Mend.io AppSec Platform
Mend.ioExternal reviews
109 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Bootstrapping startup that will go the extra mile for service
What do you like best about the product?
My favorite part about whitesource is that their product is modern. Unlike the competitors, whitesource software is built with modern frameworks and CI platforms in mind. They don't assume you have a server closet or that your entire office runs windows XP :)
What do you dislike about the product?
I don't really have any complaints. They are growing which means some features are still being built-out. But any time I have had a problem, whitesource has gone the extra mile to provide a work-around or solution. So it's not really a big deal.
What problems is the product solving and how is that benefiting you?
We are trying to make sure we respect all open-source contributors and authors by respecting their licenses. And Whitesource does a great job of helping us do that. Beyond that we get the added benefit of security scans and automated alerts from their system, as well as our CI.
We would eventually like to enact some policies using whitesource so that we can find and correct license issues long before production. I haven't gotten into the policy side of whitesource too much, but it seems pretty straightforward. And I know they plan to continue expanding that.
We would eventually like to enact some policies using whitesource so that we can find and correct license issues long before production. I haven't gotten into the policy side of whitesource too much, but it seems pretty straightforward. And I know they plan to continue expanding that.
Recommendations to others considering the product:
Really dig in to whether or not these companies support your stack. We wasted a lot of time looking into companies that knew very well that their software didn't even work with our tech-stack. Their plan was to get you to sign a contract and then bully you into professional services.
With whitesource, run a trial. Take a sample collection of code and scan it. Have them show you the interface and play with the demo. It is such a great experience and you'll find out right in the beginning how well they fit.
Past this, it's very easy to expect a software package like this to do all these tiny little things. But once you get into it, you realize you don't actually care about half of it. So really think about what's important to you in this process and you can save a lot of time.
Also, remember that the folks at whitesource do this for a living. So if you don't understand something, or want to know how other companies handle a certain problem... ask whitesource! They have a great level of experience and could even save you a lot of time and money guiding you to the right answer.
With whitesource, run a trial. Take a sample collection of code and scan it. Have them show you the interface and play with the demo. It is such a great experience and you'll find out right in the beginning how well they fit.
Past this, it's very easy to expect a software package like this to do all these tiny little things. But once you get into it, you realize you don't actually care about half of it. So really think about what's important to you in this process and you can save a lot of time.
Also, remember that the folks at whitesource do this for a living. So if you don't understand something, or want to know how other companies handle a certain problem... ask whitesource! They have a great level of experience and could even save you a lot of time and money guiding you to the right answer.
Great Product to identify OpenSource violations & Vulnerabilities
What do you like best about the product?
Ease of use
Ease of integration
Meaningful reports
Customer Support
Ease of integration
Meaningful reports
Customer Support
What do you dislike about the product?
Documentation: Need more documentation
Support for new file types
Support for new file types
What problems is the product solving and how is that benefiting you?
Identifying and remediating Open Source we use in the product
Fixing Vulnerabilities
Getting Compliant
Fixing Vulnerabilities
Getting Compliant
showing 111 - 112