Mend.io Pros and Cons

Enhances the application security and it's relatively easy to use and integrate. Review collected by and hosted on G2.com.

it might be helpful to separate pricing for each product Review collected by and hosted on G2.com.

an easy-to-use and helpful tool for checking auto-updates and dependencies. Review collected by and hosted on G2.com.

not quite a good integration and is a bit too pricy. Review collected by and hosted on G2.com.

I really like the ability to integrate the tooling directly into our source code repository. This allows us to scan hundreds of repositories without needing to configure each of them separately. Onboarding is simple and the updated user interface is attractive and easy to use. Review collected by and hosted on G2.com.

SAST capabilities are new and still maturing. Documentation is good, but could use some improvement. Review collected by and hosted on G2.com.

The most helpful feature in Mend.io is the Prioritize feature. It is a fast scan that checks if a vulnerability is reacheable by your code. So you can fix the vulnerabilities that trully affects your application Review collected by and hosted on G2.com.

I miss some kind of PoC for the CVEs that mend identifies. Some times it's hard to verify if the vulnerability is a true positive Review collected by and hosted on G2.com.

One of the strengths of Mend.io lies in the simplicity of integrating their unified agent into our Continuous Integration pipeline. This streamlined process, with its commendable support system and verbose documentation, has reduced setup times. We're now efficiently detecting open-source license violations. Coupled with the integration with JIRA, it ensures that open vulnerabilities are promptly and systematically recorded, streamlining our response and tracking processes. Review collected by and hosted on G2.com.

While the platform functions efficiently, there's scope for modernising the user interface. It would be beneficial to see Mend.io adopt a more contemporary design. However, it's worth noting that this aesthetic aspect doesn't detract from the product's overall usability. Review collected by and hosted on G2.com.

Easy to use. Helpful. Support is very responsive. Review collected by and hosted on G2.com.

Needing to report to the security team that doesn't understand software. Review collected by and hosted on G2.com.

It's scanning capabilities are more than useful. CSM and support teams are really helpful and reactive. Review collected by and hosted on G2.com.

Its integration with on-premise tools can be challenging. Review collected by and hosted on G2.com.

It is easy to navigate and to find vulnerabilities and violations. Review collected by and hosted on G2.com.

I know there is a newer version coming, but it could have a bit more functionality. Review collected by and hosted on G2.com.

Mend is one of the good tool and we can use the tool SCA, SAST and container scans and results are good compared to other tools Review collected by and hosted on G2.com.

More false positives, difficult intagration, lot of issue in scanner updations and configuration Review collected by and hosted on G2.com.

Mend has several strengths. First, the company behind it is relatively transparent, helpful, and straightforward. I appreciated that they didn't oversell the product the way several competitors did. The software integrates nicely with Microsoft development tools. Customer support is good and responsive as well. Review collected by and hosted on G2.com.

This isn't really a knock, but as a point in time, they are integrating the SCA and the, I think, acquired SAST solutions together into a common platform. Obviously, that's a large effort, and once that is done, it will be even better. Review collected by and hosted on G2.com.