We performed a comparison between GitHub and Mend.io based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."There are no issues. It's simple, easy, and fully compatible from my perspective with Git."
"The solution can scale."
"We've found the technical support to be very helpful."
"A great feature is being able to have different repositories and different kinds of projects in a single solution at a single time. It's just a click away."
"GitHub's source code management is top-notch. It's easy to inspect changes and visualize code and differences. Their action system is comprehensive in terms of making changes and automation."
"We use GitHub as a repository."
"GitHub is convenient and easy to use."
"GitHub is pure or open-source; you can access it anywhere. You can have a lot of collateral information. You can make the changes and do the reviews from one place."
"Mend has reduced our open-source software vulnerabilities and helped us remediate issues quickly. My company's policy is to ensure that vulnerabilities are fixed before it gets to production."
"The overall support that we receive is pretty good. "
"Enables scanning/collecting third-party libraries and classifying license types. In this way we ensure our third-party software policy is followed."
"The solution is scalable."
"There are multiple different integrations there. We use Mend for CI/CD that goes through Azure as well. It works seamlessly. We never have any issues with it."
"The inventory management as well as the ability to identify security vulnerabilities has been the most valuable for our business."
"For us, the most valuable tool was open-source licensing analysis."
"The most valuable feature is the inventory, where it compiles a list of all of the third-party libraries that we have on our estate."
"It would be better if the amount of storage were increased."
"The development team pushes the code into a repository, and the CI/CD pipeline will perform the build. We need open-source libraries to perform the builds. It would be helpful to have the ability to link to open-source libraries like npm libraries. I don't know if GitHub Actions provides this. I would like to see that in GitHub Actions if they don't."
"If you are uploading or cloning a large file, with more than 25 megs, it's pretty slow."
"It would be useful to have tutorial videos within the GitHub dashboard."
"GitHub could add some more security features."
"If it had all of the end-to-end integration, then we probably wouldn't have any doubts about what we have installed. However, at this point, we're still trying to figure out how to use it end-to-end."
"GitHub uses basic configuration, but messaging is not clear."
"The solution could have better support for the Markdown language."
"At times, the latency of getting items out of the findings after they're remediated is higher than it should be."
"I would like to see the static analysis included with the open-source version."
"On the reporting side, they could make some improvements. They are making the reports better and better, but sometimes it takes a lot of time to generate a report for our entire organization."
"WhiteSource Prioritize should be expanded to cover more than Java and JavaScript."
"Some detected libraries do not specify a location of where in the source they were matched from, which is something that should be enhanced to enable quicker troubleshooting."
"It would be nice to have a better way to realize its full potential and translate it within the UI or during onboarding."
"WhiteSource only produces a report, which is nice to look at. However, you have to check that report every week, to see if something was found that you don't want. It would be great if the build that's generating a report would fail if it finds a very important vulnerability, for instance."
"The initial setup could be simplified."
GitHub is ranked 13th in Application Security Tools with 64 reviews while Mend.io is ranked 5th in Application Security Tools with 29 reviews. GitHub is rated 8.6, while Mend.io is rated 8.4. The top reviewer of GitHub writes "Beneficial version control and continuous integration, but guides would be helpful". On the other hand, the top reviewer of Mend.io writes "Easy to use, great for finding vulnerabilities, and simple to set up". GitHub is most compared with Snyk, AWS CodeCommit, Bitbucket, Atlassian SourceTree and Fortify on Demand, whereas Mend.io is most compared with SonarQube, Black Duck, Snyk, Veracode and Checkmarx One. See our GitHub vs. Mend.io report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.