Summary
This document is a PeerStory that presents user feedback on Mend, formerly known as WhiteSource. It outlines the experiences of a system manager at Common Spirit regarding the use of Mend for managing open-source software (OSS) vulnerabilities. The user describes how Mend's Smart Fix feature assists developers in identifying and remediating vulnerable transitive dependencies, which has significantly improved their development processes. The document details the reduction in mean time to resolution and emphasizes the importance of integrating these practices into the software development lifecycle (SDLC). It also highlights the return on investment (ROI) achieved through the elimination of manual tracking processes and the acceleration of delivery times. The user notes that Mend provides valuable visibility into OSS governance, enabling accurate discovery of OSS components and tracking of security vulnerabilities over time. Overall, the PeerStory illustrates a positive shift in the organization’s approach to managing software vulnerabilities.
