GitHub vs Sonatype Repository Firewall comparison

GitHub

Read 75 GitHub reviews

2,450 Views
995 Comparison Views

100% willing to recommend

Sonatype Repository Firewall

Read 3 Sonatype Repository Firewall reviews

736 Views
385 Comparison Views

100% willing to recommend

GitHub

Sonatype Repository Firewall

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between GitHub and Sonatype Repository Firewall based on real PeerSpot user reviews.

Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed GitHub vs. Sonatype Repository Firewall Report (Updated: July 2024).

Buyer's Guide

GitHub vs. Sonatype Repository Firewall

July 2024

Download the complete report

Helped 793,295 peers since 2012

Categories and Ranking

GitHub

Ranking in Application Security Tools

9th

Average Rating

8.6

Number of Reviews

Ranking in other categories

Version Control (3rd)

Sonatype Repository Firewall

Ranking in Application Security Tools

35th

Average Rating

8.4

Number of Reviews

Ranking in other categories

Software Composition Analysis (SCA) (14th)

Mindshare comparison

As of July 2024, in the Application Security Tools category, the mindshare of GitHub is 0.9%, down from 1.4% compared to the previous year. The mindshare of Sonatype Repository Firewall is 0.4%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Application Security Tools

Unique Categories:

Version Control

3.6%

Software Composition Analysis (SCA)

1.5%

Featured Reviews

Rod Nepo

Software Engineer at Wonders

Jun 8, 2023

An easy-to-deploy solution since the user just needs to run the script for the deployment to be done in a few minutes

We just use GitHub for the repository in our company So we have a central repository. So, we do recommend the need to push and pull everything, and that's how we use it. The requests, push, pull, merge, and everything else in the solution are its valuable features. Later, people make their…

Read full review

Ashish Shukla

Global Treasurer at Genpact

Apr 11, 2022

You will get clean code every time, and that's a great achievement

For the QA team, it's a really good tool. For those who are not on the QA team, it is also a good tool to use for SDL in the SDLC. It plays a very critical role of doing the automatic quality check recommendation. Meaning, when using this tool, people can easily rectify the issues in the environment itself, instead of going to a higher environment and identifying them. This tool is quite easy to use and learn. We decided that there was no need to hire anyone new who would specialize in this. We had a team of about five to ten people who learned how to use this tool. There are some other automation tools like Jenkins, for example, that require a lot of effort to configure and write out the code, but you do not need to do such for this tool. I thought outside of the box and saw that there are many options available to us when using this tool. The plugins are there, you can download and use the tool at ease and you do not need to do any kind of development. Overall, it’s quite easy to use.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"GitHub's source code management is top-notch. It's easy to inspect changes and visualize code and differences. Their action system is comprehensive in terms of making changes and automation."

"The most valuable features are GitHub are the standard features, they are very useful."

"Even if I'm not in the office, I can access and work on my code from anywhere with my account credentials."

"The most valuable features of GitHub are the ease of integration into Microsoft Azure DevOps. The process that you need to deploy into Microsoft Azure becomes fairly simple and the templates are already available, a lot of the engineers find it easier to use."

"This solution is just easy to use."

"It's beneficial for managing multiple tasks and controlling versions of your product."

"GitHub's merging feature is much better than that of other products because merging is done daily."

"All the features are valuable, but the most important feature is that GitHub has advanced security. The second important feature is the capability to create custom GitHub actions and the capability to deploy in different types of architectural infrastructures, such as hybrid, private, or public."

More GitHub pros

"Another thing that I like about Sonatype is that if you download something today, and five days from today it becomes vulnerable, it will notify you."

"The product's network and intrusion protection features are valuable. It also has rules and compliance features for security."

Cons

"We want to incorporate management comments within GitHub, making it more like a product management tool. We haven't done that yet. Another change we're considering is migrating from GitHub to Azure DevOps, especially now that Microsoft has introduced it."

"I think it would be valuable to have more security. Some of the data is very open to everyone."

"The project management sector really needs some improvement for GitHub. I don't know if GitHub made sense for me as a project manager."

"The product must document the CI/CD process more."

"It is difficult to merge a code or restore it to an older version."

"We would like this solution to have a more user-friendly interface."

"I would want to see some form of code security scanning implemented."

"I would like to see more security where a plugin was available for us to update in relation to security."

More GitHub cons

"What I don't like is the lack of an option to pick up the phone and call someone for support. That is something they need to improve on. They need to have a professional services package, or they need to include that option with their services."

"The tool needs to improve its file systems. The product should also include zero test feature."

Pricing and Cost Advice

"I use the free version of the tool."

"GitHub is an open-source application. It's free to use."

"The tool offers a free program. As you go, you can upgrade from the community version to the professional one. I believe it costs about ten dollars per person, per month."

"If there are only 10 people using a particular repository, then GitHub is free. But if we increase the number of users, we need to pay the normal charge for GitHub."

"We are currently paying nothing for GitHub."

"You don't have to pay for a license if you are using the free version."

"The licensing model from GitHub is very clear."

"We pay a licensing fee for GitHub, which could be cheaper."

More GitHub pricing and cost advice

"The pricing is reasonable if you're a large enterprise developing code. It's not super-expensive."

See which vendors are best for you

Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.

See recommendations

793,295 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

14%

Manufacturing Company

12%

Financial Services Firm

11%

Government

Financial Services Firm

33%

Government

10%

Manufacturing Company

Computer Software Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

What do you like most about GitHub?

The control is the most valuable feature as developers can work on a single code.

See all answers

What is your experience regarding pricing and costs for GitHub?

There are several licensing models available for the product. The basic licensing model is free, and if you need to have technical support and such things, then it does cost something. You only nee...

See all answers

What needs improvement with GitHub?

Speaking of what can be made better in a solution is a difficult topic to discuss because it is not just technology. The tool could improve in the area of artificial intelligence methods. Recently,...

See all answers

What do you like most about Sonatype Nexus Firewall?

The product's network and intrusion protection features are valuable. It also has rules and compliance features for security.

See all answers

What is your primary use case for Sonatype Nexus Firewall?

The product helps with vulnerability and security assessment. It also helps with assessment at the configuration level.

See all answers

What advice do you have for others considering Sonatype Nexus Firewall?

I would rate the solution an eight out of ten.

See all answers

Comparisons

Snyk vs GitHub

Compared 26% of the time

Fortify on Demand vs GitHub

Compared 13% of the time

AWS CodeCommit vs GitHub

Compared 12% of the time

Bitbucket vs GitHub

Compared 11% of the time

Mend.io vs GitHub

Compared 1% of the time

More GitHub Competitors

JFrog Xray vs Sonatype Repository Firewall

Compared 36% of the time

Cisco Secure Firewall vs Sonatype Repository Firewall

Compared 11% of the time

Black Duck vs Sonatype Repository Firewall

Compared 11% of the time

GitLab vs Sonatype Repository Firewall

Compared 9% of the time

Waratek ARMR vs Sonatype Repository Firewall

Compared 5% of the time

More Sonatype Repository Firewall Competitors

Product Reports

Buyer's Guide

GitHub

July 2024

Download GitHub product report

Buyer's Guide

Application Security Tools

July 2024

Download Sonatype Repository Firewall product report

Also Known As

No data available

Sonatype Nexus Firewall, Nexus Firewall

Learn More

GitHub

Sonatype

Overview

GitHub is a web-based Git repository hosting service. It offers all of the distributed revision control and source code management (SCM) functionality of Git as well as adding its own features. Unlike Git, which is strictly a command-line tool, GitHub provides a Web-based graphical interface and desktop as well as mobile integration. It also provides access control and several collaboration features such as bug tracking, feature requests, task management, and wikis for every project.

Sonatype Repository Firewall is a cloud-based security solution designed to safeguard your software supply chain against malicious components. It operates by meticulously scanning and evaluating each new component against customized governance policies, thereby effectively identifying and blocking potential threats before they infiltrate your development pipeline. What sets Sonatype Repository Firewall apart is its user-friendly setup, seamless integration with existing workflows, and remarkable scalability, making it suitable for software development environments of any size. Key features include blocking malicious components through behavioral analysis, malware scanning, and vulnerability assessment, as well as the ability to enforce custom governance policies. By utilizing this tool, organizations can enhance their software supply chain security, mitigate risks related to supply chain attacks, bolster compliance with industry standards, and ultimately reduce costs associated with security incidents.

Sample Customers

Dominion Enterprises, NASA, Braintree, SAP, CyberAgent

EDF, Tomitribe, Crosskey, Blackboard, Travel audience

Buyer's Guide

GitHub vs. Sonatype Repository Firewall

July 2024

Free Report: GitHub vs. Sonatype Repository Firewall

Find out what your peers are saying about GitHub vs. Sonatype Repository Firewall and other solutions. Updated: July 2024.

DOWNLOAD NOW

793,295 professionals have used our research since 2012.

See our GitHub vs. Sonatype Repository Firewall report.

See our list of best Application Security Tools vendors.

We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.