We performed a comparison between GitHub and Mend.io based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We use GitHub instead of our regular shared drive. It offers instant access to shared folders as well as good security."
"The Projects Tab, which shows you the todo list and the progress for projects, is very helpful."
"Even if I'm not in the office, I can access and work on my code from anywhere with my account credentials."
"The most valuable features are GitHub are the standard features, they are very useful."
"GitHub's merging feature is much better than that of other products because merging is done daily."
"The most valuable feature is help offered by the community for open-source projects."
"GitHub is pure or open-source; you can access it anywhere. You can have a lot of collateral information. You can make the changes and do the reviews from one place."
"The initial setup was easy."
"We set the solution up and enabled it and we had everything running pretty quickly."
"There are multiple different integrations there. We use Mend for CI/CD that goes through Azure as well. It works seamlessly. We never have any issues with it."
"WhiteSource helped reduce our mean time to resolution since the adoption of the product."
"What is very nice is that the product is very easy to set up. When you want to implement Mend.io, it just takes a few minutes to create your organization, create your products, and scan them. It's really convenient to have Mend scanning your products in less than one hour."
"The license management of WhiteSource was at a good level. As compared to other tools that I have used, its functionality for the licenses for the code libraries was quite good. Its UI was also fine."
"The inventory management as well as the ability to identify security vulnerabilities has been the most valuable for our business."
"With the fix suggestions feature, not only do you get the specific trace back to where the vulnerability is within your code, but you also get fix suggestions."
"Our dev team uses the fix suggestions feature to quickly find the best path for remediation."
"GitHub could expand the limits of the free version."
"The stability can be improved."
"As of now, if I would like to learn about GitHub or its features, I would have to look on YouTube. It would be nice if they were able to send out a newsletter with explanations of new features that they are offering and what features are available."
"The solution could have better support for the Markdown language."
"The support team needs to have a well-defined SLA model since it is an area where the tool currently has some shortcomings."
"In complex cases, we have to use the terminal for conflict resolution. If those conflicts could be resolved visually in the editor, that would be much better."
"Github needs more storage."
"It would be better if the amount of storage were increased."
"WhiteSource only produces a report, which is nice to look at. However, you have to check that report every week, to see if something was found that you don't want. It would be great if the build that's generating a report would fail if it finds a very important vulnerability, for instance."
"It would be nice to have a better way to realize its full potential and translate it within the UI or during onboarding."
"The only thing that I don't find support for on Mend Prioritize is C++."
"If anything, I would spend more time making this more user-friendly, better documenting the CLI, and adding more examples to help expand the current documentation."
"On the reporting side, they could make some improvements. They are making the reports better and better, but sometimes it takes a lot of time to generate a report for our entire organization."
"Mend lets you create custom policies. They're not too complicated to set up, but it would be helpful if they had some preconfigured policies to match what we have in Azure DevOps. That would save us a lot of time. It's tedious to configure the policies manually, and I lack the capacity to do it right now. Other products have preconfigured packs and templates, and Mend doesn't."
"It would be good if it can do dynamic code analysis. It is not necessarily in that space, but it can do more because we have too many tools. Their partner relationship support is a little bit confusing. They haven't really streamlined the support process when we buy through a reseller. They should improve their process."
"Make the product available in a very stable way for other web browsers."
GitHub is ranked 9th in Application Security Tools with 74 reviews while Mend.io is ranked 13th in Application Security Tools with 29 reviews. GitHub is rated 8.6, while Mend.io is rated 8.4. The top reviewer of GitHub writes "Beneficial version control and continuous integration, but guides would be helpful". On the other hand, the top reviewer of Mend.io writes "Easy to use, great for finding vulnerabilities, and simple to set up". GitHub is most compared with Snyk, AWS CodeCommit, Fortify on Demand, Bitbucket and Atlassian SourceTree, whereas Mend.io is most compared with SonarQube, Black Duck, Veracode, Snyk and Checkmarx One. See our GitHub vs. Mend.io report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.