No more typing reviews! Try our Samantha, our new voice AI agent.

DoveRunner Mobile Application Security vs Mend.io comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 18, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

DoveRunner Mobile Applicati...
Ranking in Application Security Tools
31st
Average Rating
7.6
Reviews Sentiment
2.9
Number of Reviews
2
Ranking in other categories
No ranking in other categories
Mend.io
Ranking in Application Security Tools
9th
Average Rating
8.4
Reviews Sentiment
7.0
Number of Reviews
34
Ranking in other categories
Software Composition Analysis (SCA) (5th), Static Code Analysis (4th), Software Supply Chain Security (1st)
 

Mindshare comparison

As of July 2026, in the Application Security Tools category, the mindshare of DoveRunner Mobile Application Security is 0.3%, up from 0.0% compared to the previous year. The mindshare of Mend.io is 2.5%, down from 3.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools Mindshare Distribution
ProductMindshare (%)
Mend.io2.5%
DoveRunner Mobile Application Security0.3%
Other97.2%
Application Security Tools
 

Featured Reviews

Vikas Kejriwal - PeerSpot reviewer
Engineering Manager at a comms service provider with 11-50 employees
Protection has secured our mobile algorithms and now testing guidelines need improvement
The best features DoveRunner Mobile Application Security offers include its simple integration, which is basically a pipeline, making it a plug-and-play type of approach that automatically takes care of all the heavy work. Regarding how the automatic protection works, I appreciate the simplicity of this particular SDK, as I just need to integrate it using Xcode directly and use CocoaPods to install it in applications, which simplifies the security layers along with all the signing and submission of the application to the App Store. DoveRunner Mobile Application Security has positively impacted my organization so far by alleviating a constant fear that our proprietary algorithms or shaders might be leaked, which could affect our application's revenue, and we are optimistic about achieving secure integration after launching in production.
meetharoon - PeerSpot reviewer
CEO at a computer software company with 10,001+ employees
Centralized security monitoring has reduced false positives and improves dependency governance
The only area for improvement I would say is that the false positives are nearly zero; everything is mostly like 99 to 99.99% or we can say 100% accurate. There were a few areas for improvement just from the last time I saw; I think the user experience had a little problem. We wanted to have certain reports based on our kind of scenario, but the tool did not allow us to create custom reports. We had asked for some facility and some ability for us to create some custom reports. That would be awesome if they allow us to create custom reports the way we wanted. There is one small area which I don't know whether we should call a tool limitation or a wish list; if I use a library and I don't use all the capabilities of the library but only a portion of it and that portion is not vulnerable, but there is a component which is outdated, that is a problem, even though I don't use that component. Mend.io will discover there is a problem in the whole library; that is correct. That's a valid discovery, but in my case, for example, if I don't use that particular portion, then it actually is not making sense for me, but that's not a limitation of Mend.io; I think that's a general problem with any tool in the market because no tool in the market will actually know what portion of the code I'm actually using from that particular library if it is vulnerable or not.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"After exploring DoveRunner Mobile Application Security, I can say that you are getting everything on a single platform."
"DoveRunner Mobile Application Security has positively impacted my organization so far by alleviating a constant fear that our proprietary algorithms or shaders might be leaked, which could affect our application's revenue, and we are optimistic about achieving secure integration after launching in production."
"The home dashboard itself gives a very good analysis for Mend.io; this is not just for SCA, it is for SAST and container as well, and it gives entire analytics of how many vulnerabilities were found, how much was updated, and how much was fixed over the last three, six, and nine months."
"Attribution and license due diligence reports help us with aggregating the necessary data that we, in turn, have to provide to satisfy the various licenses copyright and component usage disclosures in our software."
"Its ease of use and good results are the most valuable."
"Our dev team uses the fix suggestions feature to quickly find the best path for remediation."
"We can take some measures to improve things, replace a library, or update a library which was too old or showed severe bugs."
"The overall support that we receive is pretty good. ​"
"It gives us full visibility into what we're using, what needs to be updated, and what's vulnerable, which helps us make better decisions."
"WhiteSource is very easy to run and use, and it reduced significantly the time our developers used to spend on issues in open-source libraries."
 

Cons

"I think improved guidelines could be added regarding testing on the security aspect."
"As I am in the exploration phase of DoveRunner Mobile Application Security, I chose a rating of eight."
"The initial setup was of an intermediate complexity; it was neither complex nor straightforward and could have been easier."
"Some detected libraries do not specify a location of where in the source they were matched from, which is something that should be enhanced to enable quicker troubleshooting."
"Up until now, we were convinced that the return of investment was not really the case."
"It would be nice to have a better way to realize its full potential and translate it within the UI or during onboarding."
"The only thing that I don't find support for on Mend Prioritize is C++, which they'll be working on since the product is under development."
"It would be good if it can do dynamic code analysis. It is not necessarily in that space, but it can do more because we have too many tools. Their partner relationship support is a little bit confusing. They haven't really streamlined the support process when we buy through a reseller. They should improve their process."
"WhiteSource is working on a UI refresh. That's probably been one of the pain points for us as it feels like a really old application."
"We have ended our relationship with WhiteSource. We were using an agent that we built in the pipeline so that you can scan the projects during build time. But unfortunately, that agent didn't work at all. We have more than 500 projects, and it doubled or tripled the build time. For other projects, we had the failure of the builds without any known reason. It was not usable at all. We spent maybe one year working on the issues to try to make it work, but it didn't in the end. We should be able to integrate it with ID and Shift Left so that the developers are able to see the scan results without waiting for the build to fail."
 

Pricing and Cost Advice

Information not available
"WhiteSource is much more affordable than Veracode."
"Over the last two years, they have tried to add more and more features to their license packages, but the price is a little bit high, comparatively."
"This is an expensive solution."
"We are paying a lot of money to use WhiteSource. In our company, it is not easy to argue that it is worth the price. ​"
"Its pricing model is per developer. It depends on the number of developers in the company. The license is for a minimum of 20 developers. So, even if you are a small startup with less than 10 developers, you have to buy a license for 20 developers on a yearly subscription, which makes it quite expensive for startup customers. I provide consultation to startup accelerators. They're small at the beginning, and only once they grow to 20 developers, they can afford this tool. As a result, WhiteSource is missing this target audience. Their licensing is not flexible."
"It is fairly priced."
"Mend is costly but not overly expensive. The license was quite expensive this year, but we managed to negotiate the price down to the same as last year. At the same time, it's a good value. We're getting what we're paying for and still not using all the features. We could probably get more out of the tool and make it more valuable. At the moment, we don't have the capacity to do that."
"Pricing and licensing are comparable to other tools. When we started, it was less than our existing solution. I can't go into specifics, but it isn't cheap."
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
No data available
Financial Services Firm
14%
Computer Software Company
12%
Manufacturing Company
12%
Construction Company
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business10
Midsize Enterprise3
Large Enterprise21
 

Questions from the Community

What needs improvement with DoveRunner Mobile Application Security?
As I am in the exploration phase of DoveRunner Mobile Application Security, I chose a rating of eight. Until I receive confirmation of performance in production, I cannot say it deserves a perfect ...
What is your primary use case for DoveRunner Mobile Application Security?
I started exploring DoveRunner Mobile Application Security for my mobile application. I am from the mobile domain, specifically building QSR applications. Nowadays, we are facing issues where peopl...
What advice do you have for others considering DoveRunner Mobile Application Security?
I recommend DoveRunner Mobile Application Security. As I am in the exploration phase, my recommendation is based on what I have seen so far. If you want a complete package where you can secure your...
How does WhiteSource compare with SonarQube?
Red Hat Ceph does well in simplifying storage integration by replacing the need for numerous storage solutions. This solution allows for multiple copies of replicated and coded pools to be kept, ea...
How does WhiteSource compare with Black Duck?
We researched Black Duck but ultimately chose WhiteSource when looking for an application security tool. WhiteSource is a software solution that enables agile open source security and license compl...
What is your experience regarding pricing and costs for Mend.io?
Mend.io SCA offers a competitive pricing structure that is relatively affordable compared to similar solutions in the market. This makes it an attractive option for organizations looking to enhance...
 

Also Known As

No data available
WhiteSource, Mend SCA, Mend.io Supply Chain Defender, Mend SAST
 

Overview

 

Sample Customers

Information Not Available
Microsoft, Autodesk, NCR, Target, IBM, vodafone, Siemens, GE digital, KPMG, LivePerson, Jack Henry and Associates
Find out what your peers are saying about SonarSource Sàrl, Checkmarx, Veracode and others in Application Security Tools. Updated: June 2026.
902,988 professionals have used our research since 2012.