We performed a comparison between CodeSentry and Mend.io based on real PeerSpot user reviews.
Find out what your peers are saying about Synopsys, Snyk, Veracode and others in Software Composition Analysis (SCA)."The product's most valuable feature is the CWE ratio."
"The reporting capability gives us the option to generate an open-source license report in a single click, which gets all copyright and license information, including dependencies."
"Its ease of use and good results are the most valuable."
"I am the organizational deployment administrator for this tool, and I, along with other users in our company, especially the security team, appreciate the solution for several reasons. The UI is excellent, and scanning for security threats fits well into our workflow."
"Mend has reduced our open-source software vulnerabilities and helped us remediate issues quickly. My company's policy is to ensure that vulnerabilities are fixed before it gets to production."
"Attribution and license due diligence reports help us with aggregating the necessary data that we, in turn, have to provide to satisfy the various licenses copyright and component usage disclosures in our software."
"The solution is scalable."
"We can take some measures to improve things, replace a library, or update a library which was too old or showed severe bugs."
"The solution boasts a broad range of features and covers much of what an ideal SCA tool should."
"The product's installation speed needs improvement. It should be less than 30 to 45 minutes."
"The solution lacks the code snippet part."
"It would be nice to have a better way to realize its full potential and translate it within the UI or during onboarding."
"WhiteSource Prioritize should be expanded to cover more than Java and JavaScript."
"The UI can be slow once in a while, and we're not sure if it's because of the amount of data we have, or it is just a slow product, but it would be nice if it could be improved."
"It should support multiple SBOM formats to be able to integrate with old industry standards."
"The turnaround time for upgrading databases for this tool as well as the accuracy could be improved."
"They're working on a UI refresh. That's probably been one of the pain points for us as it feels like a really old application."
"We specifically use this solution within our CICD pipelines in Azure DevOps, and we would like to have a gate so that if the score falls below a certain value then we can block the pipeline from running."
CodeSentry is ranked 15th in Software Composition Analysis (SCA) with 1 review while Mend.io is ranked 4th in Software Composition Analysis (SCA) with 29 reviews. CodeSentry is rated 8.0, while Mend.io is rated 8.4. The top reviewer of CodeSentry writes "Easy-to-install with efficient vulnerability detection features". On the other hand, the top reviewer of Mend.io writes "Easy to use, great for finding vulnerabilities, and simple to set up". CodeSentry is most compared with , whereas Mend.io is most compared with SonarQube, Black Duck, Snyk, Checkmarx One and Veracode.
See our list of best Software Composition Analysis (SCA) vendors.
We monitor all Software Composition Analysis (SCA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.