Skip to main content
Skip table of contents

Go

Note: The legacy Mend SAST Application was deprecated on April 1st, 2025. For assistance with migrating to the Mend AppSec Platform, please contact your customer success manager or the success team at success@mend.io.

Note:

  • Gen 1 is the default detection engine for existing customers.

  • Gen 2 is in closed beta.

  • Configure the desired detection engine generation using a CLI parameter or environment variable as detailed here.

Supported file types, frameworks and CWEs:

Go Gen 1

Introduction

Given the prevalence and risk profile of the Go programming language, it’s essential for organizations to have robust tools that can:

  • Accurately detect vulnerabilities in Go codebases.

  • Provide actionable remediation suggestions to help developers fix issues quickly and efficiently.

  • Scale to large codebases and deliver results rapidly, supporting modern development workflows.

How Mend SAST Helps

  • Coverage: Mend.io’s new generation Go detection engine (Gen 2) offers significantly broader coverage of Common Weakness Enumerations (CWEs) and frameworks, ensuring that your scans are both comprehensive and relevant to real-world Go projects.

  • High Precision: Mend SAST is designed to minimize noise and maximize accuracy, providing high-precision memory analysis and reducing false positives.

  • Scalability: The engine is optimized for speed and scale, enabling scans of very large codebases with results delivered in hours, not days.

  • Developer-Centric Workflow: Remediation suggestions are integrated directly into developer workflows—whether in code repositories, via CLI, or through the Mend AppSec Platform. Developers can review, accept, or provide feedback on suggestions, and even auto-create pull requests for fixes. Essentially, developers spend less time fixing security findings and more time building features. Mend.io’s remediation suggestions are tailored to Go, reducing the learning curve and accelerating secure development.

  • Security Champion Enablement: Security teams and engineering managers can monitor remediation adoption, analyze impact, and generate tickets for unresolved issues, ensuring that security improvements are both measurable and actionable.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close