We performed a comparison between GitHub and Mend.io based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I find the most valuable collaboration between our peers to be a seamless collaboration between our peers. We can connect and change our code, allowing us to be agile in our projects. Since we're talking about DevOps, we're using Jenkins in our pipeline. It helps speed up the process by automating the DevOps workflow."
"The flexibility of this solution has been most valuable. It operates on a pay per use basis where you can ramp up or decrease usage."
"It's beneficial for managing multiple tasks and controlling versions of your product."
"GitHub is good for small companies and for personal use."
"The most valuable aspects of GitHub are version control and parallel development. I also appreciate the forking part, which allows us to release a specific set of features to the environment."
"We've found the technical support to be very helpful."
"GitHub have a built-in software application development environment and this has been most useful."
"The code sharing and updated history are valuable features."
"The overall support that we receive is pretty good. "
"WhiteSource is unique in the scanning of open-source licenses. Additionally, the vulnerabilities aspect of the solution is a benefit. We don't use WhiteSource in the whole organization, but we use it for some projects. There we receive a sense of the vulnerabilities of the open-source components, which improves our security work. The reports are automated which is useful."
"The vulnerability analysis is the best aspect of the solution."
"What is very nice is that the product is very easy to set up. When you want to implement Mend.io, it just takes a few minutes to create your organization, create your products, and scan them. It's really convenient to have Mend scanning your products in less than one hour."
"Enables scanning/collecting third-party libraries and classifying license types. In this way we ensure our third-party software policy is followed."
"The results and the dashboard they provide are good."
"The inventory management as well as the ability to identify security vulnerabilities has been the most valuable for our business."
"For us, the most valuable tool was open-source licensing analysis."
"GitHub could add some more security features."
"The solution can improve by adding video guides, official guides, or short courses that cater to beginners who are new to the system. These resources could offer step-by-step guidance on how to use GitHub, including common procedures such as pulling and committing. Currently, many of us have to resort to searching for information on how to do these tasks via Google. An official guide provided by GitHub itself would be a valuable asset to newcomers and would save them time and effort."
"I would like to see integration with Slack such that all of the changes made in GitHub are reflected there."
"I would like a more graphical, user-friendly UI, to avoid writing so much code on cmd."
"Could be more user friendly."
"The storage for this solution could be improved."
"While using the solution when merging two code branches the code becomes a bit messy. This should be improved in the future."
"GitHub's issue management could be improved a little from an organization standpoint. It would be helpful to have the ability to organize a work board or a backlog more comprehensively. For organizations migrating to GitHub from arbitrary systems, it's a little bit of a headache to move on to that system."
"The UI is not that friendly and you need to learn how to navigate easily."
"The dashboard UI and UX are problematic."
"It should support multiple SBOM formats to be able to integrate with old industry standards."
"Mend supports most of the common package managers, but it doesn't support some that we use. I would appreciate it if they can quickly make these changes to add new package managers when necessary."
"The initial setup could be simplified."
"At times, the latency of getting items out of the findings after they're remediated is higher than it should be."
"The turnaround time for upgrading databases for this tool as well as the accuracy could be improved."
"I would like to have an additional compliance pack. Currently, it does not have anything for the CIS framework or the NIST framework. If we directly run a scan, and it is under the CIS framework, we can directly tell the auditor that this product is now CIS compliant."
GitHub is ranked 9th in Application Security Tools with 74 reviews while Mend.io is ranked 13th in Application Security Tools with 29 reviews. GitHub is rated 8.6, while Mend.io is rated 8.4. The top reviewer of GitHub writes "Beneficial version control and continuous integration, but guides would be helpful". On the other hand, the top reviewer of Mend.io writes "Easy to use, great for finding vulnerabilities, and simple to set up". GitHub is most compared with Snyk, AWS CodeCommit, Fortify on Demand, Bitbucket and Atlassian SourceTree, whereas Mend.io is most compared with SonarQube, Black Duck, Veracode, Snyk and Checkmarx One. See our GitHub vs. Mend.io report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.