Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”
Sign in
Sign in
or
Create a new account
English
Español
Français
日本語
한국어
About
Categories
Delivery Methods
Solutions
Resources
 Your Saved List Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

Mend AppSec Platform

Mend.io | 1

Reviews from AWS Marketplace

0 AWS reviews
  • 5 star
    0
  • 4 star
    0
  • 3 star
    0
  • 2 star
    0
  • 1 star
    0

External reviews

107 reviews
from G2

External reviews are not included in the AWS star rating for the product.

Sort by
Filter by

    louay n.

Better code.

  • September 26, 2022
  • Review verified by G2

What do you like best about the product?
Scanning for the vulnerabilities is always updated and the research team is doing an amazing job keeping everything up-to-date and not missing any vulnerability.
What do you dislike about the product?
I feel that the dashboard's UI can look nicer and more readable. eg better views, more modern design, easier access to products and related projects with a tree view.
What problems is the product solving and how is that benefiting you?
Security vulnerabilities, avoiding/fixing them to get a more secure product that satisfies the higher-ups and the clients together which increased the business performance

    Information Technology and Services

Effective and easy to use OSS scanning

  • September 12, 2022
  • Review verified by G2

What do you like best about the product?
Scanning is simple with an easy-to-use agent.
Reports are easy to read providing useful insight.
What do you dislike about the product?
The Mend Portal can be slow on occassion.
Some parts of the interface are not as intuitive as they could be.
What problems is the product solving and how is that benefiting you?
I have some maven based build issues. Mend Support is providing effective and swift guidance on how to solve these issues.

    Behrooz K.

Easy to use and fast for getting results

  • September 08, 2022
  • Review verified by G2

What do you like best about the product?
Very easy to set up and make it work. Also very easy to modify the set up and add or remove new repos. I really like the fact that after each merge Mend automatically creates issues associated with each problematic dependency, and those are automatically closed if the issue is resolved.
What do you dislike about the product?
So far there hasn't been any areas that I disliked. I haven't dig deep into the documentation yet, but it was not immediately clear if Mend will automatically assess PRs before merging and add any comments to them.
What problems is the product solving and how is that benefiting you?
The main area we use Mend for right now is analyzing vulnerabilities of the dependencies that we use. In our platform security is very important since we deal with sensitive customer information and their transactions data. We need to make sure the 3rd-party libraries that we use have no known vulnerabilities.

    rahul s.

Great platform and team is always working on improving the product

  • August 30, 2022
  • Review verified by G2

What do you like best about the product?
Overall I feel that Mend is a good platform and what I love most is that they are always working on continued improvements.
Moreover features like prioritize etc make it the best
What do you dislike about the product?
frankly it's a good tool. Still, if i have to list the cons,i would say .so , .a file types support should be added. Also, prioritize should include support for more and more package maangers .
What problems is the product solving and how is that benefiting you?
all our deployment compliance, license violation issues, library management, vulnerability management , in house patterns/libraries and policy violation are trusted to Mend .

    Accounting

Rocky Implementation with Reliable Vulnerability Management

  • August 26, 2022
  • Review provided by G2

What do you like best about the product?
Mend has timely support through their portal and sales rep which has been very helpful. Their newest documentation is overhauled which is a huge plus compared to their previous WhiteSource documentation. Their vulnerability management has timely alerts, a wealth of information on findings and integrations.
What do you dislike about the product?
Implementation was challenging even with technical support. We were unable to effectively get the unified agent configuration working even though we had this 5 months prior in a POC. We opted to go for Azure integration which worked easily out of the box (a plus) but is a bit limited in scope for how we handled effective vulnerabilities.

Reporting is lacking especially when using the tool as a compliance/inventory management process. Risk acceptance lasts indefinitely rather than a threshold e.g. 90 days / 360 days.
What problems is the product solving and how is that benefiting you?
We primarily use Mend for automated static code analysis of our open-source development projects. THe product solves our vulnerability management gap with open-source solutions and is used to solve as a list of approved libraries.

    Financial Services

A very promising security product and business line

  • August 25, 2022
  • Review provided by G2

What do you like best about the product?
The simplicity of scanning
The simplicity of the GUI and able to drill down into where exactly a particular library is fetched from
Ability to download reports and more meaningful reports as compared to other products (Snyk, CodeClimate)
What do you dislike about the product?
The complexity in scanning different technologies and educating developers how to scan their code and read their dashboards
Sometimes, downstream dependencies are displayed (false positives) , it is extremely hard for engineers to figure out the tree maps and fix the problematic lines of code
The "Requires Review" section is very wide and demands the review and sign off from different departments like developer+devops+Management. But the GUI does not support this in a user friendly way.
When we mark a library "in-house" or try to "whitelist it" it becomes permanently marked as such instead of allowing us to revisit it.
What problems is the product solving and how is that benefiting you?
The problem of knowing what are the OSS bundled into our source code
Developers urgently reference libraries to develop features without much focus on static application security, as admins we are able to capture those early in SDLC

    Security and Investigations

SAST SCA scanning in good budget

  • August 08, 2022
  • Review verified by G2

What do you like best about the product?
The scan results are pretty accurate and explained in a very good way. We can raise an issues on their support portal which is providing responses to our cases in a quick time.
What do you dislike about the product?
They are yet to merge their SAST and SCA portals which is important.
Their support is missing a chat feature which is important in case of urgent issues.
Documentation should be improved.
What problems is the product solving and how is that benefiting you?
Mend is scanning our source code as well as the libraries and providing us the list of vulnerabilities present in our source code or libraries where we need to improve and produce a better product.

    Meer T.

Secure your projects with Mend

  • July 25, 2022
  • Review provided by G2

What do you like best about the product?
The best thing is the security and easy to use. The mend bot offers couple of qualities to protect your projects against several security protocols warnings. It is very helpful.
What do you dislike about the product?
To be honest there's only one thing which i dislike about this great bot is limitation of free account, you will only get limited scans for free account which needs to be increased.
What problems is the product solving and how is that benefiting you?
Mend bot is very intelligent and i helped me with all dependencies and unknown random files issues and give me overall issue report to customize the threat. Very useful.

    Aditya G.

Mend : A Useful Dependency Management Tool

  • July 14, 2022
  • Review provided by G2

What do you like best about the product?
Scanning the Dependencies in the Project for Vulnerabilities is a really efficient feature. It keeps track of various dependencies across repositories and also suggests the upgraded version for dependencies to fix the Vulnerabilities. Integration with Gitlab Runners and CI/CD Pipelines has made the process seamless.
What do you dislike about the product?
It sometimes shows invalid vulnerabilities, even when the Dependency version has been upgraded.

Integration and Setup for a complex project and multiple subprojects with Gitlab Repository isn't simple and could be tedious.
What problems is the product solving and how is that benefiting you?
It's helpful in keeping track of the versions of various dependencies and libraries being used. It's really beneficial in keeping the applications secure from vulnerabilities.

    Johannes B.

Great Tool for Managing 3rd party libraries

  • June 13, 2022
  • Review verified by G2

What do you like best about the product?
Mend eases the process of keeping track of all the used 3rd party dependencies within a product. It not only scans for the pure occurrence (also transitively) but takes also care of license and vulnerabilities.
What do you dislike about the product?
In the beginning, it is a steep learning curve to configure the tool and integrate it into custom pipelines. With the help of a succeess manager, this also works out. Since the usage of renovate, we have up-to-date libraries across all our projects, but not all versions are known immediately by the dashboard.
What problems is the product solving and how is that benefiting you?
Mend helps you to track which libraries are used within a piece of software. It keeps track of the vulnerabilities and also keeps track of the license. With single clicks, you can generate the necessary license overview and ensure the vulnerability state of your application.

showing 31 - 40