• Platform
    Mend-io-logo-mark
    Mend AI Native AppSec Platform Take a tour
    Ai supplemental terms of service - ai
    Mend AI Secure AI powered applications
    Mend sast icon
    Mend SAST Secure proprietary code 10x faster
    Mend container small icon
    Mend Container Container security done right
    Ai supplemental terms of service - sca
    Mend SCA Decrease open source risk
    Ai supplemental terms of service - renovate
    Mend Renovate Automate dependency updates
    Expand AppSec coverage
    Ai supplemental terms of service - dast icon 1 DAST Ai supplemental terms of service - apis icon 1 API security Ai supplemental terms of service - eol icon EOL support
    Platform Benefits
    Ai supplemental terms of service - repoi icon Repo integration Scalability-icon Scalability Ai supplemental terms of service - reachability icon Reachability
  • Solutions
    Ai models risk - nav bar icon
    AI app security Manage risks in AI models and agents
    Ai-red-teaming-icon-
    AI red teaming Test and secure conversational AI
    Ai supplemental terms of service - ai gen code security nav bar icon 36x36 1
    AI gen code security Real-time AI code security
    Sbom - nav bar icon
    SBOM Move from static to effective SBOMs
    Runtime-security-nav-bar-icon
    Dynamic testing Test for risks in running applications
    Code scanning - nav bar icon
    Code scanning Find and fix known vulnerabilities
    Open source license nav bar icon
    Open source security Prevent. Prioritize. Automate.
    Open source license - nav bar icon
    Open source compliance Risk management for OSS licenses
    Dependency updates - nav bar icon
    Dependency updates Reduced risk, better code
    Container security container security
    Container security Container security, simplified
  • Company
    About us - nav bar icon
    About us Who we are
    Careers nav bar icon
    Careers Join our team
    Partners - nav bar icon
    Partners Meet our partners
    Events - nav bar icon
    Events Upcoming events
    Newsroom - nav bar icon
    Newsroom The latest Mend.io news
    Contact-us nav bar icon
    Contact us Connect with us
  • Resources
    Resource center - nav bar icon
    Resource center View our latest resources
    Blog - nav bar icon
    Blog The latest AppSec news and insights
    Podcast-icon
    Podcast Insights from leading experts
    Customers - nav bar icon
    Customers View our customer case studies
    Integrations - nav bar icon
    Integrations Find your integration
    Langugages nav bar icon
    Languages Find your language
    Vulnerability database - nav bar icon
    Vulnerability database Mend.io's OSS vulnerability database
    Documentation - nav bar icon
    Documentation Product and feature documentation
    Featured
    Ai supplemental terms of service - featured image
    A CISO’s Guide to Securing AI from the Start
    Ai supplemental terms of service - practical guide to sast white paper image
    A Practical Guide to Making the Most of your SAST Investment
Schedule a Demo

Mend AI-Powered Features: Supplemental Terms of Service

Last Updated: June 2025

[Previous Version]

1. Scope of Supplemental Terms.

For clarity, all capitalized terms not defined here have their meanings in the legal terms governing your subscription to the Mend services (the “General Terms”). References to “Mend Services” in those General Terms now include the Mend AI‑Powered Features, except where these Supplemental Terms conflict — in which case these Supplemental Terms control. By opting in, you agree to be bound by these Supplemental Terms and acknowledge Mend’s use of generative AI (including third‑party LLMs). If you opt in on behalf of an entity, you represent that you have authority to do so; “you” covers that entity. If you don’t agree or lack authority, you must not opt in—or use the AI‑Powered Features.

2. AI Powered Features.

Mend offers AI‑based functionality using third‑party LLMs (“Third Party LLM Provider(s)”) or Mend‑hosted LLMs and proprietary ML tech hosted by such Third Party LLM Providers or self-hosted by Mend. These features enhance detection, prioritization, and response to security issues including within your custom code, third party components, and other licensing risks and also simulates dynamic adversarial attacks against your Tested Applications.

3. Changes to These Terms.

We may revise these Supplemental Terms at any time by posting an updated version online. All new subscriptions, renewals, upsells, or newly introduced AI features will be governed by the latest version.

4. Intellectual Property Rights; Customer Data.

4.1. Mend Ownership of Mend AI‑Powered Features. Mend retains ownership of all Mend AI‑Powered Features and underlying technology including any improvements or modifications thereof.

4.2. Customer Data. As between the parties, you retain ownership of all data, software, applications, or other information provided by you to Mend through the Mend AI-Powered Features, including (but not limited to) application files (source or byte code), and code snippets (“Customer Data”) you provide. You represent it does not infringe third-party rights or violate laws and that it is accurate and lawful.

4.3. Third Party LLM Providers. We may need to share Customer Data with Third‑Party LLM Providers, or use our own AI, to enable the service. You grant a worldwide, non-exclusive, royalty-free license to Mend for this purpose, effective while you access the features. Mend will exert commercially reasonable effort to choose Third Party LLM Providers that commit to use your Customer Data solely for the purposes of enabling you to use the Mend AI-Powered Features solely for the purpose of enabling your usage.  Per the Third Party LLM Providers contractual commitment to Mend, your Customer Data shared with Mend AI-Powered Features will not be used to train any generative AI model, including those of the Third Party LLM Providers. We are committed to safeguarding the privacy and security of your Data and have established a clear policy regarding the use of generative AI technology within our operations. We note that your Data as processed in connection with Mend AI-Powered Features may be hosted at our third-party data hosting facilities within Microsoft Azure. This applies even if your other Customer Data is stored in our data environment hosted on AWS.

4.4. Output. As between the parties, you also own all AI-generated output and data points generated by the Mend AI-Powered Features (“Generated Data”), including remediation suggestions and test results (but not Mend’s underlying tech or templates). Mend assigns all intellectual property rights (“IPR”) in such Generated Data to you including all IPR associated with or embodied therein (if and to the extent that any such rights exist under applicable law); however, similar outputs generated for other customers are not covered by this assignment. All other rights reserved by Mend.

5. Performance of Tests on Customer’s AI Applications.

Mend may test your AI applications (“Tested Applications”) by simulating attacker tactics (“Tests”). Mend controls Tests methodology, scope, and access. You grant consent for such testing. We recommend testing in non‑production environments. You acknowledge that performing the Tests in a live production environment  may carry inherent risks and inadvertently expose us to your users’, personnel, or other individuals’ real personal or sensitive data of whatever sort you process in connection with such individuals, or high-risk data, such as data that, if compromised, could result in significant harm to you or such data subjects (collectively, “Personal Data”), and, to the maximum extent permitted by applicable law, we expressly disclaim any liability in connection therewith. Mend AI-Powered Features are not intended to process any such Personal Data. You warrant you have obtained necessary consents and complied with data protection obligations. If you encounter sensitive or high‑risk Personal Data, you’ll notify us as soon as you become aware and we will delete it from test results upon completion or your request or your first written request. We disclaim any liability for claims, losses, damages, or liabilities arising out of or related to our access to Personal Data residing in your Tested Applications and you shall fully indemnify and hold Mend harmless against any third-party claims arising from such exposure. Mend may shorten data retention or delete, anonymize, or pseudonymize such Personal Data, either before or after we share the Test Result with you.

6. AI Inherent Limitations; Human Oversight Needed.

MEND MAKES NO WARRANTIES ABOUT THE ACCURACY, RELIABILITY, COMPLETENESS, OR RELEVANCY OF ANY AI GENERATED DATA AND THE GENERATED DATA COULD POTENTIALLY DISRUPT YOUR ENVIRONMENT OR CAUSE DAMAGE TO YOUR CODEBASE OR SYSTEMS. MEND DISCLAIMS ALL WARRANTIES, INCLUDING ANY THAT THE GENERATED DATA COMPLIES WITH YOUR LEGAL, REGULATORY, OR OPERATIONAL REQUIREMENTS. You are solely responsible for reviewing and validating all Generated Data and its use and for taking appropriate precautions to mitigate potential risks. You acknowledge that: (i) AI may generate incorrect, incomplete, or misleading results, (ii) Generated Data may not be unique and may resemble outputs given to others, (iii) Use of AI is not a substitute for professional judgment or review by your qualified personnel.

7. Acceptable Use

By accepting these Supplemental Terms, you hereby agree to use the Mend AI-Powered Features only in accordance with Mend’s Acceptable Use Policy available at https://www.mend.io/acceptable-use-policy/.

8. High-Risk and Prohibited Use:

8.1. THE MEND AI-POWERED FEATURES ARE NOT DESIGNED OR TESTED FOR USE IN HAZARDOUS ENVIRONMENTS OR ANY OTHER ENVIRONMENTS REQUIRING FAIL-SAFE PERFORMANCE, INCLUDING IN THE OPERATION OF ANY USE WHICH IS LISTED UNDER TITLE II OF THE EU AI ACT AND/OR DEFINED AS HIGH-RISK USE UNDER SUCH REGULATION OR ANY EQUIVALENT LAW OR REGULATION IN ANY OTHER JURISDICTION. YOU HEREBY COMMIT NOT TO USE ANY OF THE GENERATED DATA IN ANY SUCH ENVIRONMENT AND/OR MAKE ANY SUCH USE OF THE MEND AI-POWERED FEATURES.

8.2. You will not use the Mend AI-Powered Features to generate Generated Data for the express purpose of creating synthetic training data to develop or train AI models or systems that have substantially similar functionality to a general-purpose AI model service or the Mend AI-Powered Features. The restrictions in this section do not prevent generating Generated Data for use as an input to dynamic AI models or systems.

© 2025 Mend.io (White Source Ltd.) All rights reserved.