We performed a comparison between GitHub and Mend.io based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The code sharing and updated history are valuable features."
"I would rate the stability a ten out of ten."
"The most valuable features of GitHub are the ease of integration into Microsoft Azure DevOps. The process that you need to deploy into Microsoft Azure becomes fairly simple and the templates are already available, a lot of the engineers find it easier to use."
"You can write the code with AI. But when it comes to implementation, you must upgrade the bits of code that will support this and generate solutions based on that architecture. Then, you need comparable code bits. Therefore, AI can propose how much a specific function can be better optimized. So, AI can help stakeholders reach tasks quicker."
"The most valuable features are GitHub are the standard features, they are very useful."
"During our use of GitHub, we have not encountered any problems and GitHub adds new features frequently."
"I have found GitHub stable."
"If you want to share documents, you can create articles and diagrams with GitHub and share."
"The license management of WhiteSource was at a good level. As compared to other tools that I have used, its functionality for the licenses for the code libraries was quite good. Its UI was also fine."
"The most valuable feature is the unified JAR to scan for all langs (wss-scanner jar)."
"The overall support that we receive is pretty good. "
"It gives us full visibility into what we're using, what needs to be updated, and what's vulnerable, which helps us make better decisions."
"Attribution and license due diligence reports help us with aggregating the necessary data that we, in turn, have to provide to satisfy the various licenses copyright and component usage disclosures in our software."
"We use a lot of open sources with a variety of containers, and the different open sources come with different licenses. Some come with dual licenses, some are risky and some are not. All our three use cases are equally important to us and we found WhiteSource handles them decently."
"We set the solution up and enabled it and we had everything running pretty quickly."
"WhiteSource is unique in the scanning of open-source licenses. Additionally, the vulnerabilities aspect of the solution is a benefit. We don't use WhiteSource in the whole organization, but we use it for some projects. There we receive a sense of the vulnerabilities of the open-source components, which improves our security work. The reports are automated which is useful."
"There is room for improvement in terms of interface."
"GitHub could add more security features. I am not sure how secure it is. If they provide more security features, then it can be used in more official applications."
"The project management sector really needs some improvement for GitHub. I don't know if GitHub made sense for me as a project manager."
"We face issues with synchronization while working with teams."
"We would like this solution to have a more user-friendly interface."
"GitHub could improve by being more user-friendly."
"I would like to see integration with Slack such that all of the changes made in GitHub are reflected there."
"I decided not to use GitHub but developed my tool because I found it more efficient. I'm familiar with my tools, making them easier to use. I like being able to customize them to fit my workflow and the way I think.. Software development is like a personal workshop, and I tailor my version control to match my approach."
"The UI is not that friendly and you need to learn how to navigate easily."
"It would be good if it can do dynamic code analysis. It is not necessarily in that space, but it can do more because we have too many tools. Their partner relationship support is a little bit confusing. They haven't really streamlined the support process when we buy through a reseller. They should improve their process."
"Make the product available in a very stable way for other web browsers."
"It should support multiple SBOM formats to be able to integrate with old industry standards."
"The initial setup could be simplified."
"WhiteSource needs improvement in the scanning of the containers and images with distinguishing the layers."
"We have been looking at how we could improve the automation to human involvement ratio from 60:40 to 70:30, or even potentially 80:20, as there is room for improvement here. We are discussing this internally and with Mend; they are very accommodating to us. We think they openly receive our feedback and do their best to implement our thoughts into the roadmap."
"We specifically use this solution within our CICD pipelines in Azure DevOps, and we would like to have a gate so that if the score falls below a certain value then we can block the pipeline from running."
GitHub is ranked 9th in Application Security Tools with 74 reviews while Mend.io is ranked 13th in Application Security Tools with 29 reviews. GitHub is rated 8.6, while Mend.io is rated 8.4. The top reviewer of GitHub writes "Beneficial version control and continuous integration, but guides would be helpful". On the other hand, the top reviewer of Mend.io writes "Easy to use, great for finding vulnerabilities, and simple to set up". GitHub is most compared with Snyk, AWS CodeCommit, Fortify on Demand, Bitbucket and Atlassian SourceTree, whereas Mend.io is most compared with SonarQube, Black Duck, Veracode, Snyk and Checkmarx One. See our GitHub vs. Mend.io report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.