Skip to main content
Skip table of contents

SCA Reachability vs. Prioritize

Prioritize (Legacy)

  • Supported languages: Java, JavaScript, Python

  • Unified Agent only (no support in the Mend CLI nor in the repo integrations)

  • Only available in Core SCA

  • Provides 4 different shield types: Red, Yellow, Green, Gray

  • Does not support Java reflection

  • Does not support Java 21

  • Supports a deeper “method-level” analysis as well as a “class-level” analysis

  • More information on Prioritize is available here.

SCA Reachability (New)

  • Supported languages include the ones supported in Prioritize and more. See the full list here.

  • Available in the classic GitHub.com and GitHub Enterprise repository integrations and in the Developer Platform.

  • Available in the Mend CLI with minimal configuration - majority of configuration is done automatically

  • Actionable results - reachable or unreachable, no “in-between”

  • No more confusing shields - only reachable or unreachable

    • Note: Shields will still be displayed in the Core Application UI; they will not be displayed in the CLI, GitHub repo or the new Mend Platform UI.

  • No more “unknown”: If there’s no data about what class is vulnerable, every class is considered vulnerable . If any class is reachable - it’s reachable. If no class is reachable - it’s unreachable.

  • Java reflection support

  • Only “class-level” analysis, does not support “method-level” analysis.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close