Mend.io Reviews and Pricing - page 5

Try our new research platform with insights from 80,000+ expert users

Release Engineer at a tech vendor with 201-500 employees

Oct 30, 2017

Deployment is easy: In 30 minutes, your product is analysed and the results are available.

How has it helped my organization?

With WhiteSource, we have been able to automate the scan of our Open Source dependencies. Before, it was a 50% automated in-house solution.

What is most valuable?

Open Source dependencies scan
Common Vulnerabilities and Exposures (CVE) detection
Useful license and copyright reports.
Dashboards to manage the risk by product or by organisation.

We are using a lot of Open Source components to develop our products. WhiteSource is the perfect tool to manage the Open Source governance. All our continuous integration stack is using WhiteSource to scan our dependencies (Maven, NPM, Docker).

Next, we are integrating the WhiteSource reports in our products (in a legal-notices folder) to store all the copyright and licensing information. WhiteSource replaced a painful and complex in-house solution, now it's fully automated.

What needs improvement?

Notifications could be improved. Everything else is OK.

If one of our products is using a dependency with a black-listed license (LGPL, for example) we like to notify the developer who added this dependency. And we use the same notification if you try to use a component with no license or no copyright information.

What do I think about the stability of the solution?

No issues.

Free Report: Mend.io Reviews and More

Learn what your peers think about Mend.io. Get advice and tips from experienced pros sharing their opinions. Updated: January 2026.

881,757 professionals have used our research since 2012.

What do I think about the scalability of the solution?

No issues.

How are customer service and support?

Customer Service:

A nine out of 10. They are really reactive when we have a question.

Technical Support:

A nine out of 10. They are really reactive when we have a question.

Which solution did I use previously and why did I switch?

We were using an in-house solution based on some Maven plugins. The process was not fully-automated. We were looking for a fully-automated solution.

How was the initial setup?

Really straightforward. The first scan was ready in 30 minutes.

What about the implementation team?

My team (release engineering) implemented WhiteSource for our company.

What was our ROI?

We are really happy to use WhiteSource. A lot of time has been saved and the results are more accurate.

What's my experience with pricing, setup cost, and licensing?

The setup cost is cheap. For our company, we received a good price to manage unlimited products and versions.

Which other solutions did I evaluate?

We did a comparison with Black Duck, but WhiteSource was better at managing the Open Source stuff.

What other advice do I have?

We are a happy customer.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.

Buyer's Guide

Download our free Mend.io Report and get advice and tips from experienced pros sharing their opinions.

Updated: January 2026

Product Categories

Software Composition Analysis (SCA) Application Security Tools Static Code Analysis Software Supply Chain Security

Buyer's Guide

Download our free Mend.io Report and get advice and tips from experienced pros sharing their opinions.

Quick Links

Learn More:

Questions: