We performed a comparison between Mend.io and Virsec Security Platform based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."The results and the dashboard they provide are good."
"There are multiple different integrations there. We use Mend for CI/CD that goes through Azure as well. It works seamlessly. We never have any issues with it."
"The license management of WhiteSource was at a good level. As compared to other tools that I have used, its functionality for the licenses for the code libraries was quite good. Its UI was also fine."
"I am the organizational deployment administrator for this tool, and I, along with other users in our company, especially the security team, appreciate the solution for several reasons. The UI is excellent, and scanning for security threats fits well into our workflow."
"The solution is scalable."
"We set the solution up and enabled it and we had everything running pretty quickly."
"Attribution and license due diligence reports help us with aggregating the necessary data that we, in turn, have to provide to satisfy the various licenses copyright and component usage disclosures in our software."
"The reporting capability gives us the option to generate an open-source license report in a single click, which gets all copyright and license information, including dependencies."
"We use the solution for Zero-day protection."
"We have been looking at how we could improve the automation to human involvement ratio from 60:40 to 70:30, or even potentially 80:20, as there is room for improvement here. We are discussing this internally and with Mend; they are very accommodating to us. We think they openly receive our feedback and do their best to implement our thoughts into the roadmap."
"At times, the latency of getting items out of the findings after they're remediated is higher than it should be."
"If anything, I would spend more time making this more user-friendly, better documenting the CLI, and adding more examples to help expand the current documentation."
"We specifically use this solution within our CICD pipelines in Azure DevOps, and we would like to have a gate so that if the score falls below a certain value then we can block the pipeline from running."
"I rated the solution an eight out of ten because WhiteSource hasn't built in a couple of features that we would have loved to use and they say they're on their roadmap. I'm hoping that they'll be able to build and deliver in 2022."
"It would be good if it can do dynamic code analysis. It is not necessarily in that space, but it can do more because we have too many tools. Their partner relationship support is a little bit confusing. They haven't really streamlined the support process when we buy through a reseller. They should improve their process."
"Some detected libraries do not specify a location of where in the source they were matched from, which is something that should be enhanced to enable quicker troubleshooting."
"The only thing that I don't find support for on Mend Prioritize is C++."
"The tool's dashboard needs to load since it is not responsive and takes time to load."
Mend.io is ranked 5th in Application Security Tools with 29 reviews while Virsec Security Platform is ranked 35th in Application Security Tools with 1 review. Mend.io is rated 8.4, while Virsec Security Platform is rated 7.0. The top reviewer of Mend.io writes "Easy to use, great for finding vulnerabilities, and simple to set up". On the other hand, the top reviewer of Virsec Security Platform writes "Helps with Zero-day protection ". Mend.io is most compared with SonarQube, Black Duck, Snyk, Veracode and Checkmarx One, whereas Virsec Security Platform is most compared with CrowdStrike Falcon Cloud Security, CrowdStrike Falcon and Trend Vision One - Cloud Security.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.