"There are times when we receive alerts about seemingly important libraries, but then WhiteSource Prioritize will show us that our application isn’t actually using the vulnerable method.”
"We want Microsoft’s users to have access to the best industry solutions for open source management. That’s why we reached out to partner with WhiteSource. WhiteSource is a thought leader in the Rugged DevOps space and we are happy that this partnership will bring the confidence, time and money savings they deliver to their customers."
"What I like about this is that it runs in the background, and therefore doesn’t disrupt the developer's workflow. They can develop, but at the same time, as a manager, I can become aware of any potential issues, and have them resolved."
“As a big enterprise company with hundreds of developers, we wanted a way to enforce organizational policies across the board. To do that, you must use a centralized tool that you can monitor."
“Due to that project’s success, we quickly saw the added value related to the security that Mend gave us. We then did a full evaluation of Mend and upgraded to their Teams offering. Now Mend is being widely adopted by developers across the company.”
“Mend gave us a tangible list of our vulnerabilities. That list made identifying Log4j vulnerabilities easy.”
“Understanding threats and vulnerabilities are key to delivering viable products. There are many avenues that need to be assessed to have a fully mature security process. We got to the point in our evolution where open source software analysis was where we needed to focus to increase our overall maturity.”
"For us, March 31 was not an emergency. We had refined our Zero Day processes just three months before, thanks to the Log4j drill. So everyone knew what to do. We had situational awareness within just a few hours. That was key!"
“When you actually use Mend, you immediately realize how much you can reduce the burden of managing your open source components. If you’re facing a similar challenge, give Mend a try right away."
"It didn’t make sense – and was no longer possible – to do this process manually."
“We need all our open source activity to be safe. We know open source has an inherent risk – both to our IP and to our customers’ data and system stability so we take that very seriously.”
“What’s so good about Mend is that it has a very open API that allows us to integrate it into our CI/CD workflow and get results really quickly and automatically.”
"With Mend, we were able to identify every touchpoint for Java that contained the vulnerability. We have a greater than 98% degree of certainty that we caught every instance of Log4j."
"Azure DevOps is a wonderful development environment that lets our engineers produce software quickly and efficiently. Mend is also fast and efficient. So they are a good match for each other."
"It is not reasonable to expect developers to constantly be working with separate security tools. So we try to make Mend as invisible as possible. Thanks to Mend’s various integrations and automations, we have been able to accomplish this."
FeaturedCustomers has 1,804,683+ validated customer references
including reviews, case studies, success stories, customer stories,
testimonials and customer videos that will help you make better
software purchasing decisions.