# Mend.io

> Mend.io, formerly WhiteSource, is a Boston- and Tel Aviv-based application security company that helps development and security teams find and fix vulnerabilities in open source dependencies, custom code, and AI-generated code. Its platform spans software composition analysis (SCA), static and dynamic testing (SAST/DAST), API security, automated dependency updates via Renovate, and a growing suite of AI security tools. Serving more than 1,000 customers including a quarter of the Fortune 100, Mend.io emphasizes automated remediation - producing exact code fixes rather than long lists of alerts - to help teams reduce security debt without slowing delivery.

- **Founded:** 2011
- **Headquarters:** Boston, Massachusetts, United States
- **Founders:** Rami Sass (Co-Founder, former CEO, now GM of Mend AI), Azi Cohen (Co-Founder and CEO), Ron Rymon (Co-Founder)
- **Team size:** Approximately 290-500 employees
- **Products:** Mend SCA, Mend SAST, Mend Renovate, Mend AI, Mend AppSec Platform
- **Notable:** Pioneered the software composition analysis (SCA) category before it was named, Introduced industry-first automated remediation for open source and custom code in 2022, Grew to 1,000+ customers including 25%+ of the Fortune 100

## Products & services

- **Mend SCA** — Software composition analysis that detects vulnerabilities and license compliance issues in open source dependencies, with reachability analysis and prioritization.
- **Mend SAST** — Static application security testing that scans proprietary/custom code for security weaknesses with fast, low-noise results.
- **Mend Renovate** — Automated dependency update tool that keeps projects current and reduces security debt across ecosystems.
- **Mend AI** — AI application lifecycle security covering AI-generated code, machine learning models, and embedded AI components, including red teaming and governance.
- **Mend AppSec Platform** — Unified application security platform with automated remediation delivering exact code fixes in developers' native environments.
- **Mend DAST & API Security** — Dynamic application security testing and API security to cover runtime and interface-level risks.
- **Mend Forge** — AI-native innovation engine built to address emerging security challenges from AI-generated code, ML models, and evolving supply chains.

## Achievements

- Pioneered the software composition analysis (SCA) category before it was named
- Introduced industry-first automated remediation for open source and custom code in 2022
- Grew to 1,000+ customers including 25%+ of the Fortune 100
- Owns and maintains Renovate, a widely used dependency automation tool
- Expanded into AI application security with Mend AI, Mend AI Premium, and Mend Forge
- Reported ~20% YoY revenue growth and 25% new-customer logo growth in its most recent reported year

## Latest updates

- **2025-03** — Launched Mend AI Premium, expanding AI application security offerings.
- **2025-07** — Debuted Mend Forge, an AI-native innovation engine for next-generation application security.
- **2026-02** — Realigned executive leadership: co-founder Azi Cohen named CEO; former CEO Rami Sass appointed GM of Mend AI after a year of record growth.

## Links

- Website: https://www.mend.io
- LinkedIn: https://www.linkedin.com/company/mend-io
- Twitter/X: https://twitter.com/mend_io
- GitHub: https://github.com/mend-toolkit
- YouTube: https://www.youtube.com/c/Mend_io
- Facebook: https://www.facebook.com/Mend.io

---

Profile page: https://yespress.io/mend-io
Published by YesPress — https://yespress.io
Last updated: 2026-07-19
