We performed a comparison between GitLab and Mend.io based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution has an established roadmap that lays out its plans for upgrades over the next two to three years."
"The stability is good."
"We like that we can have an all-encompassing product and don't have to implement different solutions."
"GitLab integrates well with other platforms."
"A user friendly solution."
"The most valuable features of GitLab are the CI/CD pipeline and code management."
"It speeds up our development, it's faster, safer, and more convenient."
"The SaaS setup is impressive, and it has DAST solutioning."
"For us, the most valuable tool was open-source licensing analysis."
"Its ease of use and good results are the most valuable."
"Our dev team uses the fix suggestions feature to quickly find the best path for remediation."
"The overall support that we receive is pretty good. "
"We can take some measures to improve things, replace a library, or update a library which was too old or showed severe bugs."
"I am the organizational deployment administrator for this tool, and I, along with other users in our company, especially the security team, appreciate the solution for several reasons. The UI is excellent, and scanning for security threats fits well into our workflow."
"WhiteSource is unique in the scanning of open-source licenses. Additionally, the vulnerabilities aspect of the solution is a benefit. We don't use WhiteSource in the whole organization, but we use it for some projects. There we receive a sense of the vulnerabilities of the open-source components, which improves our security work. The reports are automated which is useful."
"The most valuable feature is the inventory, where it compiles a list of all of the third-party libraries that we have on our estate."
"For as long as I have used GitLab, I haven't encountered any major limitations. However, I think that perhaps the search functionality could be better."
"Their RBAC is role-based access, which is fine but not very good."
"The tool should include a feature that helps to edit the code directly."
"I believe there's room for improvement in the advanced features, particularly in enhancing the pipeline functionalities."
"GitLab's Windows version is yet not available and having this would be an improvement."
"The solution could improve by providing more integration into the CI/CD pipeline, an autocomplete search tool, and more supporting documentation."
"The price of GitLab could improve, it is high."
"The solution does not have many built-in functions or variables so scripting is required."
"I rated the solution an eight out of ten because WhiteSource hasn't built in a couple of features that we would have loved to use and they say they're on their roadmap. I'm hoping that they'll be able to build and deliver in 2022."
"Needs better ACL and more role definitions. This product could be used by large organisations and it definitely needs a better role/action model."
"Make the product available in a very stable way for other web browsers."
"It should support multiple SBOM formats to be able to integrate with old industry standards."
"We have been looking at how we could improve the automation to human involvement ratio from 60:40 to 70:30, or even potentially 80:20, as there is room for improvement here. We are discussing this internally and with Mend; they are very accommodating to us. We think they openly receive our feedback and do their best to implement our thoughts into the roadmap."
"It would be good if it can do dynamic code analysis. It is not necessarily in that space, but it can do more because we have too many tools. Their partner relationship support is a little bit confusing. They haven't really streamlined the support process when we buy through a reseller. They should improve their process."
"The turnaround time for upgrading databases for this tool as well as the accuracy could be improved."
"I would like to have an additional compliance pack. Currently, it does not have anything for the CIS framework or the NIST framework. If we directly run a scan, and it is under the CIS framework, we can directly tell the auditor that this product is now CIS compliant."
GitLab is ranked 7th in Application Security Tools with 70 reviews while Mend.io is ranked 5th in Application Security Tools with 29 reviews. GitLab is rated 8.6, while Mend.io is rated 8.4. The top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". On the other hand, the top reviewer of Mend.io writes "Easy to use, great for finding vulnerabilities, and simple to set up". GitLab is most compared with Microsoft Azure DevOps, Bamboo, AWS CodePipeline, SonarQube and Tekton, whereas Mend.io is most compared with SonarQube, Black Duck, Snyk, Checkmarx One and Qualys Web Application Scanning. See our GitLab vs. Mend.io report.
See our list of best Application Security Tools vendors and best Software Composition Analysis (SCA) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.