IT Central Station is now PeerSpot: Here's why

JFrog Xray vs Sonatype Nexus Firewall comparison

Cancel
You must select at least 2 products to compare!
Featured Review
Buyer's Guide
Software Composition Analysis (SCA)
July 2022
Find out what your peers are saying about Snyk, GitLab, Mend and others in Software Composition Analysis (SCA). Updated: July 2022.
620,319 professionals have used our research since 2012.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Good reporting functionalities."

More JFrog Xray Pros →

"Another thing that I like about Sonatype is that if you download something today, and five days from today it becomes vulnerable, it will notify you."

More Sonatype Nexus Firewall Pros →

Cons
"Lacks deeper reporting, the ability to compare things."

More JFrog Xray Cons →

"What I don't like is the lack of an option to pick up the phone and call someone for support. That is something they need to improve on. They need to have a professional services package, or they need to include that option with their services."

More Sonatype Nexus Firewall Cons →

Pricing and Cost Advice
Information Not Available
  • "The pricing is reasonable if you're a large enterprise developing code. It's not super-expensive."
  • More Sonatype Nexus Firewall Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Software Composition Analysis (SCA) solutions are best for your needs.
    620,319 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:Good reporting functionalities.
    Top Answer:I'd like to see deeper reporting, they're pretty basic and there are no categories for comparing things. I'd also like to see an improvement with the documentation, there's not much available on their… more »
    Top Answer:I'm using this solution for scanning artifacts related to the Jfrog Artifactory. I'm scanning them, checking licenses and things like that. I'm a DevOps engineer intern and we are customers of JFrog.
    Top Answer:Another thing that I like about Sonatype is that if you download something today, and five days from today it becomes vulnerable, it will notify you.
    Top Answer:The pricing is reasonable if you're a large enterprise developing code. It's not super-expensive. There are no costs in addition to the standard fees.
    Top Answer:With the security concerns around open source, the management and vulnerability scanning, it's relatively new. In today's world more and more people are going through the open source arena and… more »
    Ranking
    Views
    6,112
    Comparisons
    5,070
    Reviews
    1
    Average Words per Review
    211
    Rating
    8.0
    Views
    1,510
    Comparisons
    753
    Reviews
    2
    Average Words per Review
    1,355
    Rating
    8.5
    Comparisons
    Also Known As
    Nexus Firewall
    Learn More
    Overview

    JFrog is on a mission to enable continuous updates through Liquid Software, empowering developers to code high-quality applications that securely flow to end-users with zero downtime. The world’s top brands such as Amazon, Facebook, Google, Netflix, Uber, VMware, and Spotify are among the 4500 companies that already depend on JFrog to manage binaries for their mission-critical applications. JFrog is a privately-held, global company, and is a proud sponsor of the Cloud Native Computing Foundation [CNCF].

    If you are a team player and you care and you play to WIN, we have just the job you're looking for.

    As we say at JFrog: "Once You Leap Forward You Won't Go Back!"​

    Nexus Firewall is a perimeter quality control for software development. Similar to a network firewall, it leverages rules you define that automatically shield you from unacceptable software components entering and another set for stopping them from exiting your application development.

    Offer
    Try it Now

    Enjoy a free DevOps platform cloud subscription

    Learn more about Sonatype Nexus Firewall
    Sample Customers
    google, amazon, cisco, netflix, oracle, vmware, facebook
    EDF, Tomitribe, Crosskey, Blackboard, Travel audience
    Top Industries
    VISITORS READING REVIEWS
    Computer Software Company22%
    Financial Services Firm19%
    Comms Service Provider10%
    Manufacturing Company7%
    VISITORS READING REVIEWS
    Computer Software Company23%
    Financial Services Firm17%
    Comms Service Provider13%
    Government9%
    Company Size
    VISITORS READING REVIEWS
    Small Business13%
    Midsize Enterprise13%
    Large Enterprise74%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise11%
    Large Enterprise69%
    Buyer's Guide
    Software Composition Analysis (SCA)
    July 2022
    Find out what your peers are saying about Snyk, GitLab, Mend and others in Software Composition Analysis (SCA). Updated: July 2022.
    620,319 professionals have used our research since 2012.

    JFrog Xray is ranked 9th in Software Composition Analysis (SCA) with 1 review while Sonatype Nexus Firewall is ranked 8th in Software Composition Analysis (SCA) with 2 reviews. JFrog Xray is rated 8.0, while Sonatype Nexus Firewall is rated 8.6. The top reviewer of JFrog Xray writes "Stable, scalable and offers great reporting functionalities". On the other hand, the top reviewer of Sonatype Nexus Firewall writes "Significantly decreases our time to market for secure apps by automating open source approval". JFrog Xray is most compared with Black Duck, Snyk, Sonatype Nexus Lifecycle, Fortify Static Code Analyzer and Checkmarx Software Composition Analysis, whereas Sonatype Nexus Firewall is most compared with Black Duck, SonarQube, Snyk, Cisco ASA Firewall and Mend.

    See our list of best Software Composition Analysis (SCA) vendors.

    We monitor all Software Composition Analysis (SCA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.