formerly WhiteSource Sign Up For Your Free Trial Mend.io

Mend.io, formerly known as WhiteSource, is an application security company built to secure today’s digital world. We want developers to do what they do best: build the applications that power the world. Our job is to keep those apps safe.

Mend was created in response to a challenge our founders encountered when selling Eurekify, their previous company.  The buyers requested a software inventory and security scan as part of due diligence. Since the scan was not automated, the process was time-consuming, expensive, and riddled with potential errors. Our founders wanted to save other companies from this difficult experience, and Mend was born.

For us, application security is all about fixing. Our unique automated remediation technologies go beyond traditional detection-oriented solutions to solve the real problem: reducing application risk without impacting demanding development deadlines. It’s simple: To shrink the software threat landscape, you need to close the gaps. To close the gaps, you need Mend.io.

Mend.io + Jira Security: Doing DevSecOps Better Together

We hear a lot about the urgency of transition from DevOps to DevSecOps, and with good reason. The ongoing rise in cyberattacks across the software supply chain, coupled with a shifting regulatory landscape, highlights the growing urgency of improving application security. But it’s one thing to recognize the importance of integrating security into the software development process, and another thing to actually succeed at doing so. We know from speaking with our customers and industry research that developers won’t use AppSec tools that make their lives harder.

That’s why we believe in automated testing tools that integrate application security into existing workflows — making tools easy to use generally translates into more seamless adoption, and teams that work better together. Wherever possible, we create integrations that overcome this problem.

With that in mind, we are particularly excited about the forthcoming availability of Jira Security dashboards, which features a new supporting enhancement to Mend.io’s Jira integration capabilities. Now Jira users will have a single place to view and triage security alerts from mixed security vendors.

In addition to the enhanced integration support, the new capabilities will include:

• Vulnerability linking to Jira issues.
• A new ability to create issues directly from within the Security Tab. Fields are pre-populated with data pulled from Mend.io’ security testing integration.
• The new ability to filter by severity, CVE identifier, and more to run vulnerability triaging and prioritization rituals.

Jira Security will help development and security teams increase collaboration and shared responsibility for security by centralizing vulnerability information in a shared space where teams manage their work. It will also empower development teams to bring security into agile ceremonies such as sprint planning, and quickly triage and address vulnerabilities to incorporate security into the development process.

The Installation and configuration process is relatively simple, as users can select “Jira Security Dashboard” both in the onboarding process and within advanced settings.

After containers are connected to a Jira Project, Mend.io will continuously update this dashboard with alerts from the respective Mend.io Project on the following:

• Severity
• Vulnerability description
• Vulnerability status – Open, Closed, Ignored, Unknown
• Vulnerability detection date
• CVE information
• Issues
• Actions

Benefits

According to research by Atlassian, the average Jira customer has around three security vendors who push data to Jira or would like to. By viewing all vendors in one place, using the integration with Jira, users will save valuable time and resources when they’re security scanning. And now, developers will enjoy more flexibility and choice to secure their software and applications when using Jira.

Additionally, the integration enables users to find and fix issues and vulnerabilities quickly and early in the SDLC. Integrating Mend enables users to send security findings directly to Jira Security, and Mend users will now be able to adopt and implement cutting-edge capabilities from Jira so that they can better manage their security more easily. For both Mend.io and Jira users, the integration accelerates the early detection and remediation of vulnerabilities that expedite security processes by anticipating and addressing issues before they can compromise your code base.

At Mend, we believe in the potential and the power of diversity and inclusion

We feel it is our core responsibility to promote diversity and inclusion and to integrate these values into everything we do.

As a global company with offices worldwide, we know that diversity and inclusion mean very different things depending on what part of the world you live in. Our team is both global and local. For us, diversity means taking a unique and sensitive approach to each region and culture. While we’re not yet perfect in achieving true diversity, we are constantly striving to mend equity gaps and be more inclusive.

Achieving Our Goals