We performed a comparison between GitLab and Mend.io based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Everything is easy to configure and easy to work with."
"The most valuable feature of GitLab is its security."
"We like that we can create branches and then the branches can be reviewed and you can mesh those branches back. You can independently work with your own branch, you don't need to really control the core of other people."
"I have had no problem with the stability of the solution."
"Key features allow creation of well-presented Wiki that includes ideas, development, and domains."
"The dashboard and interface make it easy to use."
"The most valuable functionality of GitLab, for me, is the DevOps. Besides the normal source control based on Git, I find the Auto DevOps features most important in the solution."
"The initial setup of GitLab is pretty simple, with no complications."
"We can take some measures to improve things, replace a library, or update a library which was too old or showed severe bugs."
"What is very nice is that the product is very easy to set up. When you want to implement Mend.io, it just takes a few minutes to create your organization, create your products, and scan them. It's really convenient to have Mend scanning your products in less than one hour."
"Mend has reduced our open-source software vulnerabilities and helped us remediate issues quickly. My company's policy is to ensure that vulnerabilities are fixed before it gets to production."
"The reporting capability gives us the option to generate an open-source license report in a single click, which gets all copyright and license information, including dependencies."
"The best feature is that the Mend R&D team does their due diligence for all the vulnerabilities. In case they observe any important or critical vulnerabilities, such as the Log4j-related vulnerability, we usually get a dedicated email from our R&D team saying that this particular vulnerability has been exploited in the world, and we should definitely check our project for this and take corrective actions."
"Its ease of use and good results are the most valuable."
"The results and the dashboard they provide are good."
"Our dev team uses the fix suggestions feature to quickly find the best path for remediation."
"GitLab can improve the integration with third-party applications. It could be made easier. Additionally, having API control from my application could be helpful."
"It can be free for commercial use."
"GitLab would be improved with the addition of templates for deployment on local PCs."
"Even if I say I want some improvement, they will say it is already planned in the first quarter, second quarter, or third quarter. That said, most everything is quite improved already, and they're improving even further still."
"I rate the support from GitLab a four out of five."
"I would like to see better integration with project management tools such as Jira."
"The tool should include a feature that helps to edit the code directly."
"The solution could improve by providing more integration into the CI/CD pipeline, an autocomplete search tool, and more supporting documentation."
"It would be good if it can do dynamic code analysis. It is not necessarily in that space, but it can do more because we have too many tools. Their partner relationship support is a little bit confusing. They haven't really streamlined the support process when we buy through a reseller. They should improve their process."
"It would be nice to have a better way to realize its full potential and translate it within the UI or during onboarding."
"We have been looking at how we could improve the automation to human involvement ratio from 60:40 to 70:30, or even potentially 80:20, as there is room for improvement here. We are discussing this internally and with Mend; they are very accommodating to us. We think they openly receive our feedback and do their best to implement our thoughts into the roadmap."
"The initial setup could be simplified."
"The solution lacks the code snippet part."
"On the reporting side, they could make some improvements. They are making the reports better and better, but sometimes it takes a lot of time to generate a report for our entire organization."
"Mend supports most of the common package managers, but it doesn't support some that we use. I would appreciate it if they can quickly make these changes to add new package managers when necessary."
"Some detected libraries do not specify a location of where in the source they were matched from, which is something that should be enhanced to enable quicker troubleshooting."
GitLab is ranked 7th in Application Security Tools with 70 reviews while Mend.io is ranked 5th in Application Security Tools with 29 reviews. GitLab is rated 8.6, while Mend.io is rated 8.4. The top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". On the other hand, the top reviewer of Mend.io writes "Easy to use, great for finding vulnerabilities, and simple to set up". GitLab is most compared with Microsoft Azure DevOps, Bamboo, AWS CodePipeline, SonarQube and Tekton, whereas Mend.io is most compared with SonarQube, Black Duck, Snyk, Checkmarx One and Qualys Web Application Scanning. See our GitLab vs. Mend.io report.
See our list of best Application Security Tools vendors and best Software Composition Analysis (SCA) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.