We performed a comparison between Contrast Security Assess and GitLab based on real PeerSpot user reviews.Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"By far, the thing that was able to provide value was the immediate response while testing ahead of release, in real-time."
"Assess has an excellent API interface to pull APIs."
"The solution is very accurate in identifying vulnerabilities. In cases where we are performing application assessment using Contrast Assess, and also using legacy application security testing tools, Contrast successfully identifies the same vulnerabilities that the other tools have identified but it also identifies significantly more. In addition, it has visibility into application components that other testing methodologies are unaware of."
"We use the Git repository and tagging feature. We are a product-based company and use this solution to move to a forward or backward tag."
"GitLab is kind of an image of GitHub, so it gives us the flexibility to monitor our changes in the repos."
"The most valuable feature of GitLab is its security."
"It scales well."
"GitLab's best features are maintenance, branch integration, and development infrastructure."
"Key features allow creation of well-presented Wiki that includes ideas, development, and domains."
"I have had no problem with the stability of the solution."
"The best thing is that as the developers work on separate tasks, all of the code goes there and the other team members don't have to wait on each other to finish."
"The out-of-the-box reporting could be improved. We need to write our own APIs to make the reporting more robust."
"To instrument an agent, it has to be running on a type of application technology that the agent recognizes and understands. It's excellent when it works. If we're using an application that is using an unsupported technology, then we can't instrument it at all. We do use PHP and Contrast presently doesn't support that, although it's on their roadmap. My primary hurdle is that it doesn't support all of the technologies that we use."
"I think there was activity underway to support the centralized configuration control. There are ways to do it, but I think they were productizing more of that."
"Expand features to match other tools such as a static code analysis tool so third-party integrations are not required."
"The solution should be more cloud-native and have more cloud-native capabilities and features."
"Atlassian offers more products than GitLab. GitLab offers source control management, version control and collaboration between developers. Atlassian offers features on top of this as well as more integration points for developers."
"The integration and storage capabilities could be better."
"The initial setup was quite challenging because it takes some time to understand how to pull out or push the code."
"It is a little complex to set up the pipelines within the solution."
"I used Spring Cloud config and to connect that to GitLab was so hard."
"The solution could be faster."
Contrast Security is the world’s leading provider of security technology that enables software applications to protect themselves against cyberattacks, heralding the new era of self-protecting software. Contrast's patented deep security instrumentation is the breakthrough technology that enables highly accurate assessment and always-on protection of an entire application portfolio, without disruptive scanning or expensive security experts. Only Contrast has sensors that work actively inside applications to uncover vulnerabilities, prevent data breaches, and secure the entire enterprise from development, to operations, to production.
GitLab is an open-source code repository and application code development platform that aims to simplify the process of software development through to the eventual product release and upgrade. It contains all of the tools that developers need to take control of every stage of the software development process. GitLab makes it easy for teams to create checklists that they can follow when they begin to write the code and do other tasks that are critical to the success of their project. GitLab also enables organizations to automate the shipping of software code to those servers that they need to get to without requiring human intervention.
Some of the ways that organizations can benefit by deploying GitLab include:
Built-in CI/CD capabilities. Users are able to build, test, and deploy their software without turning to outside integrations. The CI/CD automation is built-in so that all of these functions can be easily automated as necessary.
Reviews from Real Users
GitLab is a solution that stands out when compared to many of its competitors. Two major advantages it offers are the overall completeness of the solution and the way that it enables application developers to work on various parts of a given project simultaneously.
Kulbhushan M., co-founder and technical architect at Think NYX Technologies LLP, writes, “The SaaS setup is impressive, and it has DAST solutions. It also has dependency check and scanning mechanisms. If we were using other solutions, they would have to be configured, and we would have to set them to us as a third party, but GitLab is straightforward. GitLab is a single solution that helps us do everything we need.”
Zeeshan R., a software engineer at OZ, writes, “The best thing is that as the developers work on separate tasks, all of the code goes there and the other team members don't have to wait on each other to finish. We can all work on our code in tandem.”
Contrast Security Assess is ranked 13th in Application Security Testing (AST) with 3 reviews while GitLab is ranked 3rd in Application Security Testing (AST) with 48 reviews. Contrast Security Assess is rated 8.6, while GitLab is rated 8.6. The top reviewer of Contrast Security Assess writes "We're gathering vulnerability data from multiple environments in real time, fundamentally changing how we identify issues in applications". On the other hand, the top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". Contrast Security Assess is most compared with Veracode, SonarQube, Snyk, Fortify WebInspect and PortSwigger Burp Suite Professional, whereas GitLab is most compared with Microsoft Azure DevOps, TeamCity, Tekton, AWS CodePipeline and Sonatype Nexus Lifecycle. See our Contrast Security Assess vs. GitLab report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.