Skip to main content
Skip table of contents

Risk Factors

Risk Factors in the Mend AppSec Platform help you prioritize security findings across your software supply chain and custom code by highlighting the conditions that make a finding more severe or exploitable.

Risk Factors provide quick, actionable context that enables development and security teams to:

  • Focus first on findings that are more likely to be exploitable or malicious

  • Reduce noise by filtering out lower-risk items

  • Accelerate remediation workflows by surfacing what matters most

Risk Factors are currently available for both:

  • SCA — surfaces issues such as reachable, exploitable, or malicious open-source dependencies

  • SAST — highlights findings that involve risky code patterns, unvalidated input, and known exploit paths

  • Container — helps you prioritize findings by providing an indication of the Reachability status of the package or finding, while allowing you to filter the results based on the existence of the package or finding in a runtime environment.

Learn more:

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.