%term

CVSS 3.1 vs CVSS 4.0: A Look at the Data

Jan 13, 2025 By Aurora Starita In Mend

Like the cost of groceries and everything else, CVSS scores seem to have experienced some inflation recently. CVSS 4.0 promises to be a better calculator of risk than previous iterations of the system, but that’s only true if you use it in its full capacity to calculate your specific risk within your specific environment. Most of us aren’t using it that way.

Read Post

Mend

Read more about CVSS 3.1 vs CVSS 4.0: A Look at the Data

Cybersecurity Challenges in Modern Supply Chains with Cassie Crossley | Secrets of AppSec Champions

Jan 7, 2025 By Mend In Mend

Supply Chain Security: A Complex Web of Risks and Responsibilities The supply chain for a single device involves thousands, potentially millions of people over time. It's far too large a topic to fully grasp everything. I talk daily with folks about hardware specifics, human rights management, materials, chemical makeups and more. It's much more than just the bits and bytes we normally see.

View Video

Mend

Read more about Cybersecurity Challenges in Modern Supply Chains with Cassie Crossley | Secrets of AppSec Champions

What secrets are your container images hiding?

Dec 31, 2024 By Mend In Mend

Amit Chita breaks down container image analysis, which can reduce security scanning time by up to 80% by focusing only on the files that matter.

View Video

Mend

Read more about What secrets are your container images hiding?

CVE-2024-50379: A Critical Race Condition in Apache Tomcat

Dec 19, 2024 By Tom Abai In Mend

Recently, an Apache Tomcat web server vulnerability, tracked as CVE-2024-50378, has been published, exposing the platform to remote code execution through a race condition failure.

Read Post

Mend

Read more about CVE-2024-50379: A Critical Race Condition in Apache Tomcat

Mend.io - Backstage Integration: Bringing Security Insights Where You Need Them

Dec 18, 2024 By Aurora Starita In Mend

Launched as an internal project by Spotify in 2016, Backstage was released under the Apache 2.0 open source license in 2020 to help other growing engineering teams deal with similar challenges. Backstage aims to provide a consistent developer experience and centralize tools, documentation, and services within a single platform.

Read Post

Mend

Read more about Mend.io - Backstage Integration: Bringing Security Insights Where You Need Them

Did you know you could update dependencies automatically with Mend Renovate? #coding #devsecops

Dec 17, 2024 By Mend In Mend

Updating dependencies can be soooo easy.

View Video

Mend

Read more about Did you know you could update dependencies automatically with Mend Renovate? #coding #devsecops

Security's Confidentiality, Integrity and Availability (CIA) Triad - Outdated or Still Relevant?

Dec 17, 2024 By Mend In Mend

Are confidentiality, integrity, and availability still enough, or is it time to evolve our thinking? Join Chris Lindsey and a panel of tech leaders from leading enterprises, for a dynamic discussion on the relevance of the CIA Triad in modern security practices. Chapters: CIA Triad Basics and CVSS Scoring (0:00 - 0:55) Expanded Impact Metrics (0:55 - 2:02) Additional Impact Considerations (2:02 - 2:45) Historical Context and Evolution (3:01 - 3:41) Modern Challenges and Limitations (3:41 - 5:21) Risk-Based Prioritization (5:48 - 6:22) Business Communication Value (6:26 - 8:18)

View Video

Mend

Read more about Security's Confidentiality, Integrity and Availability (CIA) Triad - Outdated or Still Relevant?

Mend AppSec Platform Deep Dive

Dec 16, 2024 By Mend In Mend

Watch Josh Newton demonstrate how the Mend AppSec Platform streamlines security across your codebase and software supply chain. Key Highlights: Intuitive Interface: Experience the ease of navigating the Mend AppSec Platform. Comprehensive Security Coverage: See how the platform addresses a wide range of security vulnerabilities. Seamless Integration: Discover how the platform seamlessly integrates into your existing development workflows. P.S.

View Video

Mend

Read more about Mend AppSec Platform Deep Dive

Exploring Bug Bounty Programs and Pen Testing with Michael Vance from Navient

Dec 9, 2024 By Mend In Mend

Kicking off your hacking journey? Bug bounty programs offer the perfect legal avenue to practice hacking without getting busted! Chapters.

View Video

Mend

Read more about Exploring Bug Bounty Programs and Pen Testing with Michael Vance from Navient

What is code reachability?

Dec 8, 2024 By Mend In Mend

Wait – what is code reachability Let's go back to basics with Amit Chita about decluttering your digital closet in a series of short videos about a subject that's too often overlooked.

View Video

Mend

Read more about What is code reachability?

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CVSS 3.1 vs CVSS 4.0: A Look at the Data

Cybersecurity Challenges in Modern Supply Chains with Cassie Crossley | Secrets of AppSec Champions

What secrets are your container images hiding?

CVE-2024-50379: A Critical Race Condition in Apache Tomcat

Mend.io - Backstage Integration: Bringing Security Insights Where You Need Them

Did you know you could update dependencies automatically with Mend Renovate? #coding #devsecops

Security's Confidentiality, Integrity and Availability (CIA) Triad - Outdated or Still Relevant?

Mend AppSec Platform Deep Dive

Exploring Bug Bounty Programs and Pen Testing with Michael Vance from Navient

What is code reachability?

Monthly Archive

Follow Us