Prioritize Results based on Context

Note:

• This feature uses AI. To enable it, your organization must first sign an addendum to your Mend.io contract. Please contact your CSM to initiate this process.

• This feature is in closed beta.

Overview

This feature delivers AI-driven project classification that analyzes code context (imports, functions, classes) to identify sensitive domains (PII, payments, healthcare, etc.) and apply labels for filtering and workflows.

With this feature, Security Managers can accurately prioritize security issues by factoring in various project traits, not just vulnerability severity, streamlining prioritization at scale.

Getting it done

1. Navigate to your profile --> Administration.

2. Toggle AI-Based Project Classification on.

Note: Once enabled, the feature will apply for both CLI and Repository Integration scans.

When enabled, snippets of your source code and project details will be shared with Mend.io’s AI model to help extract contextual information and risk factors. This will result in relevant projects having classification labels assigned to them automatically (e.g., Mend:AUTHENTICATION, Mend:PAYMENT, Mend:PII, etc.) These labels can be used to cover two main use-cases:

• Filtering/sorting projects in the Mend AppSec Platform’s Applications/Projects view.
  Example:

  

• Creating Automation Workflows that are triggered based on the labels.
  Example:

  

List of Labels

• Mend:<PROJECT-CLASSIFICATION>

  • AUTHENTICATION

  • PAYMENT

  • PII

  • etc.

• Mend:ADMIN

• Mend:TEST_PROJECT

• Mend:INTENTIONALLY_VULNERABLE

• Mend:LOCAL_APP