Overview
Product Information on Mend
What is Mend?
Mend Pricing
Overall experience with Mend
“Mend Shows a Genuine Commitment to Implementing User Feedback and Needs”
“Security Governance”
About Company
Company Description
Mend.io, previously known as WhiteSource, focusses on building high-grade Application Security (AppSec) programs which aim to mitigate risk while accelerating development. Leveraging cutting-edge automated technology, the company offers protection against threats associated with supply chains, malicious package attacks, and vulnerabilities found in both open source and custom code. Additionally, Mend.io addresses potential risks linked to open-source licenses. The firm is recognized for its record of satisfying complex, large-scale application security demands and is therefore chosen by numerous demanding development and security teams across the globe. Additionally, Mend.io administrates the automated dependency update project, Renovate.
Company Details
Do You Manage Peer Insights at Mend.io?
Access Vendor Portal to update and manage your profile.
Key Insights
A Snapshot of What Matters - Based on Validated User Reviews
Reviewer Insights for: Mend
Performance of Mend Across Market Features
Mend Likes & Dislikes
The usability of the tool was solid from the start and every iteration or release we've seen has been a huge improvement over the previous version. We started using Mend as just an SCA tool but slowly began consuming other features and products as they were available as it was clear it matched our needs.
Visibility into our security footprint. Provides a simple solution to manage open source components.
Scanning is quite fast and gives fast results. We can suppress vulnerabilities if they seem false positives. The UI is user-friendly. We can integrate the scanning into Jenkins which makes it easier to scan. Repository integration is also quite helpful. Container scanning is also a helpful feature, but we have yet to explore it.
While the documentation has improved quite a bit, we have struggled to find what we need sometimes or they've been slightly different from the current release. Luckily support has been excellent so any time we're unsure, they've been able to steer us in the right direction but having a bit more consistent documentation available for self-serve would reduce our dependency on their support.
Cannot customize I would like the identified bugs assigned and have SLA's defined through any incident management tool like ServiceNow
Sometimes the support team takes more time to revert to the issue. Sometimes the mend cli behaves weirdly and takes a long time to scan. Sometimes, suppressed vulnerabilities will come as vulnerabilities in scan results. Ruby scanning takes a long time to scan.
Top Mend Alternatives
Peer Discussions
Mend Reviews and Ratings
- Technical Manager50M-1B USDSoftwareReview Source
Mend Shows a Genuine Commitment to Implementing User Feedback and Needs
While many vendors in this space offer the same features and capabilities, Mend stood out with their willingness to find a solution that worked for us. No product is perfect but they took any feedback we had and directly implemented it into the product. - IT Manager<50M USDBankingReview Source
Best tool for implementing SAST and SCA.
We had a great time setting up a mend for our source code quality and library scanning. Scanning the code is also quite easy and takes less time to scan. They are now merging SAST UI and SCA UI, making it easier for us. - Chief Technology Officer<50M USDSoftwareReview Source
Maximizing Security With Mend in Healthcare: An Inside View
Our overall experience has been very positive. Given that our products are HIPAA compliant within the healthcare space, we are vigilant on ensuring that we are dealing with any security concerns with open source products. Mend does a great job of scanning our code and highlighting any vulnerabilities and recommended solutions. - Software Engineer50M-1B USDServices (non-Government)Review Source
Mend's Commitment to Client Success Through Weekly Consultations
Mend has been very engaging along the setup journey. They have facilitated weekly meetings to ensure the product was setup properly. They even opened support tickets for us whenever any issues popped up. - Principal Engineer (DGM)50M-1B USDSoftwareReview Source
Leveraging Hybrid SCA solutions to ensure security complicance and scalability
We are satisfied with the overall product quality which meets our current needs for SCA across multiple technologies. The vendor team has been exceptional, providing prompt customer support and a very positive experience.