Get real-time security alerts on your open source dependencies within your Visual Studio environment.
Get the insights you need, when you need them. The extension provides full visibility of your open source components, alerts on security vulnerabilities, and offers actionable remediation insights in real-time. Mend Advise integrates seamlessly into your coding environment in a frictionless integration, without interrupting or delaying your workflow.
You will need a Mend account to activate the extension. If you do not have one, you can request a demo.
Note: This plugin works with Visual Studio 2022. For Visual Studio 2019, please use this version.
Detect vulnerabilities while coding: early detection of security issues saves precious time and resources. You can now run security tests before committing your code, and speed-up your development process.
Get detailed alerts: Each alert provides you with all of the information you need, , within your Visual Studio UI, like the component name, CVE ID, severity score, and more..
Speed-up remediation: Alerts contain proactive remediation guidance to help developers fix the issues, like suggested fix, and mapping of the vulnerable dependency.
Non-intrusive integration: You can control when to scan and receive alerts. Alerts are displayed at the bottom of the screen with all additional information. The alerts don't trigger automated workflows, so that you can have full control over the process.
Getting started with Mend Advise
After installing the extension, please check out our documentation for more details.