Try our new research platform with insights from 80,000+ expert users

CAST Highlight vs JFrog Xray comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Nov 5, 2024
 

Categories and Ranking

CAST Highlight
Ranking in Software Composition Analysis (SCA)
9th
Average Rating
8.0
Reviews Sentiment
7.2
Number of Reviews
6
Ranking in other categories
No ranking in other categories
JFrog Xray
Ranking in Software Composition Analysis (SCA)
6th
Average Rating
8.2
Number of Reviews
7
Ranking in other categories
Vulnerability Management (22nd), Container Security (19th), Software Supply Chain Security (3rd)
 

Mindshare comparison

As of November 2024, in the Software Composition Analysis (SCA) category, the mindshare of CAST Highlight is 1.0%, up from 0.8% compared to the previous year. The mindshare of JFrog Xray is 10.1%, up from 9.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Software Composition Analysis (SCA)
 

Featured Reviews

Chris Van Poele - PeerSpot reviewer
Jul 30, 2024
Offers efficient portfolio management through enhanced application insights
I have used CAST Highlight in combination with application portfolio management, application lifecycle management, going cloud-ready, and other applications. My main occupation involves software completion analysis and working with various solutions like firewalls and storage One of the…
Mokshi Pandita - PeerSpot reviewer
Jun 1, 2023
An intelligent solution that prioritizes which vulnerability to target first in your project
We could create any number of repositories, but we can create only thirty projects with JFrog Xray. If I want things to work, it has to be one project and multiple repositories that belong to different real projects. So I have a limitation of thirty projects, despite being a premium customer. JFrog Xray does not have a dashboard. Although I am able to generate reports, there is no proper dashboard where I can see the total number of vulnerabilities, the total number of license issues, and how many vulnerabilities are fixed. Second, I found the shift left approach missing with JFrog Xray. JFrog Xray has integration with IDEs, but it does not tell you about the vulnerabilities until the artifact is created. However, Snyk could directly integrate with your repository and would not allow you to build unless you fix the problem.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It offers good performance."
"CAST Highlight is easy to use and has a good dashboard."
"The most valuable features of the CAST Highlight are the interface and there are three notations that are very simple to understand and communicate with."
"The way it tells you which codebase is more ready for the cloud and which codebase is less ready is very valuable. It works seamlessly with most languages."
"The most valuable features of CAST Highlight are automation and speed."
"CAST Highlight provides a clear overview of the role portfolio and allows users to assess the overall quality of the environment. Users can see where improvements are needed and follow up on trends of the application."
"The solution is stable and reliable."
"The most valuable feature of JFrog Xray is the display of the entire internal dependencies hierarchy."
"Good reporting functionalities."
"JFrog Xray shows us a list of vulnerabilities that can impact our code."
"If multiple dependencies and vulnerabilities are found in a project, JFrog Xray is intelligent enough to tell you which vulnerability to target first."
"JFrog Xray's reporting feature has a lot of options in it, including scanning."
"I would say that this solution has helped our organization by allowing us to automate a lot of the processes."
 

Cons

"The ease of configuration and customization could be improved in CAST Highlight."
"Its price should be better. It is a pretty costly tool. They have two products: CAST Highlight and CAST AIP. I would expect CAST Highlight to have the Help dashboard and the Engineering dashboard. These dashboards are currently a part of CAST AIP, and if these are made available in CAST Highlight, customers won't have to use two different products all the time."
"There could be potential improvements or additional features added to CAST Highlight to make it better."
"There's a bit of a learning curve at the outset."
"CAST Highlight could improve to allow us to comment and do a deep analysis by ourselves."
"The reports that describe the issues of concern are rather abstract and the issues should be more clearly described to the user."
"JFrog Xray does not have a dashboard."
"JFrog Xray's documentation and error logging could be improved."
"Reporting is crucial, but it is lacking in the current tool. Every organization seeks specific data points rather than general information. Therefore, we require customized reports from the Xray tool."
"I think that the user interface should be expanded to provide customers with a better dashboard for reviewing their feedback regarding their images and the vulnerabilities that are associated with the images."
"The speed of JFrog Xray should improve. Other solutions have better performance."
"Since we have been using the solution via APIs, there are some limitations in the APIs."
"Lacks deeper reporting, the ability to compare things."
 

Pricing and Cost Advice

"CAST Highlight is an expensive solution."
"Basic support is included with the standard licensing feed but it can be upgraded for an additional cost."
"It is a pretty costly tool. A lot of customers are resistant to using it."
"CAST Highlight is an expensive solution. However, CAST Highlight is less expensive than the CAST AIP, but it remains too expensive and the professional services from CAST are also too expensive. The high price is part of the problem with the CAST solutions."
Information not available
report
Use our free recommendation engine to learn which Software Composition Analysis (SCA) solutions are best for your needs.
814,649 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
21%
Computer Software Company
18%
Insurance Company
10%
Manufacturing Company
9%
Financial Services Firm
24%
Manufacturing Company
15%
Computer Software Company
13%
Government
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about CAST Highlight?
The most valuable features of CAST Highlight are automation and speed.
What is your experience regarding pricing and costs for CAST Highlight?
CAST Highlight is an expensive solution. On a scale from one to ten, where one is cheap, and ten is expensive, I rate the solution's pricing an eight or nine out of ten.
What needs improvement with CAST Highlight?
The ease of configuration and customization could be improved in CAST Highlight.
What do you like most about JFrog Xray?
JFrog Xray shows us a list of vulnerabilities that can impact our code.
What needs improvement with JFrog Xray?
There is a tool called DefectDojo for reporting. Reporting is crucial, but it is lacking in the current tool. Every organization seeks specific data points rather than general information. Therefor...
What is your primary use case for JFrog Xray?
We use this solution to identify vulnerabilities in the dependency file. We have the Artifactory package which integrates with Xray-like plugins. We can automatically plug this tool into Xray to co...
 

Comparisons

 

Also Known As

No data available
JFrog Security Essentials
 

Learn More

 

Overview

 

Sample Customers

Wells Fargo, Bank of NY Mellon, Northern Trust, Microsoft, Amazon, IBM, BMW, AT&T, US Army, US Air Force, US Navy, John Hancock, Marsh & McLennan, Ernst & Young, PwC, Volkswagen, Boston Consulting Group, London Stock Exchange, Telefonica, Saur France, Total Energies France, SNCF
google, amazon, cisco, netflix, oracle, vmware, facebook
Find out what your peers are saying about CAST Highlight vs. JFrog Xray and other solutions. Updated: October 2024.
814,649 professionals have used our research since 2012.