Mend.io and GitLab are both prominent in software development management, with GitLab leading in features while Mend.io stands out for pricing and support.
Features: Mend.io offers strong security and compliance, making it attractive to teams prioritizing software safety. GitLab focuses on comprehensive DevOps integration, continuous deployment, and a unified development workflow.
Room for Improvement: Mend.io could benefit from better integration with third-party tools to enhance workflow flexibility. GitLab is encouraged to address resource consumption and performance issues at scale. Each tool targets different areas based on user needs and priorities.
Ease of Deployment and Customer Service: Mend.io is favored for easy deployment, suitable for smaller teams or projects with limited resources, and is praised for its responsive support. GitLab offers extensive customization resources with more complex deployment while providing detailed documentation for self-guidance.
Pricing and ROI: Mend.io is recognized for competitive pricing and quick setup for cost-effective returns on investment. GitLab, despite being more expensive, provides significant ROI through a comprehensive feature set facilitating efficient project management and development.
We have saved time significantly, reducing deployment time from four hours to five minutes per deployment.
Migrating to GitLab is bringing time-saving benefits, and everything is easier to automate.
Mend.io has provided a good return on investment by significantly reducing vulnerabilities.
I have had meetings where they taught me, explained things, and provided guidance for starting from scratch.
I have interacted with architects for some advice during the implementation, and they were prompt in their response.
We have rarely needed to escalate issues to technical support since GitLab usually runs seamlessly.
They prioritize providing the best experience to large organizations like ours, belonging to the Fortune 100.
It has all the features required for our coding and deployment needs, which makes it scalable to our changing requirements.
We're transitioning to OpenShift for future scalability with increased user numbers.
I have not encountered any performance or stability issues with GitLab so far.
AI integration in code security tools like Mend.io is still in its early stages and relatively immature.
It would be beneficial to have a user-friendly interface for setting up these configurations, instead of just writing YAML files.
GitLab can improve its user interface to make conflict resolution more user-friendly.
The UI has remained the same for a couple of years and could benefit from an update with AI features and better customization.
The organization decided to consolidate tools and chose Snyk since it provides multiple functionalities in one solution.
The price is high, and it limits user accessibility.
The pricing of GitLab is reasonable, aligning with what I consider to be average compared to competitors.
Even when working in other small organizations, we opted for GitLab as it was cost-efficient.
The cost of Mend.io is competitive, being quite low compared to others.
The Ultimate version offers enhanced features for security scanning through DAST and SAST analysis, which have greatly benefitted our project workflow.
As we implement automated testing and DevSecOps, it speeds up the process by forty to sixty percent.
The feature I appreciate the most about GitLab is its ease of use and compatibility, which allows for straightforward building and deployment processes.
We find it 100% accurate in detecting vulnerabilities.
GitLab is a complete DevOps platform that enables teams to collaborate and deliver software faster.
It provides a single application for the entire DevOps lifecycle, from planning and development to testing, deployment, and monitoring.
With GitLab, teams can streamline their workflows, automate processes, and improve productivity.
Mend.io is a software composition analysis tool that secures what developers create. The solution provides an automated reduction of the software attack surface, reduces developer burdens, and accelerates app delivery. Mend.io provides open-source analysis with its in-house and other multiple sources of software vulnerabilities. In addition, the solution offers license and policy violation alerts, has great pipeline integration, and, since it is a SaaS (software as a service), it doesn’t require you to physically maintain servers or data centers for any implementation. Not only does Mend.io reduce enterprise application security risk, it also helps developers meet deadlines faster.
Mend.io Features
Mend.io has many valuable key features. Some of the most useful ones include:
Mend.io Benefits
There are many benefits to implementing Mend.io. Some of the biggest advantages the solution offers include:
Reviews from Real Users
Below are some reviews and helpful feedback written by PeerSpot users currently using the Mend.io solution.
Jeffrey H., System Manager of Cloud Engineering at Common Spirit, says, “Finding vulnerabilities is pretty easy. Mend.io (formerly WhiteSource) does a great job of that and we had quite a few when we first put this in place. Mend.io does a very good job of finding the open-source, checking the versions, and making sure they're secure. They notify us of critical high, medium, and low impacts, and if anything is wrong. We find the product very easy to use and we use it as a core part of our strategy for scanning product code moving toward release.”
PeerSpot reviewer Ben D., Head of Software Engineering at a legal firm, mentions, “The way WhiteSource scans the code is great. It’s easy to identify and remediate open source vulnerabilities using this solution. WhiteSource helped reduce our mean time to resolution since we adopted the product. In terms of integration, it's pretty easy.”
An IT Service Manager at a wholesaler/distributor comments, “Mend.io provides threat detection and an excellent UI in a highly stable solution, with outstanding technical support.”
Another reviewer, Kevin D., Intramural OfficialIntramural at Northeastern University, states, "The vulnerability analysis is the best aspect of the solution."
We monitor all Software Composition Analysis (SCA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
