Cisco Secure Firewall stands as a robust and adaptable security solution, catering to organizations of all sizes. It's designed to shield networks from a diverse array of cyber threats, such as ransomware, malware, and phishing attacks. Beyond mere protection, it also offers secure access to corporate resources, beneficial for employees, partners, and customers alike. One of its key functions includes network segmentation, which serves to isolate critical assets and minimize the risk of lateral movement within the network.
Cisco devices are for sure costly and budget could be an important constrain on selecting them as our security solution.
I have to admit that the price is high. But I think it's worth it if the stability of your solution counts for you.
Cisco devices are for sure costly and budget could be an important constrain on selecting them as our security solution.
I have to admit that the price is high. But I think it's worth it if the stability of your solution counts for you.
SonarQube is a self-managed open-source platform that helps developers create code devoid of quality and vulnerability issues. By integrating seamlessly with the top DevOps platforms in the Continuous Integration (CI) pipeline, SonarQube continuously inspects projects across multiple programming languages, providing immediate status feedback while coding. SonarQube’s quality gates become part of your release pipeline, displaying pass/fail results for new code based on quality profiles you customize to your company standards. Following Sonar’s Clean as You Code methodology guarantees that only software of the highest quality makes it to production.
This product is open source and very convenient.
This is open source.
This product is open source and very convenient.
This is open source.
Veracode is a leading application security platform that helps organizations to develop and deliver secure software. Veracode's solution provides comprehensive capabilities for static analysis, dynamic analysis, software composition analysis, and manual penetration testing.
Its complexity makes it quite expensive, but it’s all worth it, with all the engineering in the background.
The pricing is pretty high.
Its complexity makes it quite expensive, but it’s all worth it, with all the engineering in the background.
The pricing is pretty high.
Checkmarx is a highly accurate and flexible static code analysis product that allows organizations to automatically scan uncompiled code and identify hundreds of security vulnerabilities in all major coding languages and software frameworks. Checkmarx is available as a standalone product and can be effectively integrated into the software development lifecycle (SDLC) to streamline vulnerability detection and remediation. Checkmarx is trusted by leading organizations such as SAP, Samsung, and Salesforce.com.
The pricing is competitive and provides a lower TCO (total cost of ownership) for achieving application security.
I believe pricing is better compared to other commercial tools.
The pricing is competitive and provides a lower TCO (total cost of ownership) for achieving application security.
I believe pricing is better compared to other commercial tools.
Users have expressed satisfaction with various aspects, highlighting its quality, functionality, and value for money. They appreciate its user-friendly interface and the convenience it offers.
Additionally, users have praised the prompt and helpful customer support provided. Some users have also mentioned the product's durability and reliability.
I think that we pay approximately $100 USD per month.
The price is okay.
I think that we pay approximately $100 USD per month.
The price is okay.
Snyk is a user-friendly security solution that enables users to safely develop and use open source code. Users can create automatic scans that allow them to keep a close eye on their code and prevent bad actors from exploiting vulnerabilities. This enables users to find and remove vulnerabilities soon after they appear.
We do have some missing licenses issues, especially with non-SPDX compliant one, but we expect this to be fixed soon
You can get a good deal with Snyk for pricing. It's a little expensive, but it is worth it.
We do have some missing licenses issues, especially with non-SPDX compliant one, but we expect this to be fixed soon
You can get a good deal with Snyk for pricing. It's a little expensive, but it is worth it.
Black Duck is a comprehensive solution for managing security, license compliance, and code quality risks that come from the use of open source in applications and containers. Named a leader in software composition analysis (SCA) by Forrester, Black Duck gives you unmatched visibility into third-party code, enabling you to control it across your software supply chain and throughout the application life cycle.
Depending on the use case, the cost could range from $10,000 USD to $70,000 USD.
The price is quite high because the behavior of the software during the scan is similar to competing products.
Depending on the use case, the cost could range from $10,000 USD to $70,000 USD.
The price is quite high because the behavior of the software during the scan is similar to competing products.
Sonatype Lifecycle is an open-source security and dependency management software that uses only one tool to automatically find open-source vulnerabilities at every stage of the System Development Life Cycle (SDLC). Users can now minimize security vulnerabilities, permitting organizations to enhance development workflow. Sonatype Lifecycle gives the user complete control over their software supply chain, allowing them to regain wasted time fighting risks in the SDLC. In addition, this software unifies the ability to define rules, actions, and policies that work best for your organizations and teams.
Its pricing is competitive within the market. It's not very cheap, it's not very expensive.
We're pretty happy with the price, for what it is delivering for us and the value we're getting from it.
Its pricing is competitive within the market. It's not very cheap, it's not very expensive.
We're pretty happy with the price, for what it is delivering for us and the value we're getting from it.
Mend.io is a software composition analysis tool that secures what developers create. The solution provides an automated reduction of the software attack surface, reduces developer burdens, and accelerates app delivery. Mend.io provides open-source analysis with its in-house and other multiple sources of software vulnerabilities. In addition, the solution offers license and policy violation alerts, has great pipeline integration, and, since it is a SaaS (software as a service), it doesn’t require you to physically maintain servers or data centers for any implementation. Not only does Mend.io reduce enterprise application security risk, it also helps developers meet deadlines faster.
We are paying a lot of money to use WhiteSource. In our company, it is not easy to argue that it is worth the price.
The version that we are using, WhiteSource Bolt, is a free integration with Azure DevOps.
We are paying a lot of money to use WhiteSource. In our company, it is not easy to argue that it is worth the price.
The version that we are using, WhiteSource Bolt, is a free integration with Azure DevOps.
IBM Security AppScan enhances web application security and mobile application security, improves application security program management and strengthens regulatory compliance. By scanning your web and mobile applications prior to deployment, AppScan enables you to identify security vulnerabilities and generate reports and fix recommendations.
AppScan is a little bit expensive. IBM needs to work a little bit on the pricing model, decreasing the license cost.
With the features, that they offer, and the support, they offer, AppScan pricing is on a higher level.
AppScan is a little bit expensive. IBM needs to work a little bit on the pricing model, decreasing the license cost.
With the features, that they offer, and the support, they offer, AppScan pricing is on a higher level.
JFrog is on a mission to enable continuous updates through Liquid Software, empowering developers to code high-quality applications that securely flow to end-users with zero downtime. The world’s top brands such as Amazon, Facebook, Google, Netflix, Uber, VMware, and Spotify are among the 4500 companies that already depend on JFrog to manage binaries for their mission-critical applications. JFrog is a privately-held, global company, and is a proud sponsor of the Cloud Native Computing Foundation [CNCF].
The private repositories are free, which is very good.
It is open-source. There is no license for GitHub.
The private repositories are free, which is very good.
It is open-source. There is no license for GitHub.
Some of the world’s leading companies use Waratek to patch, secure and upgrade their mission critical applications. Waratek is a pioneer in the next generation of application security solutions. Using patented technology, Waratek makes it easy for security teams to instantly patch known flaws with no downtime, protect their applications from known and Zero Day attacks, and virtually upgrade out-of-support Java applications – all without time consuming and expensive source code changes or unacceptable performance overhead.