Case Study: Global Media and Technology Company mitigates open source security risks with Mend

Global Media and Technology Company Chooses Mend to Mitigate Open Source Security Risks

A publicly traded U.S. global media and technology company valued at over $200B with roughly 200,000 employees sought to strengthen application-layer security after high-profile breaches exposed industry risk. With a highly diverse development stack and as much as 80% of its codebase coming from open-source components, the company wanted to shift security left by embedding tools into developer pipelines so teams would take earlier ownership of secure code.

After a competitive review the company chose Mend for its broad language and platform coverage and for Mend Prioritize, which identifies whether reported open-source vulnerabilities are actually invoked in proprietary code—cutting false positives by up to 85%. Mend integrated into CI/CD, proved easier and less expensive per developer than alternatives, and enabled the DevSecOps team to transfer day-to-day security to developers, improving efficiency and overall security posture while better managing open-source risk.