We performed a comparison between GitHub and Sonatype Repository Firewall based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The Projects Tab, which shows you the todo list and the progress for projects, is very helpful."
"The initial setup was easy."
"GitHub provides good time reduction and this is what I value the most."
"The control is the most valuable feature as developers can work on a single code."
"GitHub is good for collaboration because everyone can access it or we can restrict access to a few users. If I upload a file and share the URL, it's not restricted to a set number of users. Everyone with the link can download the files."
"GitHub's version control is valuable."
"If you want to share documents, you can create articles and diagrams with GitHub and share."
"The most valuable features of GitHub are the ease of integration into Microsoft Azure DevOps. The process that you need to deploy into Microsoft Azure becomes fairly simple and the templates are already available, a lot of the engineers find it easier to use."
"Another thing that I like about Sonatype is that if you download something today, and five days from today it becomes vulnerable, it will notify you."
"The product's network and intrusion protection features are valuable. It also has rules and compliance features for security."
"The project management sector really needs some improvement for GitHub. I don't know if GitHub made sense for me as a project manager."
"The support team needs to have a well-defined SLA model since it is an area where the tool currently has some shortcomings."
"The merging features can be improved."
"The solution needs some more controls for deleting code."
"The only thing I see missing in GitHub is that it isn't very user friendly for key personnel who don't have in-depth, technical knowledge. In Jira, there are many functions to upload our test cases, and in GitHub we can only do it manually. There are functions which can be used to upload different files, but that still requires some technical knowledge. A layman cannot do it."
"I would like to see more security where a plugin was available for us to update in relation to security."
"If it had all of the end-to-end integration, then we probably wouldn't have any doubts about what we have installed. However, at this point, we're still trying to figure out how to use it end-to-end."
"The initial setup requires heavy documentation which can be challenging for new developers."
"The tool needs to improve its file systems. The product should also include zero test feature."
"What I don't like is the lack of an option to pick up the phone and call someone for support. That is something they need to improve on. They need to have a professional services package, or they need to include that option with their services."
GitHub is ranked 9th in Application Security Tools with 74 reviews while Sonatype Repository Firewall is ranked 35th in Application Security Tools with 3 reviews. GitHub is rated 8.6, while Sonatype Repository Firewall is rated 8.4. The top reviewer of GitHub writes "Beneficial version control and continuous integration, but guides would be helpful". On the other hand, the top reviewer of Sonatype Repository Firewall writes "You will get clean code every time, and that's a great achievement". GitHub is most compared with Snyk, AWS CodeCommit, Fortify on Demand, Bitbucket and Bitbucket Server, whereas Sonatype Repository Firewall is most compared with JFrog Xray, Cisco Secure Firewall, Black Duck, Sonatype Lifecycle and Veracode. See our GitHub vs. Sonatype Repository Firewall report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.