We performed a comparison between Black Duck and GitLab based on real PeerSpot user reviews.
Find out in this report how the two Software Composition Analysis (SCA) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The stability is okay."
"The most valuable feature is the vulnerability scanning, and that it's easy to use."
"The most valuable feature for me in Black Duck is its ability to scan binary files effectively."
"The solution works well on Mac products."
"We didn't have a central inventory to quickly identify issues or determine how many products were affected. Now under Black Duck, it's all consolidated. You search for a component and immediately see which products use it."
"The solution is stable."
"The solution is very good at scanning and evaluating open source software."
"The knowledge base and the management system are the most valuable features of Black Duck Hub. It has a very helpful management environment. They offer an editor where we can check the discovered license, which is retrieved from their knowledge base. They have a huge knowledge base build over the years. It gives you some possibilities, such as this license with possibility A could cause a vulnerability issue or a potential breach."
"This is a scalable solution. We had around 200 users working with it."
"We have seen a couple of merge requests or pull requests raised in GitLab. I see the interface, the way it shows the difference between the two source codes, that it is easy for anyone to do the review and then accept the request; the pull request is the valuable feature."
"It is very useful for reviews. We are using branch merging operations and full reset operations. It is also very useful for merging our code and tracking another branch. The graph diagrams of Git are very useful. Its interface is straightforward and not too complex for us."
"I have found the most valuable features of GitLab are the GitClone, GitPush, GitPull, GitMatch, GitMit, GitCommit, and GitStatus."
"I like that it's easy to deploy our services over GitLab. The customer support is also good with a really active community. You have a lot of support that you can get online with your stack. That is probably one of the benefits of using GitLab. It's also really fast."
"We like that we can have an all-encompassing product and don't have to implement different solutions."
"Everything is easy to configure and easy to work with."
"The solution is stable."
"The documentation is quite scattered."
"We have been having some issues with the latest releases where we are not able to scan our applications with the help of Black Duck."
"The solution must provide more open APIs."
"The tool needs to improve its pricing. Its configuration is complex and can be improved."
"I would like to see improvements in Black Duck's reporting capabilities."
"It's still a bit inconsistent. For example, if I scan today, it might not show the same results tomorrow."
"Due to the fact that, with our software developer life cycle, we don't need to scan our source code every day or every week. For that reason, we find the cost is too high. We might only actually use it five to ten times a year, which makes it expensive."
"It needs to be more user-friendly for developers and in general, to ensure compliance."
"We'd like to see better integration with the Atlassian ecosystem."
"Perhaps the integration could be better."
"There is room for improvement in GitLab Agents."
"The initial setup was quite challenging because it takes some time to understand how to pull out or push the code."
"There was a problem with the build environment when we were looking at developing iOS applications. iOS build require Mac machines and there are no Mac machines provided by GitLab in their cloud. So to build for mobile iOS application, we needed to use our own Mac machine within our own infrastructure. If GitLab were to provide a feature such that an iOS application could also be built through GitLab directly, that would be great."
"It should be used by a larger number of people. They should raise awareness."
"The integration could be slightly better."
"GitLab's Windows version is yet not available and having this would be an improvement."
Black Duck is ranked 1st in Software Composition Analysis (SCA) with 19 reviews while GitLab is ranked 6th in Software Composition Analysis (SCA) with 70 reviews. Black Duck is rated 7.8, while GitLab is rated 8.6. The top reviewer of Black Duck writes "Enables applications to be secure, but it must provide more open APIs". On the other hand, the top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". Black Duck is most compared with Snyk, Fortify Static Code Analyzer, JFrog Xray, Mend.io and Semgrep Supply Chain, whereas GitLab is most compared with Microsoft Azure DevOps, Bamboo, SonarQube, AWS CodePipeline and UrbanCode Deploy. See our Black Duck vs. GitLab report.
See our list of best Software Composition Analysis (SCA) vendors.
We monitor all Software Composition Analysis (SCA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.