Risk Factors
Risk Factors in the Mend AppSec Platform help you prioritize security findings across your software supply chain and custom code by highlighting the conditions that make a finding more severe or exploitable.
Risk Factors provide quick, actionable context that enables development and security teams to:
Focus first on findings that are more likely to be exploitable or malicious
Reduce noise by filtering out lower-risk items
Accelerate remediation workflows by surfacing what matters most
Risk Factors are currently available for both:
SCA — surfaces issues such as reachable, exploitable, or malicious open-source dependencies
SAST — highlights findings that involve risky code patterns, unvalidated input, and known exploit paths
Container — helps you prioritize findings by providing an indication of the Reachability status of the package or finding, while allowing you to filter the results based on the existence of the package or finding in a runtime environment.