Case Study: Microsoft achieves accurate, scalable open source security and faster remediation with Mend

Microsoft uses Mend for open source security

Microsoft, a global software and cloud services leader with about 85,000 developers, relies heavily on open source—using over 80,000 distinct packages across its codebase more than 11 million times. Microsoft’s 1ES team needed a security tool that could accurately detect vulnerabilities, avoid false positives so developers would trust it, be easy to use within existing workflows, and provide actionable remediation guidance.

Microsoft selected Mend for its high accuracy and low false positive rate, seamless integration into developers’ workflows with automatic scanning and notifications, and detailed upgrade recommendations. Mend has become integral to identifying risky open source usage early, enabling developers to fix problems correctly the first time and allowing Microsoft to scale coverage across ecosystems—results Microsoft leaders call a successful, scalable decision.

Microsoft Corporation

Bryan Sullivan

Director of PM