At GITEX 2024, many of the innovative IT and cybersecurity companies showcased their differentiated capabilities and attracted the attention of the visitors. One of those was Mend.io, which certainly pulled the visitors to their stall at Bulwark booth. The Channel Director for EMEA/APAC of the company, Luis Bretones Hernandez, speaks about his experience and strategy. Excerpts.
“Our solutions empower developers to handle security at the earliest stages of development, reducing vulnerabilities without slowing down productivity.”
Luis Bretones Hernandez, Channel Director EMEA/APAC, Mend.io
What is the Genesis and Growth of Mend.io?
Mend.io was founded in 2010 as Whitesource, with a mission to secure the software development lifecycle by enabling teams to identify and remediate vulnerabilities and license issues in open-source and custom code swiftly. Since its inception, Mend has expanded rapidly, providing solutions that address both security and compliance.
Over the past few years, we’ve expanded our portfolio with new tools, including Container Security, SAST, and AI-driven solutions and integrated everything into one single offering helping customers achieve a paradigm shift in their security posture.
Today, Mend.io is helping companies build proactive and mature AppSec Program. We believe the way for organizations to be able to manage their risks proactively they need a holistic approach.
The Mend AppSec Platform is removing the barriers our customers are facing when trying to cover their full range of risk across all of their components and software supply chain by giving customers the tools they need in one platform, at one price, and certainly without any hidden surprises.
We’ve seen significant growth, particularly as software security has become a top priority across industries, and Mend’s approach of integrating security directly into the development process has been a key differentiator.
“Our presence at GITEX not only enhanced Mend’s visibility but also facilitated valuable exchanges with industry leaders, sparking interest and laying a strong foundation for future partnerships”
Which are the sectors that Mend.io is focusing and name a few of the major customers?
Mend primarily works with organizations in sectors that handle sensitive data or are subject to stringent regulatory standards, such as finance, healthcare, and technology. Our customers include enterprises with complex development pipelines that need robust security and compliance solutions to manage sophisticated threats.
What are the competitive advantages of Mend’s?
Mend’s competitive edge lies in our deep focus on automation and real-time remediation capabilities. Our solutions empower developers to handle security at the earliest stages of development, reducing vulnerabilities without slowing down productivity. We also provide exceptional visibility and control, allowing security teams to prioritize and manage risks effectively.
The application security landscape is shifting as organizations move away from a fragmented ecosystem of point solutions towards a unified platform such as the Mend AppSec Platform. Leveraging these platform-specific strengths brings numerous advantages: streamlined workflows, a cross-product workflow engine, a consolidated data model that enhances security posture, and developers that can focus fully on innovation.
What is your strategy to address the vulnerable market with Bulwark?
We recognize that cyber threats are rapidly evolving, especially in vulnerable sectors. Through our partnership with Bulwark, we bring advanced security solutions closer to enterprises in the region. Bulwark’s strong regional presence combined with Mend’s cutting-edge technology ensures that organizations have access to the tools and support needed to proactively defend against security threats.
What are your key learnings from customer challenges?
From our customers, we’ve learned that many security challenges arise from rapid code changes and the need to scale while remaining secure. Their biggest struggles often lie in balancing speed with security. Our continuous feedback loop and real-time insights have been crucial in helping them meet these challenges.
Also, Mend is designed to support customers at any stage of their application security journey, whether they’re just beginning to establish a security framework or have a mature, well-integrated program in place. For organizations new to AppSec, Mend provides intuitive, easy-to-implement solutions that quickly establish security best practices without overwhelming teams. For those with more advanced programs, Mend’s robust tools—including Container Security, SAST, and AI-driven insights—offer granular control, real-time monitoring, and automation to streamline processes and further strengthen their security posture. Regardless of maturity level, Mend adapts to meet customers where they are, empowering them to scale their AppSec efforts effectively.
How are you focusing on skillset development and training in the region?
We understand the skills gap in the security field and actively address it by offering training resources, including workshops and knowledge-sharing sessions, for security and development teams. Additionally, our user-friendly platform is designed to be accessible, even for teams with less specialized security training, making it easier to adopt and use.
What is your Market Strategy?
Our market strategy is to empower organizations to secure their software development lifecycle by integrating security directly into their workflows. We emphasize partnerships, like with Bulwark, to expand our reach and tailor our approach to specific regional needs.
Mend.io integrates with a robust ecosystem of technology vendors, leveraging the power of these partnerships to deliver comprehensive security solutions. One key partnership is with Invicti, which provides dynamic application security testing (DAST) to complement Mend’s static application security testing (SAST). This integration enables a holistic view of both SAST and DAST findings, empowering developers and security teams to manage application risk proactively—directly within the Invicti platform.
Together, Mend.io and Invicti provide end-to-end security coverage from code to runtime, helping organizations build proactive and mature AppSec programs with seamless, real-time risk visibility.
What is your focus on after-sale Support in the region
Our support strategy focuses on providing dedicated customer success teams, ongoing training, and a robust knowledge base. We aim to offer a proactive support system that helps customers adopt best practices and fully leverage Mend’s capabilities.
What is your Roadmap in the Region?
Our roadmap for the region includes expanding our support teams and increasing the availability of training and resources. We also aim to strengthen partnerships that provide localized expertise, ensuring we can respond to region-specific threats and requirements.
How are you leveraging GITEX opportunities?
At GITEX, together with Bulwark we seized the opportunity to showcase Mend’s innovative security solutions to a diverse and influential audience, from leading tech professionals to business decision-makers across various industries. This platform allowed us to connect with potential clients and partners, offering them an in-depth look at how Mend’s solutions are tailored to meet the unique security challenges faced by regional businesses. Through live demonstrations and discussions, we illustrated how our platform’s capabilities—from automated vulnerability management to real-time remediation—are built to empower teams in safeguarding their applications effectively.
Our presence at GITEX not only enhanced Mend’s visibility but also facilitated valuable exchanges with industry leaders, sparking interest and laying a strong foundation for future partnerships. These interactions deepened our understanding of the specific needs of regional markets, enabling us to better tailor our offerings and drive meaningful impact within this dynamic region.
