DEVOPSdigest

Mend.io and HeroDevs have forged a new partnership allowing Mend.io to offer HeroDevs support for deprecated packages.

"This partnership with HeroDevs extends our proactive approach to application security by ensuring our customers' data remains secure against threats targeting end-of-life software," said Vered Shaked, Mend.io's EVP Corporate Development.

Mend.io helps developers keep their applications secure by identifying outdated and vulnerable open-source software packages and by providing recommendations for updating to newer, safer versions. But sometimes those updates don't exist because the packages are no longer supported. Fortunately, HeroDevs provides never-ending support (NES) for deprecated packages, ensuring there's always a safe, updated version available.

Aaron Frost, Founder and CEO at HeroDevs stated,"Combining Mend.io's industry-leading scanning and detection with HeroDevs' Never-Ending Support (NES) products allows engineering and security teams, for the first time in history, the ability to scan, detect, and immediately remediate known vulnerabilities in their end-of-life or deprecated open source, all in one seamless process."

By combining the power of the Mend AppSec Platform with HeroDevs NES, enterprises will benefit from:

- Increased Compliance: Compliance standards like PCI DSS, HIPAA, and GDPR require companies to take measures to protect sensitive data. Hero Devs NES adds extended support to deprecated packages that can leave applications vulnerable to attacks, putting companies out of compliance.

- Saved Time and Money: Manually patching deprecated packages can be a time-consuming and expensive process for developers. HeroDevs NES provides upgrade paths for these packages, accelerating remediation, saving costs, and freeing developers to focus on building new features and delivering value faster.

"This Mend.io-HeroDevs partnership is a model of business synergy," said Mend.io CEO and co-founder Rami Sass. "Our combined capabilities will offer customers a solution superior to what we would offer alone – ensuring that the security of software packages is always up to date even if the software itself is not."