IT Central Station is now PeerSpot: Here's why

Mend Room for Improvement

Jeffrey Harker - PeerSpot reviewer
System Manager of Cloud Engineering at Common Spirit

At times, the latency of getting items out of the findings after they're remediated is higher than it should be.

View full review »
Ben Dyer - PeerSpot reviewer
Head of Software Engineering at a legal firm with 1,001-5,000 employees

If I had to choose one area of improvement, it would be to have the support system in one place. At the moment, all matters regarding support run through Salesforce SaaS solutions.

I'm sure there are more improvements that can happen with WhiteSource’s IDE tool, however, it's still useful. We still have an open ticket regarding some slow scans since we have some fairly complex projects that take a long time to scan. That's been the only slightly negative experience with the tool and we work hard to try to fix it.

WhiteSource is working on a UI refresh. That's probably been one of the pain points for us as it feels like a really old application. Although we are used to it, when filtering lists, we feel like we are using an application from the 1990s. It's my understanding that they have some improvements coming and I hope to take part in a trial for that.

I've also recently looked at their SaaS tool. I've done a trial with it and at the moment it’s a separate product. I'd like to see all of the products merged into one, so that there would be one place to go for everything and all of the support, FaaS, SCA, and more.

View full review »
ZvikaRonen - PeerSpot reviewer
Chief Technology Officer at FOSSAware

The pricing model needs some changes. It is being offered in bulks of a minimum of 20 developers, which means that small startups with less than 20 developers cannot afford to buy the minimum bulk. There is no flexible pricing model to choose a plan with partial functionality and for less than 20.

The GUI should support the export of multiple SBOM formats, today this is the transparency expected by federal agencies from companies that write software. 
There is no one standard yet in the industry for SBOM, so leading tools like WhiteSource should be able to support multiple formats.

View full review »
Buyer's Guide
Mend
June 2022
Learn what your peers think about Mend. Get advice and tips from experienced pros sharing their opinions. Updated: June 2022.
607,127 professionals have used our research since 2012.
SK
Principal Software Architect at a tech services company with 10,001+ employees

I am not clear if WhiteSource provides on-premises service. I know that its competitors provide on-premises and SaaS-based services for the same licensing fee and model, but I am not sure if this applies to WhiteSource, as well. I believe it does not. 

It is preferable to use on-cloud services, although on-premises one should equally be an option, if I would prefer to not go for SaaS-based hosting. The licensing model should be the same for the different options. 

The initial setup could be simplified. 

View full review »
Nils Hedström - PeerSpot reviewer
Architect/Developer at a insurance company with 5,001-10,000 employees

WhiteSource only produces a report, which is nice to look at. However, you have to check that report every week, to see if something was found that you don't want. It would be great if the build that's generating a report would fail if it finds a very important vulnerability, for instance.

View full review »
ZD
Business Process Analyst at a financial services firm with 1,001-5,000 employees

We have ended our relationship with WhiteSource. We were using an agent that we built in the pipeline so that you can scan the projects during build time. But unfortunately, that agent didn't work at all. We have more than 500 projects, and it doubled or tripled the build time. For other projects, we had the failure of the builds without any known reason. It was not usable at all. We spent maybe one year working on the issues to try to make it work, but it didn't in the end. 

We should be able to integrate it with ID and Shift Left so that the developers are able to see the scan results without waiting for the build to fail.

View full review »
MR
AVP at a computer software company with 5,001-10,000 employees

The turnaround time for upgrading databases for this tool as well as the accuracy could be improved. 

It would be good if containerization could be included under the current licensing but this is not something I have looked into.

View full review »
AnandHosamani - PeerSpot reviewer
FOSS Coordinator at a manufacturing company with 5,001-10,000 employees

The solution lacks the code snippet part. I plan to raise this issue with those at WhiteSource.

View full review »
WL
Sr. Director, Cloud Operations at a computer software company with 1,001-5,000 employees

It would be good if it can do dynamic code analysis. It is not necessarily in that space, but it can do more because we have too many tools.

Their partner relationship support is a little bit confusing. They haven't really streamlined the support process when we buy through a reseller. They should improve their process.

View full review »
GM
Senior Lead Software Engineer at a tech services company with 10,001+ employees

I would like to see the static analysis included with the open-source version. That would be good.

View full review »
Buyer's Guide
Mend
June 2022
Learn what your peers think about Mend. Get advice and tips from experienced pros sharing their opinions. Updated: June 2022.
607,127 professionals have used our research since 2012.