Try our new research platform with insights from 80,000+ expert users

FOSSA vs JFrog Xray comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Nov 5, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Room For Improvement

Sentiment score
4.5
FOSSA needs better distribution acknowledgments, snippet matching, security scanning, project organization, and improved triage, documentation, and usability.
Sentiment score
4.8
JFrog Xray needs improvements in documentation, UI, reporting, performance, vulnerability management, integration, APIs, and troubleshooting support.
X-ray needs improvement in supporting more than one database, as it currently only supports PostgreSQL.
 

Customer Service

No sentiment score available
Sentiment score
7.0
JFrog Xray's customer service receives mixed reviews, with varying satisfaction in support response times and account manager interactions.
When we need clarifications, we contact our account manager, and they arrange demos.
 

Scalability Issues

No sentiment score available
Sentiment score
7.4
JFrog Xray is viewed as scalable, accommodating growth plans, despite some PostgreSQL constraints, and rates scalability 7-8/10.
 

Stability Issues

No sentiment score available
Sentiment score
8.2
JFrog Xray is praised for stability and performance, though its provided PostgreSQL is considered unstable, needing enterprise support.
 

Valuable Features

No sentiment score available
Sentiment score
8.0
JFrog Xray efficiently blocks vulnerabilities with policy watches, integrates with Artifactory, and excels in scanning and license compliance.
The most valuable features of JFrog Xray are its curation capabilities, its native integration with Artifactory, scanning for vulnerabilities, and license compliance features.
 

Categories and Ranking

FOSSA
Ranking in Software Composition Analysis (SCA)
10th
Average Rating
8.6
Reviews Sentiment
7.9
Number of Reviews
15
Ranking in other categories
No ranking in other categories
JFrog Xray
Ranking in Software Composition Analysis (SCA)
6th
Average Rating
8.0
Reviews Sentiment
7.1
Number of Reviews
8
Ranking in other categories
Vulnerability Management (22nd), Container Security (19th), Software Supply Chain Security (3rd)
 

Mindshare comparison

As of November 2024, in the Software Composition Analysis (SCA) category, the mindshare of FOSSA is 3.7%, down from 4.5% compared to the previous year. The mindshare of JFrog Xray is 10.1%, up from 9.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Software Composition Analysis (SCA)
 

Featured Reviews

Hanumanth Ramsetty - PeerSpot reviewer
Proactively mitigate deployment vulnerabilities with seamless dependency tracking
Before using FOSSA, we could only identify issues after deployment in the Cloud Run. Now, with FOSSA, we identify dependency issues or vulnerabilities during the CI phase itself. This proactive approach has eliminated the need to search the internet for solutions, as FOSSA provides updated recommendations automatically. This has made the process more efficient and mitigated risks before deployment.
Mokshi Pandita - PeerSpot reviewer
An intelligent solution that prioritizes which vulnerability to target first in your project
We could create any number of repositories, but we can create only thirty projects with JFrog Xray. If I want things to work, it has to be one project and multiple repositories that belong to different real projects. So I have a limitation of thirty projects, despite being a premium customer. JFrog Xray does not have a dashboard. Although I am able to generate reports, there is no proper dashboard where I can see the total number of vulnerabilities, the total number of license issues, and how many vulnerabilities are fixed. Second, I found the shift left approach missing with JFrog Xray. JFrog Xray has integration with IDEs, but it does not tell you about the vulnerabilities until the artifact is created. However, Snyk could directly integrate with your repository and would not allow you to build unless you fix the problem.
report
Use our free recommendation engine to learn which Software Composition Analysis (SCA) solutions are best for your needs.
816,406 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
28%
Computer Software Company
15%
Financial Services Firm
13%
Healthcare Company
6%
Financial Services Firm
24%
Manufacturing Company
15%
Computer Software Company
13%
Healthcare Company
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about FOSSA?
I am impressed with the tool’s seamless integration and quick results.
What is your experience regarding pricing and costs for FOSSA?
The solution's pricing is good and reasonable because you can literally use a lot of it for free. You have to pay for the features you need, which I think is fair. If you want to get value for free...
What needs improvement with FOSSA?
FOSSA does not show the exact line of code with vulnerabilities, which adds time to the process as we have to locate these manually. Some other tools like Check Point or SonarQube provide exact lin...
What do you like most about JFrog Xray?
JFrog Xray shows us a list of vulnerabilities that can impact our code.
What needs improvement with JFrog Xray?
There is a tool called DefectDojo for reporting. Reporting is crucial, but it is lacking in the current tool. Every organization seeks specific data points rather than general information. Therefor...
What is your primary use case for JFrog Xray?
We use this solution to identify vulnerabilities in the dependency file. We have the Artifactory package which integrates with Xray-like plugins. We can automatically plug this tool into Xray to co...
 

Comparisons

 

Also Known As

No data available
JFrog Security Essentials
 

Learn More

Video not available
 

Overview

 

Sample Customers

AppDyanmic, Uber, Twitter, Zendesk, Confluent
google, amazon, cisco, netflix, oracle, vmware, facebook
Find out what your peers are saying about FOSSA vs. JFrog Xray and other solutions. Updated: October 2024.
816,406 professionals have used our research since 2012.