Overview
Product Information on Mend
What is Mend?
Mend Pricing
Overall experience with Mend
“A Strong Partner in Application Security”
“Capable SCA platform, somewhat hampered by poor load visibility and inflexible migration path to later version”
About Company
Company Description
Mend.io, previously known as WhiteSource, focusses on building high-grade Application Security (AppSec) programs which aim to mitigate risk while accelerating development. Leveraging cutting-edge automated technology, the company offers protection against threats associated with supply chains, malicious package attacks, and vulnerabilities found in both open source and custom code. Additionally, Mend.io addresses potential risks linked to open-source licenses. The firm is recognized for its record of satisfying complex, large-scale application security demands and is therefore chosen by numerous demanding development and security teams across the globe. Additionally, Mend.io administrates the automated dependency update project, Renovate.
Company Details
Do You Manage Peer Insights at Mend.io?
Access Vendor Portal to update and manage your profile.
Key Insights
A Snapshot of What Matters - Based on Validated User Reviews
Top Mend Alternatives
Peer Discussions
Mend Reviews and Ratings
- IT Security & Risk Management Associate1B-10B USDSoftwareReview Source
A Strong Partner in Application Security
We have chosen to give a 4-star rating to Mend as it has become a foundational component of our AppSec Governance program. The platform is highly effective at "shifting left," allowing our multifarious teams to identify and remediate vulnerabilities in both open-source dependencies (SCA) and custom code (SAST) within the development lifecycle. We particularly value the reachability analysis, which helps us prioritize exploitable vulnerabilities and reduce developer fatigue. The primary reason for a 4-star rather than a 5-star rating is that we have encountered some scalability challenges owing to the sheer volume of projects and the complex nature of the environment of a global enterprise that grows through M&A. At our scale, we found that certain UI and reporting features required additional tuning to maintain performance. However, it is important to note that in every instance where we have faced such hurdles, the Mend team has been exceptionally quick to respond and remediate the issues. Their technical support and engineering teams have acted as true partners, working closely with us to optimize the platform for our specific needs. While we must emphasize that our use case is niche, the quality of their partnership and the effectiveness of their core security engine make them a top-tier choice for any serious AppSec initiative. We are confident that had we been completing this in 12-24 months time, 5-stars would be given.



