• Platform
    Mend-io-logo-mark
    Mend AI Native AppSec Platform Take a tour
    What being customer recognized in the forrester wave™: static application security testing solutions, q3 2025 really means - ai
    Mend AI Secure AI powered applications
    Mend sast icon
    Mend SAST Secure proprietary code 10x faster
    Mend container small icon
    Mend Container Container security done right
    What being customer recognized in the forrester wave™: static application security testing solutions, q3 2025 really means - sca
    Mend SCA Decrease open source risk
    What being customer recognized in the forrester wave™: static application security testing solutions, q3 2025 really means - renovate
    Mend Renovate Automate dependency updates
    Expand AppSec coverage
    What being customer recognized in the forrester wave™: static application security testing solutions, q3 2025 really means - dast icon 1 DAST What being customer recognized in the forrester wave™: static application security testing solutions, q3 2025 really means - apis icon 1 API security What being customer recognized in the forrester wave™: static application security testing solutions, q3 2025 really means - eol icon EOL support
    Platform Benefits
    What being customer recognized in the forrester wave™: static application security testing solutions, q3 2025 really means - repoi icon Repo integration Scalability-icon Scalability What being customer recognized in the forrester wave™: static application security testing solutions, q3 2025 really means - reachability icon Reachability
  • Solutions
    Ai models risk - nav bar icon
    AI app security Manage risks in AI models and agents
    Ai-red-teaming-icon-
    AI red teaming Test and secure conversational AI
    What being customer recognized in the forrester wave™: static application security testing solutions, q3 2025 really means - ai gen code security nav bar icon 36x36 1
    AI gen code security Real-time AI code security
    Sbom - nav bar icon
    SBOM Move from static to effective SBOMs
    Runtime-security-nav-bar-icon
    Dynamic testing Test for risks in running applications
    Code scanning - nav bar icon
    Code scanning Find and fix known vulnerabilities
    Open source license nav bar icon
    Open source security Prevent. Prioritize. Automate.
    Open source license - nav bar icon
    Open source compliance Risk management for OSS licenses
    Dependency updates - nav bar icon
    Dependency updates Reduced risk, better code
    Container security container security
    Container security Container security, simplified
  • Company
    About us - nav bar icon
    About us Who we are
    Careers nav bar icon
    Careers Join our team
    Partners - nav bar icon
    Partners Meet our partners
    Events - nav bar icon
    Events Upcoming events
    Newsroom - nav bar icon
    Newsroom The latest Mend.io news
    Contact-us nav bar icon
    Contact us Connect with us
  • Resources
    Resource center - nav bar icon
    Resource center View our latest resources
    Blog - nav bar icon
    Blog The latest AppSec news and insights
    Podcast-icon
    Podcast Insights from leading experts
    Customers - nav bar icon
    Customers View our customer case studies
    Integrations - nav bar icon
    Integrations Find your integration
    Langugages nav bar icon
    Languages Find your language
    Vulnerability database - nav bar icon
    Vulnerability database Mend.io's OSS vulnerability database
    Documentation - nav bar icon
    Documentation Product and feature documentation
    Featured
    What being customer recognized in the forrester wave™: static application security testing solutions, q3 2025 really means - featured image
    A CISO’s Guide to Securing AI from the Start
    What being customer recognized in the forrester wave™: static application security testing solutions, q3 2025 really means - practical guide to sast white paper image
    A Practical Guide to Making the Most of your SAST Investment
Schedule a Demo
Blog Rami Sass

What Being Customer Recognized in The Forrester Wave™: Static Application Security Testing Solutions, Q3 2025 Really Means - Rami Sass 1
Rami Sass

Rami Sass is co-founder and CEO of Mend.io, a company that enables organizations to accelerate‌ the development of secure software at ‌scale‌ with automated tools that help bridge the security knowledge gap. Since the company’s founding in 2011, Rami has grown Mend.io from a small Israeli startup to a global business with over 300 employees across several countries and hundreds of enterprise customers including Microsoft and IBM. 
What Being Customer Recognized in The Forrester Wave™: Static Application Security Testing Solutions, Q3 2025 Really Means - Blog cover SAST Forrester Wave Mend io 5

What Being Customer Recognized in The Forrester Wave™: Static Application Security Testing Solutions, Q3 2025 Really Means

Rami Sass Sep 9, 2025
Application Security

Mend.io is recognized as a Strong Performer and customer favorite in The Forrester Wave™: SAST Q3 2025.

Read More
What Being Customer Recognized in The Forrester Wave™: Static Application Security Testing Solutions, Q3 2025 Really Means - hype cycle ASPM overview blog post

ASPM and Modern Application Security

Rami Sass Aug 30, 2024
Application Security

Gartner's 2024 Hype Cycle for Application Security: ASPM moves from peak to trough.

Read More
What Being Customer Recognized in The Forrester Wave™: Static Application Security Testing Solutions, Q3 2025 Really Means - gartner mq blog image

Magic Quadrant™ for Application Security Testing, 2023 Gartner® report

Rami Sass May 23, 2023
Application Security

Mend.io is recognized as a Visionary in the 2023 Gartner Magic Quadrant for Application Security Testing. Learn about their approach.

Read More
What Being Customer Recognized in The Forrester Wave™: Static Application Security Testing Solutions, Q3 2025 Really Means - Blog 1

Mend SCA Action within Amazon CodeCatalyst Brings Additional Application Security to Developers

Rami Sass Dec 1, 2022
Open Source Security

Learn about Mend SCA integration within Amazon CodeCatalyst for enhanced application security. Simplifying AWS vulnerability detection.

Read More
What Being Customer Recognized in The Forrester Wave™: Static Application Security Testing Solutions, Q3 2025 Really Means - Brand Announce navy 1920 1080 scaled 1

WhiteSource is Now Mend: You Code, We Cure

Rami Sass May 25, 2022
Application Security

Mend, formerly WhiteSource, focuses on automating application security with a remediation-first approach for open source and custom code.

Read More
What Being Customer Recognized in The Forrester Wave™: Static Application Security Testing Solutions, Q3 2025 Really Means - SAST blog hero

Mend SAST: The Next Generation of Application Security

Rami Sass Feb 15, 2022
SAST

Learn about our innovative approach to detecting and remediating custom code vulnerabilities for a more secure future.

Read More
What Being Customer Recognized in The Forrester Wave™: Static Application Security Testing Solutions, Q3 2025 Really Means - docker friends

What Are Docker Containers, and Should Your Company Adopt It?

Rami Sass Jan 27, 2021
Container Security

Learn about Docker containers and whether your company should adopt them. Discover the benefits, challenges, and security considerations.

Read More
What Being Customer Recognized in The Forrester Wave™: Static Application Security Testing Solutions, Q3 2025 Really Means - bsd screen

Top 8 BSD License’s Questions Answered

Rami Sass Nov 5, 2020
Open Source Licenses

Get answers to the top 8 BSD License questions in this blog. Learn about the terms, compatibility with GPL, copyleft status, and more.

Read More
What Being Customer Recognized in The Forrester Wave™: Static Application Security Testing Solutions, Q3 2025 Really Means - cddl

Top 10 Common Development and Distribution License Questions Answered

Rami Sass Oct 8, 2020
Open Source Licenses

Get answers to the top 10 Common Development and Distribution License questions. Learn about CDDL terms, compatibility, and more.

Read More
What Being Customer Recognized in The Forrester Wave™: Static Application Security Testing Solutions, Q3 2025 Really Means - openssourcewin2

Top 10 Microsoft Public License (Ms-PL) Questions Answered

Rami Sass Sep 3, 2020
Open Source Licenses

Discover the top 10 Microsoft Public License (Ms-PL) questions answered on this blog. Learn about terms, copyleft, compatibility, and more.

Read More
What Being Customer Recognized in The Forrester Wave™: Static Application Security Testing Solutions, Q3 2025 Really Means - eclipse logo

Top 10 Eclipse Public License Questions Answered

Rami Sass Jul 20, 2020
Open Source Licenses

Get all your questions about the Eclipse Public License answered. Learn about its terms, compatibility, and differences with other licenses.

Read More
What Being Customer Recognized in The Forrester Wave™: Static Application Security Testing Solutions, Q3 2025 Really Means - Knight on rope balance2222

How to Balance Between Security and Agile Development the Right Way

Rami Sass Mar 23, 2020
DevSecOps

What can be done to better balance between security and agile development? What steps can be taken to ensure agile development processes are done in a secure manner?

Read More
What Being Customer Recognized in The Forrester Wave™: Static Application Security Testing Solutions, Q3 2025 Really Means - owasp a9 1

You Can’t Ignore Using Components With Known Vulnerabilities

Rami Sass Jun 27, 2018
Open Source Security

Learn why using components with known vulnerabilities is a major issue in application security and how to address it with OWASP guidelines.

Read More
What Being Customer Recognized in The Forrester Wave™: Static Application Security Testing Solutions, Q3 2025 Really Means - Heartbleed 3 years later

Back To Heartbleed. Three Years Later.

Rami Sass Feb 8, 2017
Open Source Security

Explore the aftermath of Heartbleed, and the importance of managing open source components for security.

Read More
What Being Customer Recognized in The Forrester Wave™: Static Application Security Testing Solutions, Q3 2025 Really Means -

Top 9 GPL With The Classpath Exception Questions Answered

Rami Sass Jan 13, 2016
Open Source Licenses

The top 9 questions about GNU GPL with the Classpath exception. Learn how to use GPL'ed license components without risking your IP.

Read More

Subscribe to our Newsletter

Join our subscriber list to get the latest news and updates

Thanks for signing up! 

© 2025 Mend.io (White Source Ltd.) All rights reserved.