# Mend Reviews 2026. Verified Reviews, Pros & Cons | Capterra

> Is Mend the right Application Development solution for you? Explore 8 verified user reviews from people in industries like yours to make a confident choice.

Source: https://www.capterra.com/p/146730/WhiteSource/reviews

---

Mend

4.4 (8)

[View alternatives](https://www.capterra.com/p/146730/WhiteSource/alternatives/)

Provider data verified by our Software Research team, and reviews moderated by our Reviews Verification team. [Learn more](https://www.capterra.com/our-story/)

* * *

Last updated March 13th, 2026

# Reviews of Mend

Ease of use

4.2

Customer Service

4.3

## Showing most helpful reviews

Showing 1-8 of 8 Reviews

Sort by:

Most Helpful

Rating

Company Size

Reviewer's Role

Length of Use

Frequency of Use

Mo F.  
Lead DevOps Engineer  
Legal Services  
Used the software for: 2+ years

### "Good supplement to other SAST tools for "shift left" security."

December 7, 2022

4.0

Pros

Easy integration with Azure DevOps and Mend for Github and the fact that you can run as a task during the pipeline but you don't have to see the output from a CLI since they provide a tab on the pipeline run to see a good report on used libraries and vulnerabilities.

Cons

Other tools have auto fixing which is not a need but good to have. Auto-fixing is not always "auto" and might need review which doesn't make it a big con.

Alternatives considered

[GitHub](https://www.capterra.com/p/129067/GitHub/)[SonarQube](https://www.capterra.com/p/210481/SonarQube/)[Snyk](https://www.capterra.com/p/172252/Snyk/)[GitLab](https://www.capterra.com/p/159806/GitLab/)[Microsoft Defender for Cloud Apps](https://www.capterra.com/p/227615/Microsoft-Cloud-App-Security/)

Review Source

SM

Sonal M.  
Product Security Architect  
Logistics and Supply Chain  
Used the software for: 2+ years

### "Best Unified solution for SCA,SAST & Container on the market."

June 25, 2025

5.0

Overall a good experience working with WhiteSource team, even their Technical Accounts Manager (TAM) was able to troubleshoot issues on the call. It's better to keep a bi-weekly cadence with them as they do provide hands-on approach to issues raised and helps us in resolving any integration problems.

Pros

Best Open Source analysis with their In-house and other multiple sources of software vulnerabilities giving you value for money for your subscription. Also one of the few companies in the market which will give you license & policy violations alert as well. Pipeline integration of this tools is greatly helpful for the software which are shipped out securely & safely.

Cons

Mend SAST tool gives remediation as a general one or two liners, they are pointing as to where the issue is present, but also need to provide detailed fix for SAST issues.

Alternatives considered

[Snyk](https://www.capterra.com/p/172252/Snyk/)

Reason for choosing Mend

Value for money and results were superior than their peers.

Review Source

DT

Don T.  
VP Software Development  
  
Used the software for: Less than 6 months

### "Tons of false positives, prepare to spend hours fixing it manually"

June 7, 2018

2.0

After much manual configuration, a nicely formatted output that looks reputable. I could have just made my own in excel a lot faster.

Pros

Fast, quick reviews of your code. They do a good job of putting all the relevant reports and dashboards in front of you quickly. Once you manually fix everything, it can look really good.

Cons

The false positives are awful. I had to spend hours and hours manually fixing everything it mis-identified - dozens of libraries and thousands of source files. If you use a library not in its database... too bad. You can make a support request and wait for them to enter it for you, whenever they get around to it. The search is pretty awful. There is some kind of syntax to using it but when I asked our account rep, she couldn't give me any documentation on it. You will frequently see results like "openssl-v0\_9\_8" in your search, but if you type "openssl" it will vanish and not come up. Don't ever both trying to search for a version, it doesn't work. This results in a lot of time scrolling through very large lists. Naming schemes are random and follow no established pattern. For a good half of all libraries, they have not assigned a license. Guess who gets to go google search them all? You, the user! Isn't the point of this tool to help me identify the licensing? UI navigation is challenging. Back button will take you to a different place than you were almost every time. You'll love the dashboard... because you have to go back to it roughly every 5 minutes and start over. No great system for notes/todos/reminders. When you have to fix 60 libraries, it's hard to remember what you want to do with each one.

Review Source

Elyes C.  
Application Security Engineer  
Information Technology and Services  
Used the software for: 6-12 months

### "WhiteSource Review"

December 7, 2021

5.0

Pros

WhiteSource give you the ability to scan open source packages within your source code. The ability to integrate it with Azure pipelines is a huge plus

Cons

Duplicated result for same packages and within the same project

Review Source

UM

Udi M.  
System Architect & FOSS Evaluator  
  
Used the software for:

### "FOSS lifecycle management with Whitesource"

November 10, 2015

5.0

Using Whitesource to manage the process of analysing FOSS for a large product with hundreds of opensource dependencies. Makes life much easier and helps you cover all dependencies much more accurately. Some processes are still a bit course (though improved dramatically over the past 18 months) Refresh performance might be a bit slow when there are very large dependency lists. Best product out there for FOSS lifecycle management

Review Source

JM

John McIntire  
  
  
Used the software for:

### "Easy to use. Saves tons of time."

May 28, 2013

5.0

We used to document it all manually. Now its done easily and effectively. Not to mention that we missed many things, so with this we were able to fix some small issues before they become big issues....

Pros

easy inexpensive very comprehensive no more hassle

Review Source

sS

shaul S.  
SW director  
  
Used the software for:

### "work with it for a long time still place to improve."

November 10, 2015

4.0

It aggregates my licenses in one centralized place. The software helps me to generate the reports for many requests that I have inside my organization. It also helps me to identify the changes between versions and compare them.

Review Source

AA

Alice Akins  
  
  
Used the software for:

### "License Management in the cloud"

September 17, 2012

5.0

I use the free cloud based service of White Source and it is pretty well done. Things get done quickly and easy and the software helps me to track open source licences. There is nothing to complain about it!

Review Source

Similar Products

Featured

## Related categories

[Computer Security](https://www.capterra.com/computer-security-software/)[Application Development](https://www.capterra.com/application-development-software/)[Cybersecurity](https://www.capterra.com/cybersecurity-software/)

## Send me user reviews about this product

### Fill out the form and we'll send a list of the top-rated software based on real user reviews directly to your inbox.