Try our new research platform with insights from 80,000+ expert users

Sonatype Repository Firewall vs Tenable.io Web Application Scanning comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 8, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Sonatype Repository Firewall
Ranking in Application Security Tools
31st
Average Rating
8.2
Reviews Sentiment
7.0
Number of Reviews
4
Ranking in other categories
Software Composition Analysis (SCA) (15th)
Tenable.io Web Application ...
Ranking in Application Security Tools
19th
Average Rating
7.8
Reviews Sentiment
6.7
Number of Reviews
17
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2025, in the Application Security Tools category, the mindshare of Sonatype Repository Firewall is 0.5%, up from 0.3% compared to the previous year. The mindshare of Tenable.io Web Application Scanning is 1.3%, down from 1.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools
 

Featured Reviews

Ashish Shukla - PeerSpot reviewer
You will get clean code every time, and that's a great achievement
For the QA team, it's a really good tool. For those who are not on the QA team, it is also a good tool to use for SDL in the SDLC. It plays a very critical role of doing the automatic quality check recommendation. Meaning, when using this tool, people can easily rectify the issues in the environment itself, instead of going to a higher environment and identifying them. This tool is quite easy to use and learn. We decided that there was no need to hire anyone new who would specialize in this. We had a team of about five to ten people who learned how to use this tool. There are some other automation tools like Jenkins, for example, that require a lot of effort to configure and write out the code, but you do not need to do such for this tool. I thought outside of the box and saw that there are many options available to us when using this tool. The plugins are there, you can download and use the tool at ease and you do not need to do any kind of development. Overall, it’s quite easy to use.
Harshal Deshmukh - PeerSpot reviewer
Simple tool to use, good dashboard capabilities and offers asset criticality ratings
It has good dashboard capabilities and gives good results with priority ratings, asset criticality ratings, and exposure scores for vulnerabilities. It also provides automated web application scanning, which customers appreciate because it doesn't disturb the web application or hamper the business. While testing the web application, sometimes it happens that the website or application goes down. But with Tenable.io Web Application Scanning, it doesn't affect the business. It has good unified web application scanning and exposure management.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Another thing that I like about Sonatype is that if you download something today, and five days from today it becomes vulnerable, it will notify you."
"The customer service is fantastic."
"The firewall is the only solution that supports Nexus Repository."
"The product's network and intrusion protection features are valuable. It also has rules and compliance features for security."
"All the features are valuable to us as they offer cutting-edge scanning methods and address the latest issues with a contemporary approach. Tenable.io Web Application Scanning is highly stable. I rate it a nine out ten. Since the solution works on the Cloud, it's highly scalable. I rate the scalability a nine out of ten. The setup of the solution is straightforward. The Return on Investment is substantial. I recommend the solution to all."
"It is fully automated."
"Tenable.io Web Application Scanning provides a detailed report, identifying functions that are complex and need to be more maintainable and readable."
"Tenable provides the end analysis results covering all the published vulnerabilities and information on the market."
"Our customers adopt this solution because of the replication testing and the vulnerability assessment it can do. It is a multi-faceted product."
"We can get detailed information about vulnerabilities."
"Now that the license is centralized, it's a significant feature to manipulate assets based on their functions."
"We use the tool for our websites. We have a vulnerable subdomain. The tool helps to scan it for vulnerabilities."
 

Cons

"The tool needs to improve its file systems. The product should also include zero test feature."
"There are several features lacking in the current offering, particularly concerning container support and AI packages."
"There are several features lacking in the current offering, particularly concerning container support and AI packages, like humming phase support."
"What I don't like is the lack of an option to pick up the phone and call someone for support. That is something they need to improve on. They need to have a professional services package, or they need to include that option with their services."
"The solution's dashboards could be improved and made more user-friendly."
"They have a general dashboard for web application scanning, but the dashboards and reporting can be improved. They probably have some features in their roadmap."
"It isn't easy to manage vulnerabilities in Tenable."
"The report customization needs to be better."
"It would be great if there were a dashboard that is more user-friendly."
"Sometimes it lags with different cloud environments."
"The technical support needs improvement. Currently, it takes time, which might be due to the free version, but providing some level of support could encourage future purchase decisions."
"The market is standard for vulnerability scanning, however, the posture can be improved through Tenable's prioritization engine."
 

Pricing and Cost Advice

"The pricing is reasonable if you're a large enterprise developing code. It's not super-expensive."
"The pricing is okay."
"The price of the solution is reasonable compared to the competitors. The license cost is based on the number of users and the annual usage."
"I rate the product's pricing a four out of ten."
"It follows the same licensing scheme as Tenable.io and Tenable. sc."
"The application is extremely affordable. There are no additional costs involved with licensing. We switched to Tenable.io Web Application Scanning from other solutions due to pricing."
"Tenable.io Web Application Scanning is expensive for small businesses."
"For Tenable.io Web Application Scanning, it comes to around 6,50,000 Indian rupees, plus taxes."
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
861,803 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
24%
Government
11%
Insurance Company
11%
University
8%
Financial Services Firm
14%
Computer Software Company
13%
Government
10%
Retailer
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is your experience regarding pricing and costs for Sonatype Nexus Firewall?
Also, I consider it average. Some people might consider it expensive, however, since it supports many beautiful features, I would say it is worth it.
What is your primary use case for Sonatype Nexus Firewall?
Many companies, including ours, use Nexus Repository due to concerns about malware and critical vulnerabilities. There should be a specific method to prevent malicious packages from entering the in...
What advice do you have for others considering Sonatype Nexus Firewall?
I would give the solution eight out of ten. I would look at the comparison of Sonatype to some other firewalls. There is room for improvement, especially mentioning container support and AI packages.
What do you like most about Tenable.io Web Application Scanning?
The most effective feature of the product is the ability to scan the entire environment.
What needs improvement with Tenable.io Web Application Scanning?
Improvements could include providing coverage reports in the free version and features related to security reports. Also, enhancing technical support would be beneficial as there is room for improv...
What advice do you have for others considering Tenable.io Web Application Scanning?
I would recommend Tenable.io Web Application Scanning as it provides us with good reports, which help improve our code base, despite the lack of financial benefits. Overall, I would rate it seven o...
 

Also Known As

Sonatype Nexus Firewall, Nexus Firewall
No data available
 

Overview

 

Sample Customers

EDF, Tomitribe, Crosskey, Blackboard, Travel audience
IMDEX
Find out what your peers are saying about Sonatype Repository Firewall vs. Tenable.io Web Application Scanning and other solutions. Updated: July 2025.
861,803 professionals have used our research since 2012.