We performed a comparison between GitHub and Mend.io based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product helps our team collaborate across different locations."
"A great feature is being able to have different repositories and different kinds of projects in a single solution at a single time. It's just a click away."
"The most valuable feature of the solution is the version control field."
"The Projects Tab, which shows you the todo list and the progress for projects, is very helpful."
"It is really simple to set up."
"GitHub is good for small companies and for personal use."
"The most important feature of GitHub is the maintainability of the versions of the code."
"The code versioning is excellent, and having a detailed log, including every change made to the code by every developer, is invaluable. It makes it so that if there is a bug or problem in the product channel, we can find exactly where it happened and how to fix it."
"Attribution and license due diligence reports help us with aggregating the necessary data that we, in turn, have to provide to satisfy the various licenses copyright and component usage disclosures in our software."
"The reporting capability gives us the option to generate an open-source license report in a single click, which gets all copyright and license information, including dependencies."
"The license management of WhiteSource was at a good level. As compared to other tools that I have used, its functionality for the licenses for the code libraries was quite good. Its UI was also fine."
"The vulnerability analysis is the best aspect of the solution."
"The solution is scalable."
"The inventory management as well as the ability to identify security vulnerabilities has been the most valuable for our business."
"The results and the dashboard they provide are good."
"The dashboard view and the management view are most valuable."
"GitHub could add more security features. I am not sure how secure it is. If they provide more security features, then it can be used in more official applications."
"It would be good if there were training materials for junior developers."
"If you are uploading or cloning a large file, with more than 25 megs, it's pretty slow."
"Our firewall was blocking cloning and downloading with SSH."
"There can be conflict issues when two developers work on the same file or line of code, and it would be great to see that improved, possibly with an AI solution."
"While using the solution when merging two code branches the code becomes a bit messy. This should be improved in the future."
"The only thing I see missing in GitHub is that it isn't very user friendly for key personnel who don't have in-depth, technical knowledge. In Jira, there are many functions to upload our test cases, and in GitHub we can only do it manually. There are functions which can be used to upload different files, but that still requires some technical knowledge. A layman cannot do it."
"This solution could be improved by offering crowd sourced support where we could ask questions to other users."
"It should support multiple SBOM formats to be able to integrate with old industry standards."
"Mend supports most of the common package managers, but it doesn't support some that we use. I would appreciate it if they can quickly make these changes to add new package managers when necessary."
"The initial setup could be simplified."
"They're working on a UI refresh. That's probably been one of the pain points for us as it feels like a really old application."
"The turnaround time for upgrading databases for this tool as well as the accuracy could be improved."
"The solution lacks the code snippet part."
"I rated the solution an eight out of ten because WhiteSource hasn't built in a couple of features that we would have loved to use and they say they're on their roadmap. I'm hoping that they'll be able to build and deliver in 2022."
"I would like to have an additional compliance pack. Currently, it does not have anything for the CIS framework or the NIST framework. If we directly run a scan, and it is under the CIS framework, we can directly tell the auditor that this product is now CIS compliant."
GitHub is ranked 12th in Application Security Tools with 71 reviews while Mend.io is ranked 5th in Application Security Tools with 29 reviews. GitHub is rated 8.6, while Mend.io is rated 8.4. The top reviewer of GitHub writes "Beneficial version control and continuous integration, but guides would be helpful". On the other hand, the top reviewer of Mend.io writes "Easy to use, great for finding vulnerabilities, and simple to set up". GitHub is most compared with Snyk, AWS CodeCommit, Bitbucket and Fortify on Demand, whereas Mend.io is most compared with SonarQube, Black Duck, Snyk, Veracode and Checkmarx One. See our GitHub vs. Mend.io report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.