%term

The latest News and Information on Application Security including monitoring, testing, and open source.

Pen Test Results Dropping? Here's Why (And How to Fix It!) #cybersecurity #bountyprograms

May 20, 2025 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about Pen Test Results Dropping? Here's Why (And How to Fix It!) #cybersecurity #bountyprograms

Understanding SBOM Standards: A Look at CycloneDX, SPDX, and SWID

May 20, 2025 By Mackenzie Jackson In Aikido

Modern applications are no longer giant monoliths, they are a collection of micro services, open-source components, and third-party tools. But this makes it very difficult to actually understand the insides of our applications, particularly when you consider that our open-source dependencies also have open-source dependencies! The Software Bill of Materials (SBOM) plays a key role here. SBOMs provide a detailed inventory of all software components.

Read Post

Aikido

Read more about Understanding SBOM Standards: A Look at CycloneDX, SPDX, and SWID

Vibe check: The vibe coder's security checklist

May 19, 2025 By The Aikido Team In Aikido

If it’s worth building, it’s worth securing. Vibe coding has been generating a lot of buzz. While automating and coding with AI isn’t new, vibe coding holds the promise of democratizing software development: simply describe what you want in natural language and let the LLM do the rest.

Read Post

Aikido

Read more about Vibe check: The vibe coder's security checklist

Why You Can't "SAST" Your Way Through AI Security #AppSec #LLMs #CloudSecurity #Cybersecurity

May 19, 2025 By Mend In Mend

AI apps break the traditional rules of application security. Here’s why: AI is cloud-native from day one. That means you’ve got runtime risk before your app even launches. Static analysis (SAST) doesn’t cut it. You can’t predict risk from just looking at code. AI models are just vectors. You need new methods.

View Video

Mend

Read more about Why You Can't "SAST" Your Way Through AI Security #AppSec #LLMs #CloudSecurity #Cybersecurity

CrowdStrike Falcon Application Security Posture Management (ASPM)

May 16, 2025 By CrowdStrike In CrowdStrike

Falcon ASPM extends visibility beyond endpoints and cloud to automatically prioritize the most impactful risks in custom applications. Contact us to learn how you can find threats faster with Falcon Cloud Security.

View Video

CrowdStrike

Read more about CrowdStrike Falcon Application Security Posture Management (ASPM)

Ethical Hackers & Bug Bounty: Our Security Journey #applicationsecurity #cybersecurity

May 16, 2025 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about Ethical Hackers & Bug Bounty: Our Security Journey #applicationsecurity #cybersecurity

Splunk Delivers Unified Security and Observability to Protect Applications

May 15, 2025 By Kashyap Merchant In Splunk

Bring application and security teams together with end-to-end application threat detection and response—right inside Splunk.

Read Post

Splunk

Read more about Splunk Delivers Unified Security and Observability to Protect Applications

Unlocking Security: Why Bug Bounty Programs Are a MUST-HAVE #bugbounty #cybersecurity

May 15, 2025 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about Unlocking Security: Why Bug Bounty Programs Are a MUST-HAVE #bugbounty #cybersecurity

Hackers REVEALED: The TRUTH About Bug Bounty Programs #cybersecurity #bugbounty

May 14, 2025 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about Hackers REVEALED: The TRUTH About Bug Bounty Programs #cybersecurity #bugbounty

5 SAST Purchasing Tips That Actually Maximize ROI

May 14, 2025 By Mend In Mend

Following these 5 tips when purchasing a SAST tool will save you headaches and regrets. A flashy demo or “industry-leading” badge doesn’t mean much if the tool doesn’t work for your code, your developers, or your workflow. This short video covers 5 things every AppSec or engineering team should consider before signing on the dotted line. Because choosing the wrong tool won’t just cost you budget, it’ll cost you trust.

View Video