No more typing reviews! Try our Samantha, our new voice AI agent.

JFrog Xray vs XM Cyber comparison

JFrog and XM Cyber are both solutions in the Vulnerability Management category. JFrog is ranked #39 with an average rating of 7.0, while XM Cyber is ranked #34 with an average rating of 8.3. JFrog holds a 1.4% mindshare in VM, compared to XM Cyber’s 1.0% mindshare. Additionally, 90% of JFrog users are willing to recommend the solution, compared to 100% of XM Cyber users who would recommend it.
JFrog Xray
Read 10 JFrog Xray reviews
  • 7,980 Views
  • 1,995 Comparison Views
90% willing to recommend
XM Cyber
Read 6 XM Cyber reviews
  • 3,320 Views
  • 1,461 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Oct 9, 2024

JFrog Xray and XM Cyber both operate in the security solutions sector. It appears that XM Cyber has an advantage due to its comprehensive feature set, though JFrog Xray is favored for its pricing and support.

Features: JFrog Xray offers robust vulnerability scanning, dependency detection, and integration with development tools. XM Cyber focuses on attack simulation, threat analysis, and proactive security measures.

Room for Improvement: JFrog Xray could improve its deployment complexity, overall user interface, and integration flexibility. XM Cyber might enhance the clarity of its pricing model, expand its support channels, and streamline some advanced feature configurations.

Ease of Deployment and Customer Service: XM Cyber offers easy deployment with a cloud-based option and strong support. JFrog Xray requires more configuration, relying on its documentation and support resources.

Pricing and ROI: JFrog Xray provides a cost-effective pricing model with a solid ROI through vulnerability management. XM Cyber, with a higher price, promises greater long-term ROI given its comprehensive capabilities in threat detection.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed JFrog Xray vs. XM Cyber Report (Updated: March 2026).
Buyer's Guide
JFrog Xray vs. XM Cyber
March 2026
Download the complete report
Helped 885,311 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
3.5
JFrog Xray improved efficiency, security, and compliance, reduced downtime, and sped up release cycles with enhanced vulnerability detection and reporting.
Sentiment score
6.0
XM Cyber improves efficiency, cutting vulnerability management labor, saving money, and enhancing risk management with superior risk tracking capabilities.
No quotes available
For more quotes and insights, download the JFrog Xray report
There was a specific issue that our other security tooling did not pick up, but XM Cyber did.
Stephen Owen
Group CISO at a insurance company with 51-200 employees
It's reduced the timescale to remediate vulnerabilities that are identified as representing a high risk.
John Meakin
Chief Information Security Officer at a financial services firm with 5,001-10,000 employees
For more quotes and insights, download the XM Cyber report
 

Customer Service

Sentiment score
4.0
JFrog Xray's customer service is generally well-received, with positive technical support, though not all users engage directly.
Sentiment score
6.2
XM Cyber's customer service is highly rated for responsiveness and effectiveness, with some minor improvement suggested by a user.
When we need clarifications, we contact our account manager, and they arrange demos.
Vinod Bhupathiraju
Development Senior at a financial services firm with 5,001-10,000 employees
On a scale of 1 to 10, I would rate the technical support of JFrog Xray an eight because they are very knowledgeable.
reviewer2757060
DevSecOps Engineer at a tech services company with 501-1,000 employees
For more quotes and insights, download the JFrog Xray report
The customer support is fantastic; it's probably some of the best we've received across all our security vendors.
Stephen Owen
Group CISO at a insurance company with 51-200 employees
Customer support for XM Cyber is good, responsive, and it follows up on issues.
John Meakin
Chief Information Security Officer at a financial services firm with 5,001-10,000 employees
For more quotes and insights, download the XM Cyber report
VB
reviewer2757060 - PeerSpot reviewerStephen Owen - PeerSpot reviewer
JM
 

Scalability Issues

Sentiment score
6.8
JFrog Xray is scalable and suitable for multiple applications, despite PostgreSQL limitations and some performance challenges.
Sentiment score
7.3
XM Cyber provides scalable, reliable solutions with easy licensing and deployment, receiving high ratings and responsive partner support.
According to my use case, it is highly scalable.
Anand Nanwana
DevOps Engineer at Syvora
For more quotes and insights, download the JFrog Xray report
Its scalability is great; it's easy to deploy and fully scalable.
Jerome Monot
IT Security manager at a tech services company with 10,001+ employees
We have not experienced any issues with scalability or reached its limits.
Stephen Owen
Group CISO at a insurance company with 51-200 employees
For more quotes and insights, download the XM Cyber report
Anand Nanwana - PeerSpot reviewer
JM
Stephen Owen - PeerSpot reviewer
 

Stability Issues

Sentiment score
7.6
JFrog Xray is praised for stability and security, compared favorably to competitors, with minor concerns about PostgreSQL support.
Sentiment score
8.0
XM Cyber is highly stable, quickly addressing minor issues, ensuring reliable and consistent performance in complex environments.
I use JFrog Xray primarily for security purposes, and I find it reliable.
Anand Nanwana
DevOps Engineer at Syvora
We did experience crashes, downtimes, and performance issues with JFrog Xray.
reviewer2757060
DevSecOps Engineer at a tech services company with 501-1,000 employees
For more quotes and insights, download the JFrog Xray report
We have quite a complex and large IT estate, and we've certainly experienced no limitations or problems arising from the ability of XM Cyber's product to scale across that estate.
John Meakin
Chief Information Security Officer at a financial services firm with 5,001-10,000 employees
For more quotes and insights, download the XM Cyber report
Anand Nanwana - PeerSpot reviewerreviewer2757060 - PeerSpot reviewer
JM
 

Room For Improvement

Users demand better reporting, documentation, UI, site performance, API limits, custom reports, vulnerability management, and integration support.
XM Cyber should enhance mobile access, AI integration, support, visualization, tool compatibility, vulnerability detection, pricing, and advanced analytics.
When we have given a very long tag, it doesn't work as expected and requires excessive scrolling.
Anand Nanwana
DevOps Engineer at Syvora
somehow you need to adapt your GitLab pipeline and turn them into JFrog pipeline, and this is something they don't really advertise at first—you're obliged to use the JFrog CLI.
reviewer2757060
DevSecOps Engineer at a tech services company with 501-1,000 employees
X-ray needs improvement in supporting more than one database, as it currently only supports PostgreSQL.
Vinod Bhupathiraju
Development Senior at a financial services firm with 5,001-10,000 employees
For more quotes and insights, download the JFrog Xray report
We push the boundaries with digital twins; I understand XM Cyber uses a similar concept of graph databases to map environments.
Stephen Owen
Group CISO at a insurance company with 51-200 employees
They could improve support because when we need to create a super case and escalate to resolve with technical support, they resolve our ticket in approximately two weeks.
Amelia Torres Medrano
Chief Information Security Officer at Prezero
The part that can be improved is the mobile exposure and the IBM i specific equipment.
Jerome Monot
IT Security manager at a tech services company with 10,001+ employees
For more quotes and insights, download the XM Cyber report
Anand Nanwana - PeerSpot reviewerreviewer2757060 - PeerSpot reviewer
VB
Stephen Owen - PeerSpot reviewerAmelia Torres Medrano - PeerSpot reviewer
JM
 

Valuable Features

JFrog Xray offers deep scanning, seamless integration with Artifactory, robust vulnerabilities management, flexible deployment, and attractive pricing.
XM Cyber enhances security by simulating attacks, assessing risks, identifying vulnerabilities, and optimizing asset protection with metrics and cost savings.
The most valuable features of JFrog Xray are its curation capabilities, its native integration with Artifactory, scanning for vulnerabilities, and license compliance features.
Vinod Bhupathiraju
Development Senior at a financial services firm with 5,001-10,000 employees
The policy-driven approach of JFrog Xray helped me maintain security standards by integrating it in the development pipeline.
reviewer2757060
DevSecOps Engineer at a tech services company with 501-1,000 employees
With other registries such as ECR, we can use the images only in the AWS cloud. With JFrog, we can use this registry from any cloud or work locally as well.
Anand Nanwana
DevOps Engineer at Syvora
For more quotes and insights, download the JFrog Xray report
Our loss exposure amount has reduced significantly, leading to two big wins: our loss exposure amount has gone down, and we have direct savings from focusing our team's time on what's important, allowing them to work on other business benefits and generate value for the company.
Stephen Owen
Group CISO at a insurance company with 51-200 employees
By far, the best feature of XM Cyber is being able to map out the way vulnerabilities can be exploited based on what they call the choke points in the network where the path that a bad actor would take comes closest to assets within our environment that are most vulnerable but also most valuable.
John Meakin
Chief Information Security Officer at a financial services firm with 5,001-10,000 employees
XM Cyber allows us to quantify the risk, and we are able to track remediation, so we can quantify the risk at an executive level and also to a technical IT team.
Jerome Monot
IT Security manager at a tech services company with 10,001+ employees
For more quotes and insights, download the XM Cyber report
VB
reviewer2757060 - PeerSpot reviewerAnand Nanwana - PeerSpot reviewerStephen Owen - PeerSpot reviewer
JM
JM
 

Categories and Ranking

JFrog Xray
Ranking in Vulnerability Management
39th
Average Rating
7.8
Reviews Sentiment
6.3
Number of Reviews
10
Ranking in other categories
Container Security (14th), Software Composition Analysis (SCA) (5th), Software Supply Chain Security (2nd)
XM Cyber
Ranking in Vulnerability Management
34th
Average Rating
8.2
Reviews Sentiment
6.9
Number of Reviews
6
Ranking in other categories
Continuous Controls Monitoring (3rd), Cloud Security Posture Management (CSPM) (26th), Continuous Threat Exposure Management (CTEM) (4th)
 

Mindshare comparison

As of March 2026, in the Vulnerability Management category, the mindshare of JFrog Xray is 1.4%, down from 1.6% compared to the previous year. The mindshare of XM Cyber is 1.0%, up from 0.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
XM Cyber1.0%
JFrog Xray1.4%
Other97.6%
Vulnerability Management
 

Featured Reviews

Anand Nanwana - PeerSpot reviewer
Anand Nanwana
DevOps Engineer at Syvora
Offers flexibility across clouds and easy credential management while interface improvements are needed
For JFrog Xray, the Artifactory and package repositories are valuable features. There are many benefits from JFrog Xray. For example, with other registries such as ECR, we can use the images only in the AWS cloud. With JFrog, we can use this registry from any cloud or work locally as well. JFrog can support multiple packages, such as NuGet package, pip, and other technologies. It can be used for Terraform as well. The credential management is very easy in JFrog. For instance, when using GitHub action as a CI/CD tool, I just need to create a token and set up JFrog CLI there and give access to the repository. With multiple repositories, I can generate a token for a specific repository, add that token in the GitHub secret, fetch from the CI/CD, run the command JFrog CLI, and authenticate through the token. Then we can push the images into JFrog.
Read full review
Stephen Owen - PeerSpot reviewer
Stephen Owen
Group CISO at a insurance company with 51-200 employees
Has significantly improved risk visibility and optimized remediation efforts across dynamic environments
We tightly integrate with APIs, consuming feeds and open source data. We have integrated with XM Cyber, and we are elevating ourselves with AI and MCP tools as we view this as a forerunner to reducing the workload for our agents and IT staff. We're pushing all our security partners to provide AI and MCP tools. Our vision is for them to offer a chat interface where a junior IT or an experienced infrastructure engineer can ask for what needs to be patched next without using an interface. Their current interface is very usable and professional, ranking in the top tier of applications. Their reporting is good, offering custom reports, and their API integration is a new capability that serves us well. We have high expectations for the next generation, such as a chat interface to ask questions. However, everything has been very good. We push the boundaries with digital twins; I understand XM Cyber uses a similar concept of graph databases to map environments. I would like access to that and querying languages, enabling more informed business decisions. XM Cyber sees much of our estate, which is beneficial for making informed decisions, and we can harness those insights and data for business analytics. For instance, it could help us gain insights into change management—if a particular server impacts another and that server is supported by yet another server, we could glean significant insights for change management meetings.
Read full review
report
See which vendors are best for you
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
See recommendations
885,311 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
25%
Manufacturing Company
11%
Computer Software Company
9%
Government
5%
Computer Software Company
10%
Financial Services Firm
9%
Manufacturing Company
8%
Retailer
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business1
Midsize Enterprise3
Large Enterprise6
No data available
 

Questions from the Community

What do you like most about JFrog Xray?
JFrog Xray shows us a list of vulnerabilities that can impact our code.
See all answers
What needs improvement with JFrog Xray?
I would assess the integration of JFrog Xray with CI/CD tools as the weak point. You have two means to do that: one is using the API, or the other is using the command line from JFrog. That part is...
See all answers
What is your primary use case for JFrog Xray?
For JFrog Xray product, you can use it for two main goals: compliance and security. You can use it to check if your licenses are compliant, and you can check if your dependencies you want to use ar...
See all answers
What is your experience regarding pricing and costs for XM Cyber?
My experience with pricing, setup cost, and licensing was that we have a large, complicated estate, and in the licensing discussions, we were keen not to have the cost balloon because of the compli...
See all answers
What needs improvement with XM Cyber?
The roadmap is a disadvantage because this kind of technology should incorporate AI. At the moment, we don't have any modules with AI. They could improve support because when we need to create a su...
See all answers
What is your primary use case for XM Cyber?
My major use case for XM Cyber is managing the services in our company, Prosegur Iberia, for Spain and Portugal. We develop and work together with XM Cyber technicians to develop use cases and anal...
See all answers
 

Comparisons

Trivy vs JFrog Xray Logo
Trivy vs JFrog Xray
Compared 10% of the time
Black Duck SCA vs JFrog Xray Logo
Black Duck SCA vs JFrog Xray
Compared 7% of the time
Sonatype Lifecycle vs JFrog Xray Logo
Sonatype Lifecycle vs JFrog Xray
Compared 6% of the time
Snyk vs JFrog Xray Logo
Snyk vs JFrog Xray
Compared 5% of the time
Wiz vs JFrog Xray Logo
Wiz vs JFrog Xray
Compared 5% of the time
More JFrog Xray Competitors
Pentera vs XM Cyber Logo
Pentera vs XM Cyber
Compared 10% of the time
Cymulate vs XM Cyber Logo
Cymulate vs XM Cyber
Compared 9% of the time
Wiz vs XM Cyber Logo
Wiz vs XM Cyber
Compared 8% of the time
Microsoft Security Exposure Management vs XM Cyber Logo
Microsoft Security Exposure Management vs XM Cyber
Compared 6% of the time
AttackIQ vs XM Cyber Logo
AttackIQ vs XM Cyber
Compared 5% of the time
More XM Cyber Competitors
 

Product Reports

Buyer's Guide
JFrog Xray
March 2026
JFrog Xray reportDownload JFrog Xray product report
Buyer's Guide
XM Cyber
March 2026
XM Cyber reportDownload XM Cyber product report
 

Also Known As

JFrog Security Essentials
No data available
 

Overview

JFrog is on a mission to enable continuous updates through Liquid Software, empowering developers to code high-quality applications that securely flow to end-users with zero downtime. The world’s top brands such as Amazon, Facebook, Google, Netflix, Uber, VMware, and Spotify are among the 4500 companies that already depend on JFrog to manage binaries for their mission-critical applications. JFrog is a privately-held, global company, and is a proud sponsor of the Cloud Native Computing Foundation [CNCF].

If you are a team player and you care and you play to WIN, we have just the job you're looking for.

As we say at JFrog: "Once You Leap Forward You Won't Go Back!"​

JFrog

XM Cyber is a leading hybrid cloud security company that’s changing the way innovative organizations approach cyber risk. Our attack path management platform continuously uncovers hidden attack paths to your critical assets across cloud and on-prem environments, so you can cut them off at key junctures and eradicate risk with a fraction of the effort. This overcomes the big disconnect that security teams experience when they’re presented with endless alerts, yet can’t see which exposures impact risk the most, how they come together to be exploited by an attacker, or how to efficiently eliminate them. This approach is a complete game-changer, which is why some of the world’s largest, most complex organizations choose XM Cyber to help eradicate risk. Founded by top executives from the Israeli cyber intelligence community, XM Cyber has offices in North America, Europe, and Israel.

XM Cyber
 

Sample Customers

google, amazon, cisco, netflix, oracle, vmware, facebook
Hamburg Port Authority, Plymouth Rock Corporation
Buyer's Guide
JFrog Xray vs. XM Cyber
March 2026
Free Report: JFrog Xray vs. XM Cyber
Find out what your peers are saying about JFrog Xray vs. XM Cyber and other solutions. Updated: March 2026.
DOWNLOAD NOW
885,311 professionals have used our research since 2012.
See our JFrog Xray vs. XM Cyber report.
See our list of best Vulnerability Management vendors.

We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.