Edit

Share via

Connect Mend.io to Defender for Cloud (Preview)

Microsoft Defender for Cloud integrates with Mend.io to enhance software application security by identifying and mitigating vulnerabilities in partner dependencies. The integration streamlines discovery and remediation processes, improving overall security.

This article explains the benefits and procedures to connect Mend.io to Defender for Cloud. Following the steps, security teams gain enhanced visibility and control over potential threats, from code development to runtime.

Prerequisites

  • You need a Microsoft Azure subscription. If you don't have an Azure subscription, you can sign up for a free subscription.

  • You must enable Microsoft Defender for Cloud on your Azure subscription.

  • You must enable Defender Cloud Security Posture Management (CSPM) on your Azure subscription.

  • Connect your DevOps environments to Defender for Cloud:

  • Have an account with Mend.io.

  • Obtain an Activation key from Mend.io.

  • You must have the appropriate role to:

    Task Role
    Create DevOps connectors Security Admin or Contributor assigned at the subscription level through Azure role-based-access control.
    Create the Mend.io connector Security Administrator or Global Administrator assigned at the tenant level through Microsoft Entra. Permissions can be granted through Privileged Identity Management.
    View reachability analysis findings Security Admin or Security Reader assigned at the subscription level through Azure role-based-access control on the subscription that hosts the DevOps connector.

  • Connect only one Mend.io connector per tenant.

  • Connect the corresponding repository to Defender for Cloud. Findings won't appear if you don't connect the corresponding repository to Defender for Cloud.

Connect Mend.io

To connect your Mend.io account to Defender for Cloud:

  1. Sign in to the Azure portal.

  2. Navigate to Microsoft Defender for Cloud > Environment settings.

  3. Select Integrations.

    Screenshot of environment settings page that shows where to select the ServiceNow option.

  4. Select Add integration > Mend.io.

    Screenshot that shows where the Add Integration button is and the ServiceNow option.

    Note

    The option to add the Mend.io integration isn't available if you don't have the appropriate permissions, or if you already have an existing connector to Mend.io.

  5. Enter a Mend.io activation key.

    Screenshot that shows where to add the activation key.

  6. Select Create.

After the integration is successfully created, a notice appears. Defender for Cloud scans repositories connected to Mend.io and populates results after six hours.

Related content

Learn more about partner integrations.