The Resolved Blog

Under the Hood of The Fix Pipeline: From Vulnerabilities to Production-Ready Fixes

A guided tour of the Resolved Security factory floor, where vulnerable packages get tested, production-ready fixes at scale. And yes, we use agentic workflows with humans in the loop to make it happen.

More articles

CVE-2025-12816: Critical Patch for node-forge Security Vulnerability

Learn how Resolved Security fixes the critical CVE-2025-12816 node-forge flaw with a tested one‑click drop‑in patch.

Resolved Security and JFrog Partner to Bring Verifiable Remediation Evidence to the Software Supply Chain

New Resolved–JFrog Evidence integration embeds verifiable remediation metadata into every artifact, ensuring continuous compliance, secure releases, and faster audits.

Autonomous Agents, Autonomous Attacks: The New Battlefield in AppSec

After AI executed most of a global espionage attack, defenders face a new reality - autonomous threats require autonomous defense

Fixes Exist. Why Aren’t We Using Them?

In 2025, open source hit 300,000 vulnerabilities. AI accelerates exploits - but the real crisis is fix consumption. Resolved solves it.

Introducing the Resolved Security Vulnerability Catalog

Discover how the Resolved Security Vulnerability Catalog brings exploit-maturity insights, remediation options and tangible fixes together in one searchable platform.

Resolved Security and Mend.io Partner Up to Bring Automated Open-Source Vulnerability Remediation

Resolved Security and Mend.io partner to automate open-source vulnerability remediation, combining drop-in replacements with Renovate auto-upgrades for faster, compliant fixes.

Resolved Security Joins Wiz Integration Network (WIN)

Technology Partnership Enables Mutual Customers to Reduce Cloud Risk and Remediate Open-source Risk at Scale.

In Praise of Slower Updates

Slow, deliberate updates with secure-by-default secured packages balance stability and security, avoiding regressions while addressing long-lived vulnerabilities.

Resolved Security Demo

Introducing the Resolved Security Dashboard: From Discovery to Remediation in Just a Few Clicks

Resolved Security Dashboard simplifies open source vulnerability management with actionable insights, effortless remediation, and transparent, scalable workflows. Watch the demo before the demo!

The Compliance Era of Vulnerability Management: FedRAMP, PCI DSS, CRA, and Beyond

Navigate vulnerability management and prepare for FedRAMP, PCI DSS, and emerging EU standards like CRA and PLD.

When Exploits Take Minutes, Patching Can’t Take Months

Open source risk is exploding as vulnerabilities outpace growth, AI accelerates exploits, and regulators demand much faster remediation.

When Vulnerability Scoring Fails at Its Only Job: The False Promise of Prioritization

Research on 600 vulnerabilities shows scoring frameworks contradict, miss threats, and overload teams - calling for secure-by-default software.

CVE-2025-7783: Fix the form-data Risk Fast

Learn how Resolved Security fixes the critical CVE‑2025‑7783 form‑data flaw with a tested one‑click drop‑in patch.

Known. Ignored. Exploited

Many breaches start with ignored, fixable open source flaws - real-world examples show how costly that can be.

Think Scanning Your Open Source Makes it Secure? Think Again

How Many Vulnerabilities Are You Ignoring?

Security teams are overwhelmed; prioritization based on CVSS, EPSS, KEV, or LEV isn’t enough—automation and root-cause fixing are essential.

Why Backporting is Your Secret Weapon

Fix vulnerabilities safely with backporting - no risky upgrades. Download our Backporting Blueprint to learn how.

The Hidden Cost of Keeping Up: Why Dependency Upgrades Are So Hard

Upgrading dependencies is risky and frustrating—complicated by breaking changes, weak tests, and transitive dependency nightmares.

The Hidden Security Debt of AI-Generated App Sprawl

GenAI is driving a surge in application creation with hidden risks and dependencies, making automated security at AI-speed essential.

Why Open Source Security Feels Like Mopping an Ocean

Modern software is drowning in open source risk - it's time for a smarter way to stay secure.

Hello World. Meet Resolved Security

We’re a team of longtime friends driven by a shared passion for secure software. Together, we’re taking a fresh look at an age-old challenge.