Mend.io Supply Chain Security

Discover how encrypted JSON files are being used to hide malicious code. Learn about the latest security findings and how to protect your apps.

Learn about the 3 critical best practices of software supply chain security to protect your organization from malicious packages.

Discover how Mend Supply Chain Defender integrates with JFrog Artifactory to block malicious software threats in your code base.

Mend, formerly WhiteSource, focuses on automating application security with a remediation-first approach for open source and custom code.

Discover the NIST Supply Chain Risk Management Program.. Learn how to manage cybersecurity risks in digital supply chains effectively.

Learn why automated software supply chain attacks are a growing threat. Discover how to protecting your org from malicious NPM packages.

Understand the types of Ruby supply chain attacks. Learn the best practices for preventing supply chain security risks in your Ruby projects.

Learn how to implement software supply chain risk management to safeguard your critical assets. Discover best practices, & more.

Popular JavaScript library ua-parser-js was compromised via account takeover, releasing malicious versions.

Discover how Zero Trust can help mitigate supply chain risks and enhance your software security.

Stay updated on supply chain security with our blog post on the vulnerability in Composer. Learn how the issue was detected and fixed.

Learn how to secure your package manager’s lockfiles to protect your application from supply chain risks and ensure version consistency.

Discover key takeaways from The Forrester Wave™ Software Composition Analysis, Q3 2021 report.

Learn how external resources in packages can threaten your supply chain security, & discover ways to mitigate these risks to protect your org.

Celebrate Pride with Mend’s favorite LGBTQ+ open source projects and programs. Join the movement for equality & inclusivity in tech comunity

Research reveals over 100,000 libraries affected by Maven vulnerability CVE-2021-26291. Learn about the risks, fixes, and implications.