The Mend CLI tool is a great way to embed a Mend scan into any script, like adding it to your pipeline, because it runs and returns results directly in the command line. It can scan proprietary source code or open source libraries from the command line, and return known security vulnerabilities in the open source, or potential security issues in your proprietary code. This is an initial video overview of how to use the Mend CLI to scan your source code

Mend SAST is a SAST (Static Application Security Testing) solution for performing deep and extensive security analysis of application source code. Mend SAST is easy to use, requires almost no user input, and can be deployed during or after development with easy integration into a DevOps environment and CI/CD pipeline. The solution provides an excellent way to automate code inspection as an alternative to the demanding and time-consuming procedure of manual code reviews. Mend SAST supports all major languages and their frameworks, from Android Java to Xamarin C#.

Are you using AWS CodeCatalyst? Mend can integrate with your source control and quickly detect open source artifacts and their known vulnerabilities and licensing risks. Mend also provides all the information you need to fix these artifacts automatically.

In this short video, we will demonstrate how to create an NTIA compliant Software Bill of Materials for applications that have been scanned using Mend. ...

Are you using Bitbucket.com? Mend can integrate with your source control and quickly detect open source artifacts and their known vulnerabilities and licensing risks. Mend also provides all the information you need to fix these artifacts automatically.

This is the fifth video in a series describing how WhiteSource can integrate with Artifactory to detect open source artifacts and their known vulnerabilities and licensing risks. This video will focus on how to Mend can detect and block malicious packages such as ua-parser-js.

Mend, formerly known as WhiteSource, effortlessly secures what developers create. Mend uniquely removes the burden of application security, allowing development teams to deliver quality, secure code, faster. With a proven track record of successfully meeting complex and large-scale application security needs, the world’s most demanding software developers rely on Mend. The company has more than 1,000 customers, including 25 percent of the Fortune 100, and manages Renovate, the open source automated dependency update project.

The video describes how to use async inventory reporting for Accounts with multiple organizations and how to filter a report by library name before generation for a project, product, or organization using the Mend UI.

The video describes how to use async inventory reporting for Accounts with multiple organizations and how to filter a report by library name before generation for a project, product, or organization using the Mend UI.

Are you using JetBrains WebStorm? Mend can integrate with your IDE and quickly detect open source artifacts and their known vulnerabilities. Mend also provides all the information you need to fix these artifacts automatically.