"Good reporting functionalities."
"Another thing that I like about Sonatype is that if you download something today, and five days from today it becomes vulnerable, it will notify you."
"Lacks deeper reporting, the ability to compare things."
"What I don't like is the lack of an option to pick up the phone and call someone for support. That is something they need to improve on. They need to have a professional services package, or they need to include that option with their services."
JFrog is on a mission to enable continuous updates through Liquid Software, empowering developers to code high-quality applications that securely flow to end-users with zero downtime. The world’s top brands such as Amazon, Facebook, Google, Netflix, Uber, VMware, and Spotify are among the 4500 companies that already depend on JFrog to manage binaries for their mission-critical applications. JFrog is a privately-held, global company, and is a proud sponsor of the Cloud Native Computing Foundation [CNCF].
If you are a team player and you care and you play to WIN, we have just the job you're looking for.
As we say at JFrog: "Once You Leap Forward You Won't Go Back!"
Nexus Firewall is a perimeter quality control for software development. Similar to a network firewall, it leverages rules you define that automatically shield you from unacceptable software components entering and another set for stopping them from exiting your application development.
Enjoy a free DevOps platform cloud subscription
JFrog Xray is ranked 9th in Software Composition Analysis (SCA) with 1 review while Sonatype Nexus Firewall is ranked 8th in Software Composition Analysis (SCA) with 2 reviews. JFrog Xray is rated 8.0, while Sonatype Nexus Firewall is rated 8.6. The top reviewer of JFrog Xray writes "Stable, scalable and offers great reporting functionalities". On the other hand, the top reviewer of Sonatype Nexus Firewall writes "Significantly decreases our time to market for secure apps by automating open source approval". JFrog Xray is most compared with Black Duck, Snyk, Sonatype Nexus Lifecycle, Fortify Static Code Analyzer and Checkmarx Software Composition Analysis, whereas Sonatype Nexus Firewall is most compared with Black Duck, SonarQube, Snyk, Cisco ASA Firewall and Mend.
See our list of best Software Composition Analysis (SCA) vendors.
We monitor all Software Composition Analysis (SCA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.