![]() ![]() It has actually sufficed all the needs in one tool for static code analysis." "We've configured it to run on each commit, providing feedback on our software quality. It covers the entire developer community which includes Salesforce or it could be the regular project. They have a lot of support for different tech stacks. "When comparing other static code analysis tools, SonarQube has fewer false-positive issues being reported. It's really convenient to have Mend scanning your products in less than one hour." When you want to implement Mend.io, it just takes a few minutes to create your organization, create your products, and scan them. The UI is excellent, and scanning for security threats fits well into our workflow." "What is very nice is that the product is very easy to set up. ![]() My company's policy is to ensure that vulnerabilities are fixed before it gets to production." "I am the organizational deployment administrator for this tool, and I, along with other users in our company, especially the security team, appreciate the solution for several reasons. We never have any issues with it." "We set the solution up and enabled it and we had everything running pretty quickly." "Mend has reduced our open-source software vulnerabilities and helped us remediate issues quickly. We use Mend for CI/CD that goes through Azure as well. All our three use cases are equally important to us and we found WhiteSource handles them decently." "The dashboard view and the management view are most valuable." "WhiteSource helped reduce our mean time to resolution since the adoption of the product." "There are multiple different integrations there. Some come with dual licenses, some are risky and some are not. "We use a lot of open sources with a variety of containers, and the different open sources come with different licenses. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |