Open Source Security

Automatically detect, prioritize, and remediate your open source security vulnerabilities at every stage of the software development life cycle.

The widespread adoption of open source means an increase in open source security vulnerabilities. Because these security vulnerabilities are disclosed publicly, they are prime targets for hackers. If you’re not regularly managing your open source components and all their dependencies, your organization is at risk.

The open source community is decentralized by nature, and finding information about vulnerabilities is difficult and varies by project. To reduce risk, enterprises need visibility into their open source use. Managing open source security at scale requires a solution that goes beyond detection to focus on the prioritization, remediation, and prevention of open source vulnerabilities.

Detection, Prioritization, and Remediation

Secure your enterprise by looking beyond just detection to focus on prioritizing
and remediating your open source security vulnerabilities.

Detection

You can’t fix what you don’t know you have. It’s that simple. Mend detects all vulnerable open source components, including in your transitive dependencies, in more than 200 programming languages.

No False Positives – Save time and resources with no false positives. Mend matches reported vulnerabilities to the open source libraries in your code, reducing the number of alerts.

Most Comprehensive Database – Gain complete coverage over your open source use with the largest vulnerability database in the industry. With more than 270 million open source components and 13 billion files, our vulnerability database continuously monitors multiple resources including the NVD and a wide range of security advisories and issue trackers.

CVE Numbering Authority – Mend is a CVE Numbering Authority, which allows us to responsibly disclose new security vulnerabilities found through our own research.

Prioritization

Mend identifies and prioritizes the most critical open source security vulnerabilities so you can fix what matters most first.

Mend Priority Scoring is an innovative approach to prioritization that combines perceived risks from both security and non-security metrics. It is the first and only automated remediation solution to factor in business impact as part of overall vulnerability scoring. Mend Priority Scoring allows you to create automated policies for vulnerability remediation based on threat, impact, and fix.

Threat

Assess vulnerability severity (CVSS score) and whether a vulnerability is called by proprietary code.

Impact

Evaluate the potential business impact of a vulnerability, such as whether financial data or PII could be exposed.

Fix

Determine whether a fix is available and ease of remediation.
.

Priority Scoring allows you to make informed decisions and implement automated risk-based policies so that the biggest overall threats to your business are remediated first.

Remediation

Fix security vulnerabilities with one click using automatically generated pull requests that identify the latest version of open source components.

Remediate Faster with Automated Workflows – Enforce automated remediation policies to fix vulnerable open source components, including newly disclosed vulnerabilities.

Fix with One-Click – Maximize productivity with auto-generated, real-time pull requests that make fixing a vulnerable open source component as easy as a single click.

Merge with Confidence – Update your dependencies and prevent regression errors with a high degree of accuracy that a component is safe to apply and won’t break your code.