Mend Advise Integrations - Knowledge Article
Mend Advise brings powerful, real-time open source vulnerability detection directly into developers’ IDEs, empowering teams to identify and resolve security issues earlier in the software development lifecycle (SDLC). This section of the knowledge base provides detailed documentation for integrating and using Mend Advise within a variety of development environments and tools.
Mend Advise does the following:
It facilitates workflows by making critical component vulnerability information available to the software developer from within the IDE, preventing the need to use a separate application for such purpose.
It implements automatic vulnerability checking in the background that allows for immediate feedback to the user as she types. For example, a new component reference that is being typed into a project's pom.xml or build.gradle file will be automatically analyzed for security vulnerabilities.
It offers a transparent UX for developers, by seamlessly integrating with the IDE environment: it highlights project open source components found to have reported security vulnerabilities (CVEs), displays information on such vulnerabilities, and offers recommendations for fixing them.