We performed a comparison between GitHub and Mend.io based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."GitHub is pure or open-source; you can access it anywhere. You can have a lot of collateral information. You can make the changes and do the reviews from one place."
"The most valuable features of GitHub are the ease of integration into Microsoft Azure DevOps. The process that you need to deploy into Microsoft Azure becomes fairly simple and the templates are already available, a lot of the engineers find it easier to use."
"Even if I'm not in the office, I can access and work on my code from anywhere with my account credentials."
"GitHub is convenient and easy to use."
"The control is the most valuable feature as developers can work on a single code."
"A great feature is being able to have different repositories and different kinds of projects in a single solution at a single time. It's just a click away."
"GitHub allows us the option to push files from a non-UA method or directly upload files from the UA. You can integrate GitHub with Jenkins to do CI/CD."
"Complication free with good ability for third-party integrations."
"For us, the most valuable tool was open-source licensing analysis."
"The overall support that we receive is pretty good. "
"There are multiple different integrations there. We use Mend for CI/CD that goes through Azure as well. It works seamlessly. We never have any issues with it."
"The reporting capability gives us the option to generate an open-source license report in a single click, which gets all copyright and license information, including dependencies."
"Our dev team uses the fix suggestions feature to quickly find the best path for remediation."
"The most valuable feature is the unified JAR to scan for all langs (wss-scanner jar)."
"The solution is scalable."
"WhiteSource is unique in the scanning of open-source licenses. Additionally, the vulnerabilities aspect of the solution is a benefit. We don't use WhiteSource in the whole organization, but we use it for some projects. There we receive a sense of the vulnerabilities of the open-source components, which improves our security work. The reports are automated which is useful."
"It is difficult to merge a code or restore it to an older version."
"The ticketing system is not working."
"GitHub could have better integration or capability with other solutions."
"The GitHub repository needs an upgraded user interface and overall UI improvements."
"GitHub storage is one of the main requirements and it could improve."
"The only thing I see missing in GitHub is that it isn't very user friendly for key personnel who don't have in-depth, technical knowledge. In Jira, there are many functions to upload our test cases, and in GitHub we can only do it manually. There are functions which can be used to upload different files, but that still requires some technical knowledge. A layman cannot do it."
"I would like to see more security where a plugin was available for us to update in relation to security."
"The UI is a little outdated, so that could be improved."
"On the reporting side, they could make some improvements. They are making the reports better and better, but sometimes it takes a lot of time to generate a report for our entire organization."
"The initial setup could be simplified."
"I rated the solution an eight out of ten because WhiteSource hasn't built in a couple of features that we would have loved to use and they say they're on their roadmap. I'm hoping that they'll be able to build and deliver in 2022."
"Some detected libraries do not specify a location of where in the source they were matched from, which is something that should be enhanced to enable quicker troubleshooting."
"WhiteSource needs improvement in the scanning of the containers and images with distinguishing the layers."
"I would like to see the static analysis included with the open-source version."
"The only thing that I don't find support for on Mend Prioritize is C++."
"Make the product available in a very stable way for other web browsers."
GitHub is ranked 12th in Application Security Tools with 64 reviews while Mend.io is ranked 5th in Application Security Tools with 29 reviews. GitHub is rated 8.6, while Mend.io is rated 8.4. The top reviewer of GitHub writes "Beneficial version control and continuous integration, but guides would be helpful". On the other hand, the top reviewer of Mend.io writes "Easy to use, great for finding vulnerabilities, and simple to set up". GitHub is most compared with Snyk, AWS CodeCommit, Bitbucket and Atlassian SourceTree, whereas Mend.io is most compared with SonarQube, Black Duck, Snyk, Veracode and Checkmarx One. See our GitHub vs. Mend.io report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.