We performed a comparison between GitLab and Mend.io based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution has an established roadmap that lays out its plans for upgrades over the next two to three years."
"It is very useful for reviews. We are using branch merging operations and full reset operations. It is also very useful for merging our code and tracking another branch. The graph diagrams of Git are very useful. Its interface is straightforward and not too complex for us."
"GitLab's best features are maintenance, branch integration, and development infrastructure."
"The merging feature makes it easy later on for the deployment."
"The most valuable feature of GitLab is the automatic merging of code."
"It is a speedy platform compared to the others I have used. I have also enjoyed using the platform as this solution offers a good user experience."
"For us, Gitlab's most valuable feature is the integration with Cypress. We're using Cypress as an automation tool, so we're using GitLab as a tool for running in parallel."
"It scales well."
"The most valuable feature is the inventory, where it compiles a list of all of the third-party libraries that we have on our estate."
"Its ease of use and good results are the most valuable."
"For us, the most valuable tool was open-source licensing analysis."
"The solution boasts a broad range of features and covers much of what an ideal SCA tool should."
"It gives us full visibility into what we're using, what needs to be updated, and what's vulnerable, which helps us make better decisions."
"We find licenses together with WhiteSource which are associated with a certain library, then we get a classification of the license. This is with respect to criticality and vulnerability, so we could take action and improve some things, or replace a third-party library which seems to be too risky for us to use on legal grounds."
"Attribution and license due diligence reports help us with aggregating the necessary data that we, in turn, have to provide to satisfy the various licenses copyright and component usage disclosures in our software."
"I am the organizational deployment administrator for this tool, and I, along with other users in our company, especially the security team, appreciate the solution for several reasons. The UI is excellent, and scanning for security threats fits well into our workflow."
"This solution could be improved by adding modifications such as slack notifications."
"The solution should be more cloud-native and have more cloud-native capabilities and features."
"The solution should again offer an on-premises deployment option."
"We have only seen a couple of issues on Gitlab, which we use for building some of the applications."
"We do face issues in our company when we run out of disk space."
"When deploying the solution on cloud and the CI/CD pipeline, we have to define the steps and it becomes confusing."
"I would like more Agile features in the Premium version. The Premium version should have all Agile features that exist in the Ultimate version. IBM AOM has a complete Agile implementation, but in GitLab, you only have these features if you buy the Ultimate version. It would be good if we can use these in the Premium version."
"The pricing model of GitLab is an issue for me."
"The turnaround time for upgrading databases for this tool as well as the accuracy could be improved."
"It would be good if it can do dynamic code analysis. It is not necessarily in that space, but it can do more because we have too many tools. Their partner relationship support is a little bit confusing. They haven't really streamlined the support process when we buy through a reseller. They should improve their process."
"At times, the latency of getting items out of the findings after they're remediated is higher than it should be."
"The only thing that I don't find support for on Mend Prioritize is C++."
"It should support multiple SBOM formats to be able to integrate with old industry standards."
"The UI is not that friendly and you need to learn how to navigate easily."
"The UI can be slow once in a while, and we're not sure if it's because of the amount of data we have, or it is just a slow product, but it would be nice if it could be improved."
"If anything, I would spend more time making this more user-friendly, better documenting the CLI, and adding more examples to help expand the current documentation."
GitLab is ranked 7th in Application Security Tools with 68 reviews while Mend.io is ranked 6th in Application Security Tools with 29 reviews. GitLab is rated 8.6, while Mend.io is rated 8.4. The top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". On the other hand, the top reviewer of Mend.io writes "Easy to use, great for finding vulnerabilities, and simple to set up". GitLab is most compared with Microsoft Azure DevOps, Bamboo, AWS CodePipeline, SonarQube and Tekton, whereas Mend.io is most compared with SonarQube, Black Duck, Snyk and Checkmarx. See our GitLab vs. Mend.io report.
See our list of best Application Security Tools vendors and best Software Composition Analysis (SCA) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.