The Mend-Microsoft integration enables your developers to work in their native environments to detect problematic components early in the SDLC.
Mend for Azure Repos integrates with developers’ native environment to scan repositories as part of a Mend.io account. Mend.io detects all open source components and displays any security vulnerabilities or license compliance issues directly within Azure Repos. Developers are also given remediation advice on vulnerable and outdated open source components directly in Azure Repos without having to leave their repository.
Mend.io’s Integrated Development Environment (IDE) integrations, including support for Visual Studio and Visual Studio Code (Editor), are designed to work seamlessly within the development process, enabling developers to code more productively and securely.
Mend for GitHub.com is a GitHub app, which is part of Mend Developer Integrations, continuously scans your repositories and alerts on security vulnerabilities. It includes continuous automated security remediation with Mend Remediate, using fix pull requests. Mend for GitHub.com detects all open source components in your software, without ever scanning your code.
Mend Advise gives your developers a snapshot of a component’s details before they download it to their repository and incorporate it in the codebase. It is delivered as a Chrome or Microsoft Edge (from version 83) extension.
Customers who procure Mend through the Azure commercial marketplace, can use it toward their Azure Consumption Commitment (MACC).