Try our new research platform with insights from 80,000+ expert users

JFrog Xray vs Microsoft Defender Vulnerability Management comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024
 

Categories and Ranking

JFrog Xray
Ranking in Vulnerability Management
24th
Average Rating
8.0
Reviews Sentiment
7.1
Number of Reviews
8
Ranking in other categories
Container Security (20th), Software Composition Analysis (SCA) (6th), Software Supply Chain Security (3rd)
Microsoft Defender Vulnerab...
Ranking in Vulnerability Management
18th
Average Rating
8.4
Reviews Sentiment
7.3
Number of Reviews
7
Ranking in other categories
Advanced Threat Protection (ATP) (22nd), Microsoft Security Suite (24th), Risk-Based Vulnerability Management (7th)
 

Mindshare comparison

As of December 2024, in the Vulnerability Management category, the mindshare of JFrog Xray is 1.1%, up from 0.2% compared to the previous year. The mindshare of Microsoft Defender Vulnerability Management is 3.4%, up from 1.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management
 

Featured Reviews

Mokshi Pandita - PeerSpot reviewer
An intelligent solution that prioritizes which vulnerability to target first in your project
We could create any number of repositories, but we can create only thirty projects with JFrog Xray. If I want things to work, it has to be one project and multiple repositories that belong to different real projects. So I have a limitation of thirty projects, despite being a premium customer. JFrog Xray does not have a dashboard. Although I am able to generate reports, there is no proper dashboard where I can see the total number of vulnerabilities, the total number of license issues, and how many vulnerabilities are fixed. Second, I found the shift left approach missing with JFrog Xray. JFrog Xray has integration with IDEs, but it does not tell you about the vulnerabilities until the artifact is created. However, Snyk could directly integrate with your repository and would not allow you to build unless you fix the problem.
René-SylvainBédard - PeerSpot reviewer
The vulnerability assessment is very accurate because it runs directly into the vulnerability database
I have three years of experience with Microsoft Defender and Office 365 for eleven years. My company operates as a shop for Microsoft products, and we have always stayed with Microsoft. We intend to displace the competition when my company enters a new client environment. I have dealt with customers who were using Carbon Black and SentinelOne. My company's customers switched work from their previous products to Microsoft because the tools they were using were power-hungry solutions, which had an impact on production. Microsoft Office 365's premium licenses have many built-in services, which our customers used to use from some other products. With Microsoft products, there is no need for our company's customers to pay extra for licensing charges. The major difference between Carbon Black and Microsoft Defender Vulnerability Management revolves around areas like stability and integration capabilities within the operating systems, which are strong in Microsoft, especially compared to any of its competitors. The actual depth of knowledge that the platform offers is good because Microsoft has been very rigorous in documenting every single vulnerability that exists for its platform. Microsoft has the most complete list of vulnerabilities for its platform.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"If multiple dependencies and vulnerabilities are found in a project, JFrog Xray is intelligent enough to tell you which vulnerability to target first."
"The most valuable features of JFrog Xray are its curation capabilities, its native integration with Artifactory, scanning for vulnerabilities, and license compliance features."
"The solution is stable and reliable."
"JFrog Xray's reporting feature has a lot of options in it, including scanning."
"I would say that this solution has helped our organization by allowing us to automate a lot of the processes."
"The most valuable feature of JFrog Xray is the display of the entire internal dependencies hierarchy."
"JFrog Xray shows us a list of vulnerabilities that can impact our code."
"The most valuable features of JFrog Xray are its curation capabilities, its native integration with Artifactory, scanning for vulnerabilities, and license compliance features."
"One valuable feature is the Microsoft Security Scorecard."
"The recommendations, scores, and steps to remediate actions are highly useful."
"The solution is highly scalable."
"The solution is up-to-date and helps prevent zero-day attacks."
"The most valuable aspect is the kind of assessment results I get, and the recommendations provided in Microsoft products really help in taking care of the resources."
"The solution helps identify threats and vulnerabilities."
"The product's stability is very high...The scalability of the product is amazing."
"The product’s most valuable features are compliance, recommendations, and inventories."
 

Cons

"JFrog Xray does not have a dashboard."
"Reporting is crucial, but it is lacking in the current tool. Every organization seeks specific data points rather than general information. Therefore, we require customized reports from the Xray tool."
"I think that the user interface should be expanded to provide customers with a better dashboard for reviewing their feedback regarding their images and the vulnerabilities that are associated with the images."
"The speed of JFrog Xray should improve. Other solutions have better performance."
"JFrog Xray's documentation and error logging could be improved."
"Since we have been using the solution via APIs, there are some limitations in the APIs."
"Lacks deeper reporting, the ability to compare things."
"The out-of-the-box PostgreSQL provided is not stable, which is why we are considering enterprise support."
"The technical support takes too much time to resolve tickets."
"Integration can be improved."
"The automated remediations can be more specific."
"It is challenging to extract and customize reports from the system."
"The general support could be improved."
"The setup phase of the product is not that easy and needs a person to have a certain level of expertise."
"The constant changes in the product configuration or the console setup can sometimes be challenging."
 

Pricing and Cost Advice

Information not available
"The tool is a bit costly."
"The product’s pricing is medium."
"I rate the product's price a three on a scale of one to ten, where one is a low price, and ten is a high price."
"The licensing costs are reasonable."
"The licensing model follows a per-user per-month structure."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
824,053 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
24%
Manufacturing Company
14%
Computer Software Company
12%
Government
5%
Computer Software Company
13%
Financial Services Firm
12%
Government
10%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about JFrog Xray?
JFrog Xray shows us a list of vulnerabilities that can impact our code.
What needs improvement with JFrog Xray?
X-ray needs improvement in supporting more than one database, as it currently only supports PostgreSQL. More support during troubleshooting sessions would also be beneficial.
What is your primary use case for JFrog Xray?
Our primary use case for X-ray includes multiple activities such as security and vulnerability scanning. We already use Black Duck for these purposes, and we are evaluating how JFrog Xray can offer...
What is your experience regarding pricing and costs for Microsoft Defender Vulnerability Management?
The licensing costs are reasonable. While the solution is not the cheapest, it is competitively priced and aligns with the industry average. There are no significant additional costs beyond the sta...
What needs improvement with Microsoft Defender Vulnerability Management?
The constant changes in the product configuration or the console setup can sometimes be challenging. They can be disruptive because we need to adjust to these changes, which can interfere with ongo...
 

Also Known As

JFrog Security Essentials
No data available
 

Learn More

 

Overview

 

Sample Customers

google, amazon, cisco, netflix, oracle, vmware, facebook
Information Not Available
Find out what your peers are saying about JFrog Xray vs. Microsoft Defender Vulnerability Management and other solutions. Updated: December 2024.
824,053 professionals have used our research since 2012.