Introducing G2.ai, the future of software buying.Try now
Compare Mend.io and Semgrep 
Featured Products
Sponsored
You’re seeing this ad based on the product’s relevance to this page. Sponsored content does not receive preferential treatment in any of G2’s ratings.
Endor Labs
Visit Website
Sponsored
You’re seeing this ad based on the product’s relevance to this page. Sponsored content does not receive preferential treatment in any of G2’s ratings.
Aikido Security
Visit Website
Sponsored
You’re seeing this ad based on the product’s relevance to this page. Sponsored content does not receive preferential treatment in any of G2’s ratings.
CAST Highlight
Visit Website
At a Glance
Market Segments
Small-Business (39.0% of reviews)
Enterprise (47.2% of reviews)
Entry-Level Pricing
No pricing available
Starting at $40.00 1 contributor Per Month
Mend.io
Star Rating
(112)4.3 out of 5
Market Segments
Small-Business (39.0% of reviews)
Pros & Cons
Entry-Level Pricing
No pricing available
Learn more about Mend.ioSemgrep
Star Rating
(54)4.6 out of 5
Market Segments
Enterprise (47.2% of reviews)
Pros & Cons
Entry-Level Pricing
Starting at $40.00 1 contributor Per Month
Free Trial is available
Learn more about SemgrepSummary
AI Generated Summary
AI-generated. Powered by real user reviews.
- Users report that Mend.io excels in its Quality of Support with a score of 8.7, while Semgrep also performs well at 9.2, but reviewers mention that Mend.io's support team is particularly responsive and helpful during critical issues.
- Reviewers mention that Semgrep shines in Ease of Setup with a score of 9.6 compared to Mend.io's 8.1, indicating that users find Semgrep's installation process straightforward and user-friendly.
- G2 users highlight that Mend.io has a strong focus on Security Auditing with a score of 9.0, while Semgrep's score is not specified, suggesting that Mend.io may offer more robust features in this area, which is crucial for compliance and risk management.
- Users on G2 report that Semgrep outperforms Mend.io in Static Code Analysis with a score of 9.2 versus Mend.io's 8.2, indicating that Semgrep provides more comprehensive insights into code vulnerabilities.
- Reviewers mention that Mend.io's Risk Scoring feature, rated at 8.1, is beneficial for prioritizing vulnerabilities, but Semgrep's overall functionality in this area is not as highlighted, suggesting a potential gap in risk assessment capabilities.
- Users say that Semgrep's Documentation is particularly well-received, contributing to its ease of use with a score of 9.3, while Mend.io's documentation is rated lower, indicating that users may find it less intuitive or comprehensive.
Pricing
Entry-Level Pricing
Mend.io
No pricing availableSemgrep
Semgrep Code, Supply Chain, and Secrets Detection
Starting at $40.00
1 contributor Per Month
Extensible AppSec for growing teams. Choose from Code (SAST), Supply Chain (SCA), and Secrets Detection to eliminate noise out of the box, streamline developer workflows, and give security teams full visibility.
- Choose from SAST, SCA, and Secrets Detection
- Pro Rules and cross-file analysis
- AI Assistant
Free Trial
Mend.io
Free Trial is available
Semgrep
Free Trial is available
Ratings
Meets Requirements
8.6
81
8.8
48
Ease of Use
8.3
82
9.1
49
Ease of Setup
8.1
50
9.4
36
Ease of Admin
8.2
50
9.1
22
Quality of Support
8.7
67
8.8
43
Has the product been a good partner in doing business?
8.8
46
9.6
22
Product Direction (% positive)
8.6
75
9.2
45
Features by Category
Administration
7.6
7
9.0
18
7.7
8
8.2
17
Analysis
7.3
11
8.4
19
7.6
11
9.1
21
8.2
11
9.4
21
7.6
11
9.1
21
Testing
7.2
10
8.7
20
Feature Not Available
Feature Not Available
7.2
9
Feature Not Available
7.7
10
7.7
17
Feature Not Available
7.5
18
7.4
9
8.1
19
5.0
9
7.3
21
Agentic AI - Static Application Security Testing (SAST)
Not enough data
7.9
11
Dynamic Application Security Testing (DAST)Hide 13 FeaturesShow 13 Features
Not enough data
Not enough data
Administration
Not enough data
Feature Not Available
Not enough data
Feature Not Available
Analysis
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Testing
Not enough data
Feature Not Available
Not enough data
Feature Not Available
Not enough data
Feature Not Available
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Administration
8.3
7
Not enough data
8.6
7
Not enough data
9.1
9
Not enough data
8.0
10
Not enough data
Monitoring
8.1
6
Not enough data
Feature Not Available
Not enough data
Feature Not Available
Not enough data
Protection
7.9
8
Not enough data
Feature Not Available
Not enough data
Feature Not Available
Not enough data
Feature Not Available
Not enough data
Performance
Not enough data
8.2
12
Not enough data
8.0
11
Not enough data
8.0
11
Not enough data
9.0
10
Network
Not enough data
8.5
10
Not enough data
7.8
10
Not enough data
8.0
10
Application
Not enough data
Feature Not Available
Not enough data
8.9
11
Not enough data
8.5
11
Agentic AI - Vulnerability Scanner
Not enough data
6.9
6
Not enough data
7.5
6
Functionality - Software Composition Analysis
8.5
45
8.4
18
8.5
47
8.2
18
8.6
44
8.5
18
Effectiveness - Software Composition Analysis
8.2
45
8.5
18
8.8
44
8.3
18
8.6
45
8.3
18
Documentation
Not enough data
8.9
19
Not enough data
9.3
20
Not enough data
8.2
20
Security
Not enough data
7.4
21
Not enough data
7.9
17
Not enough data
8.9
17
Functionality - Software Bill of Materials (SBOM)
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Management - Software Bill of Materials (SBOM)
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Agentic AI - Static Code Analysis
Not enough data
7.7
10
Not enough data
7.6
9
Not enough data
7.7
10
Performance - AI AppSec Assistants
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Integration - AI AppSec Assistants
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Interactive Application Security Testing (IAST)Hide 1 FeatureShow 1 Feature
Not enough data
Not enough data
Agentic AI - Interactive Application Security Testing (IAST)
Not enough data
Not enough data
Categories
Categories
Shared Categories
Mend.io and Semgrep are categorized as Software Composition Analysis and Static Application Security Testing (SAST)
Unique Categories
Mend.io is categorized as Container Security and Software Bill of Materials (SBOM)
Reviews
Reviewers' Company Size
Mend.io
Small-Business(50 or fewer emp.)
Mid-Market(51-1000 emp.)
Enterprise(> 1000 emp.)
Semgrep
Small-Business(50 or fewer emp.)
Mid-Market(51-1000 emp.)
Enterprise(> 1000 emp.)
Small-Business
(50 or fewer emp.)
Mid-Market
(51-1000 emp.)
Enterprise
(> 1000 emp.)
Reviewers' Industry
Computer Software
33.3%
Information Technology and Services
14.3%
Financial Services
6.7%
Telecommunications
4.8%
Computer & Network Security
4.8%
Other
36.2%
Information Technology and Services
24.5%
Computer Software
20.8%
Financial Services
15.1%
Manufacturing
5.7%
Semiconductors
5.7%
Other
28.3%
Discussions
What is a contributing developer?
1 Comment
Official Response from Mend.io
“Contributing Developer” means any employee or contractor who at any point (1) accesses or uses the WhiteSource product; (2) develops the code to be scanned...Read more
Do you offer an on-premise option?
1 Comment
Official Response from Mend.io
WhiteSource is a cloud-based service, but we also offer an on-premise option, if necessary. It’s important to emphasize that we do not scan your code. We...Read more
Why are you pricing per contributing developers?
1 Comment
Official Response from Mend.io
WhiteSource automates and manages open source components throughout the Software Development Life Cycle (SDLC). Therefore, pricing based on the number of...Read more
Semgrep has no discussions with answers
Hunting for software insights?
With over 3 million reviews, we can provide the specific details that help you make an informed software buying decision for your business. Finding the right product is important, let us help.
