The G2 on Mend.io

Mend.io Pros and Cons: Top Advantages and Disadvantages

Quick AI Summary Based on G2 Reviews

Generated from real user reviews

Users appreciate the ease of use of Mend.io, benefiting from its simple onboarding and attractive interface. (4 mentions)

Users value the seamless cloud integration of Mend.io, enabling effortless scanning across multiple repositories efficiently. (2 mentions)

Users highlight the responsive customer support of Mend.io, enhancing their overall experience and satisfaction. (2 mentions)

Users appreciate the easy integrations with Mend.io, streamlining security scans across multiple repositories effortlessly. (2 mentions)

Users value the seamless integration support of Mend.io, allowing efficient scanning across multiple repositories effortlessly. (2 mentions)

Users appreciate the scanning efficiency of Mend.io, enabling fast and effective scanning across multiple repositories seamlessly. (2 mentions)

Users find integration issues with on-premise tools challenging, affecting the overall experience and value for money. (2 mentions)

Users find the integration lacking and consider Mend.io to be too expensive for its current performance. (1 mentions)

Users are concerned about the false positives in Mend.io, finding it difficult to verify identified vulnerabilities. (1 mentions)

Users find the lack of proof of concept for CVEs cumbersome, making it difficult to verify vulnerabilities. (1 mentions)

Users struggle with the lack of clarity in Mend.io, making it difficult to communicate effectively with non-technical teams. (1 mentions)

Users find the poor documentation of Mend.io lacking, as new features often lack sufficient guidance and clarity. (1 mentions)

Top Pros or Advantages of Mend.io

1. Ease of Use

Users appreciate the ease of use of Mend.io, benefiting from its simple onboarding and attractive interface.

See 4 mentions

See Related User Reviews

Verified User

Mid-Market (51-1000 emp.)

5.0/5

"Mend has been an excellent tool, both for OSA and SAST"

What do you like about Mend.io?

I really like the ability to integrate the tooling directly into our source code repository. This allows us to scan hundreds of repositories without n

Verified User

Mid-Market (51-1000 emp.)

4.5/5

"Easy to use"

What do you like about Mend.io?

Easy to use. Helpful. Support is very responsive.

2. Cloud Integration

Users value the seamless cloud integration of Mend.io, enabling effortless scanning across multiple repositories efficiently.

See 2 mentions

See Related User Reviews

Verified User

Mid-Market (51-1000 emp.)

5.0/5

"Mend has been an excellent tool, both for OSA and SAST"

What do you like about Mend.io?

I really like the ability to integrate the tooling directly into our source code repository. This allows us to scan hundreds of repositories without n

Israel Sebastián E.

Small-Business (50 or fewer emp.)

5.0/5

"Useful tool"

What do you like about Mend.io?

Enhances the application security and it's relatively easy to use and integrate.

3. Customer Support

Users highlight the responsive customer support of Mend.io, enhancing their overall experience and satisfaction.

See 2 mentions

See Related User Reviews

Verified User

Mid-Market (51-1000 emp.)

4.5/5

"Easy to use"

What do you like about Mend.io?

Easy to use. Helpful. Support is very responsive.

Verified User

Enterprise (> 1000 emp.)

3.5/5

"Mend is a key part of your development process."

What do you like about Mend.io?

It's scanning capabilities are more than useful. CSM and support teams are really helpful and reactive.

4. Easy Integrations

Users appreciate the easy integrations with Mend.io, streamlining security scans across multiple repositories effortlessly.

See 2 mentions

See Related User Reviews

Verified User

Mid-Market (51-1000 emp.)

5.0/5

"Mend has been an excellent tool, both for OSA and SAST"

What do you like about Mend.io?

I really like the ability to integrate the tooling directly into our source code repository. This allows us to scan hundreds of repositories without n

Israel Sebastián E.

Small-Business (50 or fewer emp.)

5.0/5

"Useful tool"

What do you like about Mend.io?

Enhances the application security and it's relatively easy to use and integrate.

5. Integration Support

Users value the seamless integration support of Mend.io, allowing efficient scanning across multiple repositories effortlessly.

See 2 mentions

See Related User Reviews

Verified User

Mid-Market (51-1000 emp.)

5.0/5

"Mend has been an excellent tool, both for OSA and SAST"

What do you like about Mend.io?

I really like the ability to integrate the tooling directly into our source code repository. This allows us to scan hundreds of repositories without n

Israel Sebastián E.

Small-Business (50 or fewer emp.)

5.0/5

"Useful tool"

What do you like about Mend.io?

Enhances the application security and it's relatively easy to use and integrate.

6. Scanning Efficiency

Users appreciate the scanning efficiency of Mend.io, enabling fast and effective scanning across multiple repositories seamlessly.

See 2 mentions

See Related User Reviews

Verified User

Mid-Market (51-1000 emp.)

5.0/5

"Mend has been an excellent tool, both for OSA and SAST"

What do you like about Mend.io?

I really like the ability to integrate the tooling directly into our source code repository. This allows us to scan hundreds of repositories without n

Verified User

Enterprise (> 1000 emp.)

3.5/5

"Mend is a key part of your development process."

What do you like about Mend.io?

It's scanning capabilities are more than useful. CSM and support teams are really helpful and reactive.

Top Cons or Disadvantages of Mend.io

1. Integration Issues

Users find integration issues with on-premise tools challenging, affecting the overall experience and value for money.

See 2 mentions

See Related User Reviews

Verified User

Enterprise (> 1000 emp.)

3.5/5

"Mend is a key part of your development process."

What do you dislike about Mend.io?

Its integration with on-premise tools can be challenging.

Oliver l.

Mid-Market (51-1000 emp.)

3.0/5

"good experience with mend.io"

What do you dislike about Mend.io?

not quite a good integration and is a bit too pricy.

2. Expensive

Users find the integration lacking and consider Mend.io to be too expensive for its current performance.

See 1 mentions

See Related User Reviews

Oliver l.

Mid-Market (51-1000 emp.)

3.0/5

"good experience with mend.io"

What do you dislike about Mend.io?

not quite a good integration and is a bit too pricy.

3. False Positives

Users are concerned about the false positives in Mend.io, finding it difficult to verify identified vulnerabilities.

See 1 mentions

See Related User Reviews

Verified User

Enterprise (> 1000 emp.)

4.5/5

"Mend is an excellent SCA solution. The prioritize feature saves a lot of time."

What do you dislike about Mend.io?

I miss some kind of PoC for the CVEs that mend identifies. Some times it's hard to verify if the vulnerability is a true positive

4. Insufficient Information

Users find the lack of proof of concept for CVEs cumbersome, making it difficult to verify vulnerabilities.

See 1 mentions

See Related User Reviews

Verified User

Enterprise (> 1000 emp.)

4.5/5

"Mend is an excellent SCA solution. The prioritize feature saves a lot of time."

What do you dislike about Mend.io?

I miss some kind of PoC for the CVEs that mend identifies. Some times it's hard to verify if the vulnerability is a true positive

5. Lack of Clarity

Users struggle with the lack of clarity in Mend.io, making it difficult to communicate effectively with non-technical teams.

See 1 mentions

See Related User Reviews

Verified User

Mid-Market (51-1000 emp.)

4.5/5

"Easy to use"

What do you dislike about Mend.io?

Needing to report to the security team that doesn't understand software.

6. Poor Documentation

Users find the poor documentation of Mend.io lacking, as new features often lack sufficient guidance and clarity.

See 1 mentions

See Related User Reviews

Verified User

Mid-Market (51-1000 emp.)

5.0/5

"Mend has been an excellent tool, both for OSA and SAST"

What do you dislike about Mend.io?

SAST capabilities are new and still maturing. Documentation is good, but could use some improvement.

Top-Rated Alternatives

View All Alternatives

G2 reviews are authentic and verified.

Here's how.

Verified User in Information Technology and Services

Mid-Market (51-1000 emp.)

9/12/2022

"Effective and easy to use OSS scanning"

4/5

What do you like best about Mend.io?

Scanning is simple with an easy-to-use agent.

Reports are easy to read providing useful insight. Review collected by and hosted on G2.com.

What do you dislike about Mend.io?

The Mend Portal can be slow on occassion.

Some parts of the interface are not as intuitive as they could be. Review collected by and hosted on G2.com.

Verified User in Internet

Enterprise (> 1000 emp.)

9/1/2020

"modern UI"

4/5

What do you like best about Mend.io?

modern and familiar UI, easy to use and comfortable Review collected by and hosted on G2.com.

What do you dislike about Mend.io?

structure of pages are not easy to understand Review collected by and hosted on G2.com.

Mohit P.

DevSecOps Engineer

Small-Business (50 or fewer emp.)

10/6/2022

"Good tool for SCA"

3/5

What do you like best about Mend.io?

1. Seemless integration with SCM.

2. License management for open source repositories. Review collected by and hosted on G2.com.

What do you dislike about Mend.io?

It would be great if an auto dependency resolution/management is provided for any finding. Review collected by and hosted on G2.com.

Verified User in Information Technology and Services

Small-Business (50 or fewer emp.)

4/11/2022

"Renovate is great"

5/5

What do you like best about Mend.io?

I enjoy how quickly PRs are opened so I can always have my dependencies up to date. The PRs are informative and using checkboxes for UI is much better than commands. Review collected by and hosted on G2.com.

What do you dislike about Mend.io?

There isn't much to dislike, the configuration file allows me to control pretty much every I could want to. If I had to make one complaint it's that the config file has to be in the root of the repo. It would be nice if I could hide it away in a .github directory or perhaps a .whitesource directory which could also hold my bolt config file. Review collected by and hosted on G2.com.

Verified User in Education Management

Small-Business (50 or fewer emp.)

3/31/2022

"Whitesource Fenovate is solid"

4/5

What do you like best about Mend.io?

I setup whitesource rennovate to help keep our dependencies up to date. Since doing that we have slowly but surely updated all of our dependencies without spending much developer time. Review collected by and hosted on G2.com.

What do you dislike about Mend.io?

The downside is that rennovate is a bit slow to rerun after you've made a change. For the most part it's fine but when you're getting started and have lots to update it can feel slow. Review collected by and hosted on G2.com.

Gabriel P.

Senior React Developer

Small-Business (50 or fewer emp.)

12/30/2021

"Excellent tools"

5/5

What do you like best about Mend.io?

I mostly use Renovate, and the difference between its competitors is enormous.

Monorepos updates, dependencies dashboard and its response time are what I like the most. Review collected by and hosted on G2.com.

What do you dislike about Mend.io?

Sincerely I cannot think of anything that I dislike.

The only improvement I would like is a deeper GitHub integration like they have with Dependabot, but I recognize that it's an effort from both sides. Review collected by and hosted on G2.com.

Verified User in Automotive

Mid-Market (51-1000 emp.)

12/30/2021

"Easy to use dependency management"

5/5

What do you like best about Mend.io?

We are using WhiteSource's Renovate Bot. It quickly integrates into GitHub Actions, supports private npm registries, and allows grouping of packages which is fantastic if you use TypeScript (you can set up renovate to create one PR for @types package and the related package it self). Review collected by and hosted on G2.com.

What do you dislike about Mend.io?

Right now, there is nothing we dislike about Renovate. It does its job, provides a great developer experience, and makes updating internal core packages more effortless than ever before. Review collected by and hosted on G2.com.

Prateek C.

Software Development Engineer In Test (SDET) [Infosys]

Small-Business (50 or fewer emp.)

9/25/2021

"Great bot to keep the app vulnerability free."

5/5

What do you like best about Mend.io?

Great app to keep the app vulnerability free as you don't need to worry about upgrading tons of packages in your multiple projects anymore. It does the tedious manual job for you. Review collected by and hosted on G2.com.

What do you dislike about Mend.io?

I've been using renovate for a while now. Don't really know if there's a way to exclude a specific package from upgrading. Review collected by and hosted on G2.com.

Recommendations to others considering Mend.io:

Really easy setup. Smooth integration with git. Keeps your app vulnerability free. Just give it a try. I'm sure you'll find it useful. Review collected by and hosted on G2.com.

What problems is Mend.io solving and how is that benefiting you?

Using Renovate bot to upgrade the dependencies automatically. Biggest benifit is that it keeps the dependencies up to date which helps keeping the app vulnerability free. Review collected by and hosted on G2.com.

Sameer P.

Tech Co-Founder

Small-Business (50 or fewer emp.)

2/3/2022

"Great tools to help stay on top of the security and updates."

5/5

What do you like best about Mend.io?

I like how easy it is to get started and running. The security updates that it provide are valuable for the team and helps us move forward quickly. Review collected by and hosted on G2.com.

What do you dislike about Mend.io?

It's hard to setup with private python repo, we had to fork and then use our custom images in the docker to make the renovatebot working on private repos. Review collected by and hosted on G2.com.

Daniel N.

IT-Operations Engineer

Small-Business (50 or fewer emp.)

10/19/2021

"The overall language is amazing"

5/5

What do you like best about Mend.io?

WhiteSource finds dependency in all our configs, even in those use for pipelines like circle ci. Review collected by and hosted on G2.com.

What do you dislike about Mend.io?

There are no changelogs for Docker containers. If this information is available, it would be helpful to include it in the PRs. A focus on CVEs would also be interesting. Review collected by and hosted on G2.com.

Recommendations to others considering Mend.io:

It's easy to use and I can't think of a project that doesn't benefit from using WhiteSource software. Review collected by and hosted on G2.com.

What problems is Mend.io solving and how is that benefiting you?

We currently use the WhiteSource bot to keep our Github repos up to date. The bot helps us keep all dependencies up to date. Review collected by and hosted on G2.com.