For months, customers of Mend.io have been saying the same thing: “You’ve made security simple.”
Now Forrester has validated what those customers already understood.
In the Q3 2025 edition of The Forrester Wave™: Static Application Security Testing Solutions, Mend.io was positioned as a Strong Performer. In its first appearance in this evaluation, the solution achieved top scores in both Innovation and Triage. Yet the most important recognition is the distinction of being highlighted as a customer favorite.
Trust is not given—it must be earned
According to Forrester, Mend.io stands out as “an ideal choice for enterprises seeking a straightforward platform experience combined with robust customer support.”
That single word—simplicity—may sound modest in a technology landscape obsessed with complexity. However, reaching genuine simplicity in application security is arguably one of the hardest engineering challenges. It demands insight not only into the technology itself but also into the people who rely on it every day.
Customers have consistently praised Mend.io for reliable guidance during the selection phase, frictionless onboarding, and long-term support. They told Forrester the same message they have been emphasizing all along: that Mend.io helps enterprises realize value from day one. Such recognition is the outcome of thousands of customer interactions, ongoing refinements, and a core belief that security should empower developers instead of creating barriers.
The engine designed for tomorrow’s code
The top score in Innovation represents more than just rapid feature development. It demonstrates a commitment to solving critical problems that other providers leave unaddressed.
This is why Forrester’s report also emphasized that the renovated SAST engine from Mend.io marks a major advancement in detection accuracy. Supporting Java, Python, C#, and JavaScript, the engine provides teams with the precision they require while cutting down the false positives that hinder productivity. More than just an incremental improvement, this upgrade reflects a deliberate strategy to prepare SAST for the AI era.
As development organizations scale up AI-assisted coding, traditional static analysis must evolve. Mend.io is leading this transition by bringing together:
- High-precision engines that reduce noise and expose only the vulnerabilities that truly matter.
- AI-driven remediation within IDEs, pull requests, the platform, and JIRA, ensuring that fixes happen at the same pace as AI-generated code.
- AI component security and red teaming to uncover hidden risks in AI-produced or AI-influenced codebases.
Through this approach, Mend SAST not only expands detection capabilities but also enables developers to remain in full control while AI accelerates software creation.
Future-ready SAST
Being named a Strong Performer is both validation and momentum. Mend.io continues to push the boundaries of AI-native application security, where precision, speed, and customer collaboration intersect. This milestone is just the beginning. The solution is continuously reimagined for the AI era, with ongoing investment to ensure it keeps pace with the rapid evolution of software and the threats surrounding it.
