The latest Mend product updates introduce new features to enhance application security, performance, and efficiency. Highlights include smarter SAST scanning strategies with customizable configurations, streamlined SCA risk prioritization through new risk factors, and expanded Reachability support for Python. Additional improvements include the ability to run Unified Agent Scans using the Mend CLI and the introduction of SBOM Import, providing greater visibility and control over software components. These updates aim to optimize security workflows, reduce risks, and support project-specific needs.
SAST Scanning Gets Smarter
Take full control of your scan strategy with new options in Code Scan Configurations:
- Fast: Optimize performance.
- Balanced: Best of both worlds.
- Deep: Uncover more findings.
Plus, save project-specific configurations to tailor scans to each project’s unique needs!
Use the Mend CLI to Run a Unified Agent Scan
This change lays the groundwork for customers wanting to reap the benefits of the CLI while retaining the configurations and language support that the Unified Agent provides.
Sharper Risk Insights with SCA Risk Factors
Streamline SCA prioritization with new Risk Factors: a single risk status for each dependency, combining Reachability, Exploitability, and Maliciousness to reduce alert noise.
Python Reachability Data
With Mend Reachability, developers can easily identify and address reachable vulnerabilities, streamlining the security remediation process. Reachability is available for:
- Java
- JavaScript
- NEW! Python (beta)
SBOM Import
This powerful new capability enables you to take full control of your application security by providing greater visibility and control over software components.
Here’s what you can do with SBOM Imports:
- Create New Projects: Upload SBOM files to effortlessly build new projects in the Mend AppSec Platform.
- Update Existing Projects: Keep your projects up to date by importing SBOM files that reflect the latest dependencies and configurations.







