Mend SCA for Amazon CodeCatalyst

Accelerating secure software development at scale

Mend allows organizations to gain full visibility and control over their open source usage. It runs silently in the background, detecting all open source components in the code, including all transitive dependencies, every time a build is run or a commit has been performed.

Mend’s strategic collaboration with AWS ensures that open source running on AWS is secured using a remediation-first approach for faster and more confident deployments.

The benefit of using Mend in CodeCatalyst

Using the Mend SCA action inside Amazon CodeCatalyst allows you to easily detect security vulnerabilities in your open source code. Once your code has been scanned by the action, you will be able to see a list of vulnerabilities inside the Amazon CodeCatalyst user interface.

Mend application security platform will help your team:

  • Find application vulnerabilities
  • Accelerate remediations
  • Meet development deadlines
  • Prevent supply chain attacks

We cut the time developers spend on security by 80%, freeing them to do what they do best: build great apps.

Read this datasheet to see how. 

Mend.io is Trusted By

 

What customers are saying

One of our most indicative KPIs is the amount of time for us to remediate vulnerabilities and also the amount of time developers spend fixing vulnerabilities in our code base, which has reduced significantly. We’re talking about at least 80% reduction in time.

Andrei Ungureanu

Before moving to Mend, the contribution process included a code validation step prior to the final code transfer. Given the wide amount of languages and ecosystem, the process was manual and quite time consuming, especially with the quick growth of our project portfolio, With Mend, this process is automated, saving significant time for developers.

Maurizio Pillitu

When talking about security, improvement is hard to measure. We haven’t had a security breach yet, and it’s probably because we use products like Mend…I would say it reduced the vulnerabilities in production by about 80 percent. When we have a release or run the script, it automatically picks up the vulnerabilities.

Kieran Whelan

It is hard to assign a value to an incident you prevented from happening. You need to understand and manage your risks. Your company and customers demand it. You cannot put a price on trust, and Mend helps us maintain the trust we have with our customers.

Nick Banta

Shifting left helps us catch so many more vulnerabilities earlier on in the process before they really get ingrained into the code base of the company. What Mend does is help 1ES reach out to every developer at Microsoft to provide them advanced information, early shift left guidance on where the open source in their code base that they’re using might be vulnerable and how to fix it quickly, so they can address it before the attackers get us.

Bryan Sullivan