No more typing reviews! Try our Samantha, our new voice AI agent.

GitHub Advanced Security vs Xygeni comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

GitHub Advanced Security
Ranking in Application Security Tools
12th
Average Rating
8.6
Reviews Sentiment
6.5
Number of Reviews
12
Ranking in other categories
No ranking in other categories
Xygeni
Ranking in Application Security Tools
23rd
Average Rating
9.0
Reviews Sentiment
7.0
Number of Reviews
4
Ranking in other categories
Software Composition Analysis (SCA) (15th), Software Supply Chain Security (14th), Application Security Posture Management (ASPM) (13th)
 

Mindshare comparison

As of July 2026, in the Application Security Tools category, the mindshare of GitHub Advanced Security is 2.4%, down from 8.4% compared to the previous year. The mindshare of Xygeni is 0.9%, up from 0.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools Mindshare Distribution
ProductMindshare (%)
GitHub Advanced Security2.4%
Xygeni0.9%
Other96.7%
Application Security Tools
 

Featured Reviews

Devendiran Kandan - PeerSpot reviewer
DevOps Engineer at a tech vendor with 1,001-5,000 employees
Security scanning has protected our pipelines but currently needs clearer dashboards and controls
We used additional third-party solutions, but we replaced them with GitHub Advanced Security, even though I do not have a very good opinion about GitHub Advanced Security. Even though it is an inline product, I'm not seeing user-friendly things in GitHub Advanced Security. Dependent bots and the secret detection are good compared to others. However, code scanning is not finding very good results based on pipeline where it will scan and do code scanning. While build, before building and deploying the code, we want to block or do an advanced model, but it is not supporting. During deployment, code scanning is not good. It is a little complicated. It is not a straightforward method we can complete. We need expertise to get the full benefit, and troubleshooting sometimes requires going through that. The security overview dashboard is not really clear. It's not showing centralized information; each repo is showing, but if you compare it with competitors, it is not that great. Mainly in the centralized dashboard, enterprise level needs to improve. A centralized way where we can get that overall view is needed, and we want that code scanning and blocking deployments based on security. There are AI improvements, but however, it is not so easy to configure. It is multiple windows we need to go through and make changes or configure that. A few things we need to enable going into settings, and a few things we can find out in security. One product where security means the security dashboard should cover everything, but it is going here and there in many places.
AI
Business development manager at RSsecurity
Unified monitoring has reduced alert noise and provides accurate, proactive application security
Xygeni was highly effective for us, but there are areas where improvements could be made. More customization options for dashboards and reports would help teams tailor the platform to their specific metrics and workflows. I also occasionally encounter DevOps tools that are not yet supported natively. Expanded coverage for niche or emerging tools would make onboarding even smoother. These points, however, are minor compared to the overall value the platform delivers, especially given the strength of its AI-driven detection, remediation, and supply chain protection capabilities. It would also be an improvement for licensing with regard to on-premise variants. Perhaps we could have an on-premise option for standard subscription.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I have not experienced any performance or stability issues with GitHub Advanced Security."
"GitHub Advanced Security's secret scanning is good."
"GitHub Advanced Security is ten out of ten scalable."
"It is a stable solution...It is a scalable solution as it can handle new applications along with the analysis part."
"The best features of GitHub Advanced Security are its flexibility and the multiple options it has compared to other tools."
"It ensures user passwords or sensitive information are not accidentally exposed in code or reports."
"GitHub provides advanced security, which is why the customers choose this tool; it allows them to rely solely on GitHub as one platform for everything they need."
"The product's most valuable features are security scan, dependency scan, and cost-effectiveness."
"Xygeni provides a comprehensive and developer-friendly approach to securing the entire software supply chain."
"The visibility of our open-source supply chain dependencies and real-time detection of vulnerabilities have been invaluable."
"The best Xygeni feature is the ability to filter what is truly important, which really helps me focus on the key vulnerabilities in the software that I am building."
"Since using Xygeni, the time to review vulnerabilities has decreased."
 

Cons

"There could be a centralized dashboard to view reports of all the projects on one platform."
"GitHub Advanced Security should look into API security issues, which they currently do not. Additionally, open-source security vulnerabilities are not getting updated in a timely manner."
"A more refined approach, categorizing and emphasizing specific vulnerabilities, would be beneficial."
"The reporting feature might need improvement. While it integrates seamlessly with my workflow, it doesn't provide management with oversight, such as statistics and the number of vulnerabilities."
"The deployment part of the product is an area of concern that needs to be made easier from an improvement perspective."
"An area of GitHub Advanced Security that has room for improvement is customization."
"The customizations are a little bit difficult."
"The report limitations are the main issue."
"There should be more configuration options that make it easier to target the issues that are more important in your organization's context."
"Xygeni was highly effective for us, but there are areas where improvements could be made."
"Xygeni could be improved if on-premise options were available starting from the starter packages, not only the enterprise models."
"Xygeni can be more automated."
 

Pricing and Cost Advice

"The solution is expensive."
"The current licensing model, which relies on active commitments, poses challenges, particularly in predicting and managing growth."
Information not available
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
15%
Computer Software Company
10%
Manufacturing Company
8%
Government
7%
Comms Service Provider
22%
Outsourcing Company
11%
Security Firm
11%
Construction Company
10%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business1
Midsize Enterprise4
Large Enterprise7
No data available
 

Questions from the Community

What needs improvement with GitHub Advanced Security?
We used additional third-party solutions, but we replaced them with GitHub Advanced Security, even though I do not have a very good opinion about GitHub Advanced Security. Even though it is an inli...
What is your primary use case for GitHub Advanced Security?
I'm working with software development nowadays. As a process, we are using the dependent bot alerts and the code scanning for Java, and some of the code scanning is happening. Security secrets in c...
What advice do you have for others considering GitHub Advanced Security?
Dependent bots and the secret detection are good compared to others. However, code scanning is not finding very good results based on pipeline where it will scan and do code scanning. While build, ...
What is your experience regarding pricing and costs for Xygeni?
The pricing is reasonable. Xygeni provided me with the pricing list that is already public on the web, so it is very clear.
What needs improvement with Xygeni?
Xygeni can be more automated. The team is currently working on auto-remediation pipelines, which could be really helpful. There is probably room for improvement, but for me, it is one of the best t...
What is your primary use case for Xygeni?
I use Xygeni to perform SAST and SCA analysis, and to gain better understanding of how my deployment pipelines are configured. Xygeni helps me understand what I am deploying and the level of integr...
 

Interactive Demo

Demo not available
 

Overview

 

Sample Customers

Information Not Available
BKool, Onum, Napptive, Fintonic, Adaion, Metricool, Arexdata, ...
Find out what your peers are saying about GitHub Advanced Security vs. Xygeni and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.