Sunday, July 14, 2024
PRN INDIA Announces Integration of Crowdsourced Renovate Data to Reduce Open Source Attack Surface Risk Up to 80 Percent
  SocialTwist Tell-a-Friend  

Mend SCA now enables full automation of high-confidence open-source updates without 'breaking the build'

TEL AVIV, Israel and BOSTON, June 5, 2023 /PRNewswire/ --, a leader in application security, today announced the integration of crowdsourced data from Mend Renovate, its popular open source dependency update automation tool with more than one billion Docker pulls, with Mend SCA. The enhancement automates code dependency updates at unprecedented rates. This will help organizations to dramatically lower application security risk, keep software components up to date, and confidently merge updates to ensure fast, reliable, and sustainable application development and deployment. Recently positioned by Gartner as a Visionary in the 2023 Magic Quadrant for Application Security Testing*, will showcase this new capability at the Gartner Security & Risk Management Summit 2023, June 5-7, at booth #1155.  

The trend toward more, smaller open-source software packages and more frequent updates has resulted in a backlog of vulnerabilities that security teams struggle to manage manually, even for minor and patch updates with high compatibility. From a security perspective, more than 85 percent of vulnerabilities already have a fix available before they are published in the National Vulnerability Database (NVD). Yet the majority of organizations struggle to update to newer, patched versions. As they linger, older vulnerabilities can become more dangerous and more easily exploited. In 2021, three out of every four attacks were launched through vulnerabilities that were at least four years old.

While it's easier than ever to scan applications and find out-of-date or vulnerable components, making the necessary updates is what matters. Now, Mend SCA has a way to automate remediation of high-confidence updates to reduce security debt without breaking the build.

"This is a North Star aligned achievement for We are proud to introduce capabilities to proactively update the code base to make it less vulnerable," said Rami Sass, CEO of "By leveraging Renovate data in this way, we enable levels of automation that are simply not possible to achieve with other tools in the market."

Mend SCA takes a unique, preventative approach to application security, automating dependency updates to reduce security debt without the need for manual effort.

Using data gathered from over 25 million dependency updates tracked by Renovate, Mend SCA can determine which updates are likely to break a build, enabling teams to confidently deploy changes without slowing the development pipeline. provides this automation via its proprietary confidence algorithms from crowdsourced Renovate data. Confidence is based on three factors:

  • Did the update pass tests without breaking builds?
  • How old is the update?
  • How widely adopted is it?

Join at the Gartner Security & Risk Management Summit will discuss its preventative approach to application security leveraging Mend Renovate data at the Gartner Security & Risk Management Summit 2023, booth #1155, June 5-7. Additionally, Sam Quakenbush, senior director of field innovation and strategy at, will speak on open source software security best practices.  

Title: Effective SBOMs and Beyond: How to Create a Best-In-Class Open Source Security Program

Abstract: Applications are now the number-one attack vector. Open source software now comprises more than 70 percent of most applications. Supply chain attacks increased 650 percent from 2020 to 2021. If you don't already have an effective open source security program, you need to get one. Learn best-in-class programs and processes to reduce your attack surface, detect malicious open source packages, and respond quickly and with ease to the next Log4j-style announcement.

When: Monday, June 5th, 1:55 - 2:15 p.m.
Where: Theater 4

About, formerly known as WhiteSource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks. With a proven track record of successfully meeting complex and large-scale application security needs, is the go-to technology for the world's most demanding development and security teams. The company has more than 1,000 customers, including 25 percent of the Fortune 100, and manages Renovate, the open source automated dependency update project. For more information, visit, the blog, and on LinkedIn and Twitter.

* Gartner, "Magic Quadrant for Application Security Testing," Authors Dale Gardner, Mark Horvath, Dionisio Zumerle, [17th  May 2023].

CONTACT: Crystal Monahan,

Cision View original content:

More News by PR Newswire India


Kushal's Fashion Jewellery Festive Collection, adorned by Tara Sutaria, beautifully combines glamour and elegance

Unilumin Group Signed an Agreement with Saudi Arabia in the Third Belt and Road Forum for International Cooperation

Transport Corporation of India Ltd. (TCI Group) has been recognized as a Maritime Excellence Achiever at GMIS 2023 by The Ministry of Ports, Shipping & Waterways on 19th October 2023

Bitget Introduces 'Futures Quant' With AI Features

Bitget's Q3 Growth: Second-Highest Market Share Surge and Record High for BGB Holders

HarperCollins Publishers India is proud to announce the publication of SPREADING JOY: How Joyalukkas Became the World's Favourite Jeweller by Joy Alukkas with Thomas Scaria and Nidhi Jain

Go Global or Go Home: New Report Reveals Companies Lacking Global Presence Will Lose Growth Opportunities

MOVIN rolls out the second phase of Electric Vehicles in Bengaluru paving the way for greener deliveries in logistics

Motilal Oswal Financial Services Ltd. (MOFSL) launches #CorporateMushaira, an audio-first campaign for the World Investor Week

UBBF 2023 Intelligent IP Network Summit in Dubai an Impressive Success

Placing Them Right: IBS Path to MBA Career Success

HDFC ERGO reiterates its commitment on making health insurance Accessible, Affordable and Convenient with launch of 6 new products and 2 service upgrades

capSpire expands its global footprint with entry into the Singapore market

GTPL Hathway records its highest quarterly revenues from operation

CCTV+: International reporters experience the romance and vitality of Hangzhou, China

STL expands its Enterprise Networking solution portfolio with Estelan

Mantittude: Skincare for Men encourages men to unleash their inner 'Pataka' this Diwali

The 134th Canton Fair Opened with Optimized Structure and Upgraded Scale


Ugreen unveils power solutions and personal data storage at the Gitex Trade Show in United Arab Emirates.

Meridean Overseas Education Consultants Announces Half-Day Leave to Celebrate India vs. Pakistan Cricket Match

Xinhua Silk Road: Huai'an, UNESCO creative city of gastronomy, explores innovative dev. of food industry via premier regional food expo

Xinhua Silk Road: Fengxin County in E. China's Jiangxi celebrates bountiful harvest of kiwifruit

Casio to Release G-SHOCK Watches with Shining Metallic-Colored Dials

UEG Week 2023 : Babies with a low birthweight four times more likely to develop fatty liver disease in later life

CGTN: Diffusion of tea and its culture along the Silk Road

NEOM announces Leyja, its latest sustainable tourism destination

Expand North Star 2023 kicks off in Dubai gathering game-changing start-ups to accelerate on global stage

World Health Summit kicks off in Berlin

Hexaware Technologies announces new office in Dehradun to bolster its global delivery network

Chinese automotive industry has overtaken to supercars

Participants of the Made in Russia business mission to India held more than 150 negotiations with local importers and distributors

Rummy Passion Raises the Bar: Instant Withdrawals Now Available for All Tiers

Maharashtra: Luxury car used by controve...
Violence erupts in Tripura: Homes and sh...
Tripura CM Saha calls for unity, discipl...
Assam CM takes stock of progress of Jong...
J-K: Polyhouse farming revolutionizes cr...
UGC-NET paper leak: DU says no plans for...
 Top Stories
'Political violence is never accept... 
PM Modi poses with Mukesh Ambani, N... 
Pune Police issues show cause notic... 
Siddharth Anand, Mahaveer Jain team... 
Priyanka Chopra reunites with daugh... 
Mizoram Police seizes drugs worth R... 
'Aaja yaar': Mom-to-be Richa Chadha... 
US: Gunman who shot Donald Trump at...