Schedule a Demo

Our pricing

Tired of managing multiple AppSec tools?
Simplify your application security.

One platform. One price. It’s that simple.

Mend AppSec Platform

Proactive AppSec at a single rate

$1,000

per developer • per year

Get a demo

Mend AppSec Platform includes:

Mend Renovate

  • Automated dependency updates with job scheduler
  • Merge confidence ratings & workflows
  • Job history log
  • Full-scale automation
  • Technical debt reduction

Mend SCA

  • Open source vulnerability & license management with custom policies
  • Advanced reachability analysis
  • Risk-based prioritization
  • Detection, blocking, and alerting of malicious open source packages
  • Dashboards, alerts, reporting and SBOM management
  • IDE, repo, pipeline and issue tracker integrations
  • Pre-built and custom policies

Mend Container

  • Container-specific open source vulnerabilities and remediations
  • Container reachability analysis
  • Kubernetes cluster scanning
  • Advanced prioritization based on CVE reachability analysis
  • Secrets detection

Mend SAST

  • Custom code source vulnerability management
  • Data flow consolidation
  • Dashboards, alerts and reports
  • Source code repo, pipeline and issue tracker integrations
  • Pre-built and custom policies
  • AI powered automated remediation

Mend AI

  • Comprehensive pre-trained model indexing
  • AI model dependency protection
  • License compliance support
  • AI-BOM

Mend.io is trusted by

See all customer stories

FAQ

What is a contributing developer?

“Contributing Developer” means any employee or contractor who during the term of the agreement accesses or uses the Mend application or any engineer, developer or other person that writes, develops or modifies the Customer’s, or Customer’s affiliate’s, code being scanned or monitored by the Mend application. For the avoidance of doubt, the same individual will not be counted more than once even if acting in two separate roles such as a developer and platform user.

Why are you pricing per contributing developer?

Mend.io enables developers and security professionals to write secure code and utilize secure components, across every area of the SDLC. Therefore, pricing based on the number of Contributing Developers best reflects the impact of our solution, without limiting you on factors such as size of code or number of scans.

Does the above pricing include all vulnerability sources?

Yes. The Mend.io offering includes the full extent of our database, which supports over 200 programming languages. We aggregate vulnerabilities from the NVD, dozens of security advisories, and popular open source projects issue trackers to make sure you’re always covered.

Are there additional fees per GB?

No. We take pride in offering transparent, simple, and predictable pricing. We price per Contributing Developer since we know managers have better visibility into the growth of their headcount rather than the size of their software or lines of code.

What is included?

We are including all functionality currently in Mend SCA, Mend SAST, Mend Container, Mend AI, and Mend Renovate in this package.

Are there any add ons?

A few items, such as hosting, services, or custom agreements, may continue to be an additional charge.

© 2024 Mend.io (White Source Ltd.) All rights reserved.