 1 — Echoes of aspiration, shadows of history for SWFT The Software Fast Track (SWFT) proposal for DoD echoes the aspirations of Memorandum M-24-15 from 2024, yet history suggests a ...
Introducing Mend’s Integration with Microsoft Defender for Cloud
Mend.io now integrates with Microsoft Defender for Cloud, bringing intelligent open source security insights into cloud workflows ...
5 Examples of Dependency Confusion Attacks
Are you still running your package pipeline on default settings and grabbing libraries straight from public repos? Big yikes. That’s rolling out the red carpet for The post 5 Examples of Dependency ...
Understanding the DeepSeek model license: Balancing openness and responsibility
Explore the DeepSeek model license and the potential license compliance implications that come with using it in your applications.The post Understanding the DeepSeek model license: Balancing openness and responsibility appeared first on ...
Mend.io is a Strong Performer in the Forrester Waveâ„¢ Software Composition Analysis, Q4 2024
See why Mend.io is recognized as a Strong Performer in The Forrester Waveâ„¢ Software Composition Analysis (SCA) Q4 2024 report ...
Mend.io & HeroDevs Partnership: Eliminate Risks in Deprecated Package
Announcing an exclusive partnership between Mend.io and HeroDevs to provide support for deprecated packages ...
Strengthening Open-Source Security: Effective and Best Practices
Open-source security requires a multi-faceted approach due to the transparency of open-source software exposing potential vulnerabilities. Malicious actors can target the supply chain to introduce compromised components into open-source projects. Misunderstanding or ...
Software supply chain risk assessment: 8 steps to a secure SDLC
Like any chain, a software supply chain contains many links. These links consist of every actor involved in the development & deployment of your code in The post Software supply chain risk ...
