Black Duck vs GitLab comparison

Cancel
You must select at least 2 products to compare!
Synopsys Logo
14,718 views|10,174 comparisons
82% willing to recommend
GitLab Logo
2,964 views|2,395 comparisons
98% willing to recommend
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Black Duck and GitLab based on real PeerSpot user reviews.

Find out in this report how the two Software Composition Analysis (SCA) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Black Duck vs. GitLab Report (Updated: May 2024).
771,212 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The solution is stable.""The product enables other applications to be secure.""The cloud option of the product is always available and a positive aspect of the solution.""Black Duck is pretty extensive in terms of the scan reserves and the vulnerability exposures. From that perspective, I'm happy with it.""We accidentally use third-party library APIs, which may not be secure. Our technical team may not have the end time or expertise to figure it out. Black Duck helps us with that and saves us time.""The most valuable feature is the vulnerability scanning, and that it's easy to use.""We didn't have a central inventory to quickly identify issues or determine how many products were affected. Now under Black Duck, it's all consolidated. You search for a component and immediately see which products use it.""The UI is the solution's most valuable feature since it allows for easy pipeline integration."

More Black Duck Pros →

"We use the Git repository and tagging feature. We are a product-based company and use this solution to move to a forward or backward tag.""Everything is easy to configure and easy to work with.""It is scalable.""Git hosting has an integration with ACD which is why we liked this solution in the first place.""Key features allow creation of well-presented Wiki that includes ideas, development, and domains.""The code merging capability is something that we use very frequently.""The most important features of GitLab for us are issue management and all the CI/CD tools. Another aspect that I love about GitLab is the UI.""CI/CD and GitLab scanning are the most valuable features."

More GitLab Pros →

Cons
"The tool needs to improve its pricing. Its configuration is complex and can be improved.""The documentation is quite scattered.""The tool's documentation and support are areas of concern where improvements are required.""They are giving a lot of APIs and Python scripts for certain functionalities, but instead of using APIs and Python scripts, they should provide these functionalities through the UI. Users should be able to customize and add more fields through the UI. Users should be able to add more fields and generate reports. Currently, they are not giving flexibility in the UI. They're providing a script that simply generates an Excel file or CSV file. There is no flexibility.""It needs to be more user-friendly for developers and in general, to ensure compliance.""We have been having some issues with the latest releases where we are not able to scan our applications with the help of Black Duck.""I would like to see more integration with other solutions, such as IntelliJ IDEA.""The solution's pricing model and documentation areas of concern where improvement is needed."

More Black Duck Cons →

"I don't really like the new Kubernetes integration because it is pretty focused on the on-premise environment, but we're in a hybrid environment.""We are having a few problems integrating with Jira at the moment, which is something that our IT department is investigating.""The integration and storage capabilities could be better.""We'd like to see better integration with the Atlassian ecosystem.""I would like configuration of a YML file to be done via UI rather than a code file.""We have only seen a couple of issues on Gitlab, which we use for building some of the applications.""I would like to have some features to support peer review.""As GitLab is not perfect, what needs improvement in the solution is the Wiki feature of the groups or the repertories because currently, it's not searchable by default. You'll need an indexing service such as Elasticsearch to make it searchable, and that requires too much work, so for me, it's the main feature that should be improved in GitLab. In the next version of the solution, from the top of my head, the documentation could be improved. Besides the Wiki, it would be good if there's documentation that would be automatically generated based on the code repository. In other words, there should be some tutorials from GitLab for developers in the next release."

More GitLab Cons →

Pricing and Cost Advice
  • "Depending on the use case, the cost could range from $10,000 USD to $70,000 USD."
  • "The price is quite high because the behavior of the software during the scan is similar to competing products."
  • "The price is low. It's not an expensive solution."
  • "Black Duck is more suitable if you require a lot of licensing compliance. For smaller organizations, WhiteSource is better because its pricing policies are not really suitable for huge organizations."
  • "It is expensive."
  • "I rate the product's price one on a scale of one to ten, where one is a high price, and ten is a low price."
  • "The pricing is a little high."
  • "The price charged by Black Duck is exorbitant."
  • More Black Duck Pricing and Cost Advice →

  • "I think that we pay approximately $100 USD per month."
  • "The price is okay."
  • "It seems reasonable. Our IT team manages the licenses."
  • "Its price is fine. It is on the cheaper side and not expensive. You have to pay additionally for GitLab CI/CD minutes. Initially, we used the free version. When we ran out of GitLab minutes, we migrated to the paid version."
  • "It is very expensive. We can't bear it now, and we have to find another solution. We have a yearly subscription in which we can increase the number of licenses, but we have to pay at the end of the year."
  • "I don't mind the price because I use the free version."
  • "We are using its free version, and we are evaluating its Premium version. Its Ultimate version is very expensive."
  • "The price of GitLab could be better, it is expensive."
  • More GitLab Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Software Composition Analysis (SCA) solutions are best for your needs.
    771,212 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:We researched Black Duck but ultimately chose WhiteSource when looking for an application security tool. WhiteSource is a software solution that enables agile open source security and license… more »
    Top Answer:The cloud option of the product is always available and a positive aspect of the solution.
    Top Answer:The price charged by Black Duck is exorbitant. For the features provided by the product, I would not want to pay a high price. There are many other products in the market that offer better features… more »
    Top Answer:I find the features and version control history to be most valuable for our development workflow. These aspects provide us with a clear view of changes and help us manage requests efficiently.
    Top Answer:For small-scale usage, GitLab offers a free tier. For enterprise pricing, GitLab is more expensive than GitHub, as it's not as widely adopted. GitLab is the preferred choice for many developers… more »
    Top Answer:I believe there's room for improvement in the advanced features, particularly in enhancing the pipeline functionalities. Better integration and usability within the pipeline could make a significant… more »
    Ranking
    Views
    14,718
    Comparisons
    10,174
    Reviews
    8
    Average Words per Review
    455
    Rating
    7.6
    Views
    2,964
    Comparisons
    2,395
    Reviews
    50
    Average Words per Review
    406
    Rating
    8.6
    Comparisons
    Snyk logo
    Compared 23% of the time.
    JFrog Xray logo
    Compared 12% of the time.
    Mend.io logo
    Compared 10% of the time.
    Semgrep Supply Chain logo
    Compared 1% of the time.
    Microsoft Azure DevOps logo
    Compared 50% of the time.
    Bamboo logo
    Compared 5% of the time.
    SonarQube logo
    Compared 5% of the time.
    AWS CodePipeline logo
    Compared 5% of the time.
    UrbanCode Deploy logo
    Compared 1% of the time.
    Also Known As
    Blackduck Hub, Black Duck Protex, Black Duck Security Checker
    Fuzzit
    Learn More
    Overview

    Black Duck is a comprehensive solution for managing security, license compliance, and code quality risks that come from the use of open source in applications and containers. Named a leader in software composition analysis (SCA) by Forrester, Black Duck gives you unmatched visibility into third-party code, enabling you to control it across your software supply chain and throughout the application life cycle.

    GitLab is a complete DevOps platform that enables teams to collaborate and deliver software faster. 

    It provides a single application for the entire DevOps lifecycle, from planning and development to testing, deployment, and monitoring. 

    With GitLab, teams can streamline their workflows, automate processes, and improve productivity.

    Sample Customers
    Samsung, Siemens, ScienceLogic, Noser Engineering AG, ClickFox, Dynatrace, CopperLeaf
    1. NASA  2. IBM  3. Sony  4. Alibaba  5. CERN  6. Siemens  7. Volkswagen  8. ING  9. Ticketmaster  10. SpaceX  11. Adobe  12. Intuit  13. Autodesk  14. Rakuten  15. Unity Technologies  16. Pandora  17. Electronic Arts  18. Nordstrom  19. Verizon  20. Comcast  21. Philips  22. Deutsche Telekom  23. Orange  24. Fujitsu  25. Ericsson  26. Nokia  27. General Electric  28. Cisco  29. Accenture  30. Deloitte  31. PwC  32. KPMG
    Top Industries
    REVIEWERS
    Manufacturing Company67%
    Computer Software Company17%
    Financial Services Firm17%
    VISITORS READING REVIEWS
    Financial Services Firm21%
    Manufacturing Company15%
    Computer Software Company15%
    Healthcare Company4%
    REVIEWERS
    Financial Services Firm16%
    Computer Software Company16%
    Manufacturing Company13%
    Retailer10%
    VISITORS READING REVIEWS
    Educational Organization25%
    Computer Software Company12%
    Financial Services Firm11%
    Manufacturing Company8%
    Company Size
    REVIEWERS
    Small Business32%
    Large Enterprise68%
    VISITORS READING REVIEWS
    Small Business15%
    Midsize Enterprise10%
    Large Enterprise75%
    REVIEWERS
    Small Business44%
    Midsize Enterprise9%
    Large Enterprise47%
    VISITORS READING REVIEWS
    Small Business15%
    Midsize Enterprise34%
    Large Enterprise51%
    Buyer's Guide
    Black Duck vs. GitLab
    May 2024
    Find out what your peers are saying about Black Duck vs. GitLab and other solutions. Updated: May 2024.
    771,212 professionals have used our research since 2012.

    Black Duck is ranked 1st in Software Composition Analysis (SCA) with 19 reviews while GitLab is ranked 6th in Software Composition Analysis (SCA) with 70 reviews. Black Duck is rated 7.8, while GitLab is rated 8.6. The top reviewer of Black Duck writes "Enables applications to be secure, but it must provide more open APIs". On the other hand, the top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". Black Duck is most compared with Snyk, Fortify Static Code Analyzer, JFrog Xray, Mend.io and Semgrep Supply Chain, whereas GitLab is most compared with Microsoft Azure DevOps, Bamboo, SonarQube, AWS CodePipeline and UrbanCode Deploy. See our Black Duck vs. GitLab report.

    See our list of best Software Composition Analysis (SCA) vendors.

    We monitor all Software Composition Analysis (SCA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.