Mend for GitHub.com
Overview
Mend for GitHub.com is a part of the Mend Repository Integrations. Mend for GitHub.com is a GitHub app that continuously scans your repositories and can alert you on security vulnerabilities and code weaknesses, IaC and license violations, and outdated libraries.
Mend for GitHub.com provides the following benefits to you and your development team:
Shift left: Scanning your repositories with Mend for GitHub.com helps you shift farther left in your software development life cycle (SDLC).
Feedback on demand: Developers receive feedback on their code right away, making it easier to remediate vulnerabilities and learn secure coding best practices.
No context switching: Developers stay in GitHub.com with its familiar UI, making it easier to consume and act on scan results.
Differential results: Developers are notified only when a pull request introduces new findings, reducing alert fatigue and making fixes available as soon as vulnerabilities are introduced.
Automated remediation: Security vulnerabilities can be automatically remediated based on recommended fixes.