We performed a comparison between JFrog Xray and Tufin Orchestration Suite based on real PeerSpot user reviews.
Find out in this report how the two Container Security solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."JFrog Xray shows us a list of vulnerabilities that can impact our code."
"I would say that this solution has helped our organization by allowing us to automate a lot of the processes."
"JFrog Xray's reporting feature has a lot of options in it, including scanning."
"The most valuable feature of JFrog Xray is the display of the entire internal dependencies hierarchy."
"If multiple dependencies and vulnerabilities are found in a project, JFrog Xray is intelligent enough to tell you which vulnerability to target first."
"The solution is stable and reliable."
"Good reporting functionalities."
"SecureChange is the most interesting part. It all comes down to having the user request firewall access and SecureChange, based on workflows, takes care of it, sending two or three emails to the business approvers. With one click, you can automate a firewall rule."
"The best feature for me is being able to look up objects within all of our policies, because we have a little over 12,000 rules and over 30,000 objects. When one person says, 'Hey, where's my server?' I can just go to Tufin and say, 'Hey, where is that server?' and very quickly it tells you where it is, what policy it's on. That is a life saver."
"We can get reports with Tufin at anytime. We can have automated reports, even with security and compliance."
"The initial setup was straightforward."
"I had been impressed with the depth of capabilities within SecureTrack, particularly, in terms of generating insights for a user and firewall operator. With SecureTrack, I've been impressed with the level of flexibility with workflow design and its ability to generate different work streams and flows through the tool that are customized for our organization processes."
"Our engineers save quite a bit of time that was previously spent on manual processes."
"We've scaled it to hundreds of firewalls."
"The product streamlines our change management process."
"The speed of JFrog Xray should improve. Other solutions have better performance."
"I think that the user interface should be expanded to provide customers with a better dashboard for reviewing their feedback regarding their images and the vulnerabilities that are associated with the images."
"JFrog Xray's documentation and error logging could be improved."
"Lacks deeper reporting, the ability to compare things."
"JFrog Xray does not have a dashboard."
"Reporting is crucial, but it is lacking in the current tool. Every organization seeks specific data points rather than general information. Therefore, we require customized reports from the Xray tool."
"Since we have been using the solution via APIs, there are some limitations in the APIs."
"The pricing of the solution is rather expensive."
"Currently, we have to get different data from different sections of the site. It would be nice if it was all combined into one."
"Currently, we are able to monitor access rules and the operating system of a firewall. It would be great if we can also monitor the configuration of the firewall through Tufin."
"I would like more enforcement. Right now. it's a lot of alerting. You see it in Tufin, but you have to go to Check Point or whatever device to make the actual action."
"I would like to see improved role-based access."
"We had a discussion in the Customer Advisory Board yesterday around use of SecureChange. We would like to have an opportunity for an engineer to choose if you want to make or take the policy which has been suggested by the designer functionality, making it more human readable or less human readable (more or less granular). This would be huge for the customers who are using SecureChange. They said this was one of their issues with it, especially for anything that was going into a regulator's or auditor's hands. The more human readable, the better that it would be, and this would definitely be applicable to our industry. It sounds like they are working on this issue, or they took the feedback, but that would be a big one for us in being able to make the jump to SecureChange."
"When it comes to web services, in my experience, Tomcat has always gone down; after a certain amount of load it breaks down and we have to get things restored again."
"I wish there was a read-only admin option. I don't like that you have to be a full admin just to see the Network Topology Map. That option is great out there if you are a user, multi-domain user, etc. However, that piece is very helpful for us, but I also don't want to be handing out admin access to every single person so they can see that network tab."
JFrog Xray is ranked 19th in Container Security with 7 reviews while Tufin Orchestration Suite is ranked 23rd in Container Security with 180 reviews. JFrog Xray is rated 8.2, while Tufin Orchestration Suite is rated 8.0. The top reviewer of JFrog Xray writes "An intelligent solution that prioritizes which vulnerability to target first in your project". On the other hand, the top reviewer of Tufin Orchestration Suite writes "A flexible, very secure solution that works well in Layer 2 environments". JFrog Xray is most compared with Black Duck, Snyk, Veracode, Mend.io and Trivy, whereas Tufin Orchestration Suite is most compared with AlgoSec, FireMon Security Manager, Skybox Security Suite, Palo Alto Networks Panorama and ManageEngine Firewall Analyzer. See our JFrog Xray vs. Tufin Orchestration Suite report.
See our list of best Container Security vendors.
We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.