Try our new research platform with insights from 80,000+ expert users

JFrog Xray vs SUSE NeuVector comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 16, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

SentinelOne Singularity Clo...
Sponsored
Ranking in Container Security
2nd
Average Rating
8.8
Reviews Sentiment
7.9
Number of Reviews
107
Ranking in other categories
Vulnerability Management (6th), Cloud and Data Center Security (5th), Cloud Workload Protection Platforms (CWPP) (4th), Cloud Security Posture Management (CSPM) (3rd), Cloud-Native Application Protection Platforms (CNAPP) (3rd), Compliance Management (3rd)
JFrog Xray
Ranking in Container Security
19th
Average Rating
8.0
Reviews Sentiment
7.1
Number of Reviews
8
Ranking in other categories
Vulnerability Management (25th), Software Composition Analysis (SCA) (6th), Software Supply Chain Security (3rd)
SUSE NeuVector
Ranking in Container Security
21st
Average Rating
7.8
Reviews Sentiment
7.3
Number of Reviews
8
Ranking in other categories
Cloud Workload Protection Platforms (CWPP) (18th)
 

Mindshare comparison

As of March 2025, in the Container Security category, the mindshare of SentinelOne Singularity Cloud Security is 2.1%, up from 1.1% compared to the previous year. The mindshare of JFrog Xray is 4.8%, up from 2.5% compared to the previous year. The mindshare of SUSE NeuVector is 3.4%, down from 4.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Container Security
 

Featured Reviews

Andrew W - PeerSpot reviewer
Tells us about vulnerabilities as well as their impact and helps to focus on real issues
Looking at all the different pieces, it has got everything we need. Some of the pieces we do not even use. For example, we do not have Kubernetes Security. We are not running any K8 clusters, so it is good for us. Overall, we find the solution to be fantastic. There can be additional education components. This may not be truly fair to them because of what the product is going for, but it would be great to see additional education for compliance. It is not a criticism of the tool per se, but anything to help non-development resources understand some of the complexities of the cloud is always appreciated. Any additional educational resources are always helpful for security teams, especially those without a development background.
Mokshi Pandita - PeerSpot reviewer
An intelligent solution that prioritizes which vulnerability to target first in your project
We could create any number of repositories, but we can create only thirty projects with JFrog Xray. If I want things to work, it has to be one project and multiple repositories that belong to different real projects. So I have a limitation of thirty projects, despite being a premium customer. JFrog Xray does not have a dashboard. Although I am able to generate reports, there is no proper dashboard where I can see the total number of vulnerabilities, the total number of license issues, and how many vulnerabilities are fixed. Second, I found the shift left approach missing with JFrog Xray. JFrog Xray has integration with IDEs, but it does not tell you about the vulnerabilities until the artifact is created. However, Snyk could directly integrate with your repository and would not allow you to build unless you fix the problem.
Danie Joubert - PeerSpot reviewer
Good value for money; great for policy management
Our model of deployment for this solution is on-premises. For people looking into this solution and trying to use it for the first time, I'd say make your life easier by using the SUSE product as well on top of your community scale stack. That makes your integration points a lot easier and smoother. I would also say during your initial setup, make sure that your clusters are already in terms of the capabilities with the version required. I would rate this solution an eight, on a scale from one to 10, with one being the worst and 10 being the best. The reason for this rating is that what they offer is solid, but they could expand their service and add more features just to make more things integrated into an enterprise itself.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The agentless vulnerability scanning is great."
"Cloud Native Security offers attack path analysis."
"Cloud Native Security's evidence-based reporting allows us to prioritize issues by understanding their impact, helping us resolve the most important problems first."
"The most valuable features of PingSafe are cloud misconfiguration, Kubernetes, and IaC scanning."
"The mean time to detect has been reduced."
"All the features we use are equal and get the job done."
"Cloud Security has provided a single view to observe all workloads, prioritization for handling cloud assets, and reduced noise by distinguishing false positives effectively."
"PingSafe's integration is smooth. They are highly customer-oriented, and the integration went well for us."
"If multiple dependencies and vulnerabilities are found in a project, JFrog Xray is intelligent enough to tell you which vulnerability to target first."
"JFrog Xray's reporting feature has a lot of options in it, including scanning."
"The most valuable features of JFrog Xray are its curation capabilities, its native integration with Artifactory, scanning for vulnerabilities, and license compliance features."
"I would say that this solution has helped our organization by allowing us to automate a lot of the processes."
"JFrog Xray shows us a list of vulnerabilities that can impact our code."
"The most valuable features of JFrog Xray are its curation capabilities, its native integration with Artifactory, scanning for vulnerabilities, and license compliance features."
"Good reporting functionalities."
"The most valuable feature of JFrog Xray is the display of the entire internal dependencies hierarchy."
"The most valuable feature of SUSE NeuVector is its run-time security."
"The tool's deployment is simple. Also, I am impressed with its risk capabilities."
"The solution includes many features, not only for container and client security but also for scanning nodes, networks, and vulnerabilities."
"The most valuable feature of SUSE NeuVector is the performance, deployment, and cost."
"When it comes to the price, we got a really good deal from the vendor instantly."
"The solution includes many features, not only for container and client security but also for scanning nodes, networks, and vulnerabilities."
"The initial setup is quite good, it's straightforward."
"The features of image scanning and anti-malware are really valuable."
 

Cons

"SentinelOne Singularity Cloud Security has limited legacy system support and may not fully support older operating systems or legacy environments."
"Implementing single sign-on requires a pre-class account feature, which is currently not available."
"One potential drawback is the cost of SentinelOne Singularity Cloud Security, which may be prohibitive for smaller businesses or startups, particularly those in regions with lower average incomes, such as India."
"The Kubernetes scanning on the Oracle Cloud needs to be improved. It's on the roadmap. AWS has this capability, but it's unavailable for Oracle Cloud."
"We don't get any notifications from PingSafe when the clusters are down."
"We are experiencing problems with Cloud Native Security reporting."
"They can add more widgets to its dashboard. A centralized dashboard with numerous metrics would improve user understanding."
"The documentation that I use for the initial setup can be more detailed or written in a more user-friendly language to avoid troubles."
"Reporting is crucial, but it is lacking in the current tool. Every organization seeks specific data points rather than general information. Therefore, we require customized reports from the Xray tool."
"I think that the user interface should be expanded to provide customers with a better dashboard for reviewing their feedback regarding their images and the vulnerabilities that are associated with the images."
"JFrog Xray's documentation and error logging could be improved."
"Lacks deeper reporting, the ability to compare things."
"JFrog Xray does not have a dashboard."
"Since we have been using the solution via APIs, there are some limitations in the APIs."
"The speed of JFrog Xray should improve. Other solutions have better performance."
"The out-of-the-box PostgreSQL provided is not stable, which is why we are considering enterprise support."
"The tool should offer seamless integration of other security tools while in a hybrid environment."
"SUSE NeuVector could improve by increasing its visibility into other elements of the DevSecOps pipeline. Additionally, scanning around infrastructure would be helpful."
"We are also working with IaaS VMS, but NeuVector doesn't support virtual machines."
"However, I found that the support in Egypt was not very qualified, and there was a need to upgrade to a higher support layer to solve my issues."
"I would say that this solution should improve monitoring and reporting. I would also like to see more integrations so that we could essentially make it a part of a developing pipeline."
"Using a node port instead of a cluster IP is less ideal when implementing federation features between two clusters and could be improved."
"The image-scanning features need improvement."
"SUSE NeuVector should provide more security protection rules and better container image scanning."
 

Pricing and Cost Advice

"Its pricing is okay. It is in line with what other providers were providing. It is not cheap. It is not expensive."
"As a partner, we receive a discount on the licenses."
"SentinelOne is relatively cheap. If ten is the most expensive, I would rate it a seven."
"It was reasonable pricing for me."
"I am not involved in the pricing, but it is cost-effective."
"SentinelOne offers excellent pricing and licensing options."
"It's a fair price for what you get. We are happy with the price as it stands."
"It's not expensive. The product is in its initial growth stages and appears more competitive compared to others. It comes in different variants, and I believe the enterprise version costs around $55 per user per year. I would rate it a five, somewhere fairly moderate."
Information not available
"SUSE NeuVector is an open-source solution."
"The solution's pricing could be better. The cost of a subscription is calculated on the basis of work."
"Licensing fees are paid yearly."
"The price of SUSE NeuVector is low. There is an additional cost for support."
report
Use our free recommendation engine to learn which Container Security solutions are best for your needs.
842,651 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
16%
Manufacturing Company
9%
Government
5%
Financial Services Firm
26%
Manufacturing Company
13%
Computer Software Company
12%
Government
5%
Computer Software Company
19%
Financial Services Firm
15%
Manufacturing Company
9%
Government
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about PingSafe?
The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best featu...
What is your experience regarding pricing and costs for PingSafe?
It is cost-effective compared to other solutions in the market.
What needs improvement with PingSafe?
In version 2, a lot of rules have been deployed for Kubernetes security and CDR, which makes a lot of issues of criti...
What do you like most about JFrog Xray?
JFrog Xray shows us a list of vulnerabilities that can impact our code.
What needs improvement with JFrog Xray?
X-ray needs improvement in supporting more than one database, as it currently only supports PostgreSQL. More support ...
What is your primary use case for JFrog Xray?
Our primary use case for X-ray includes multiple activities such as security and vulnerability scanning. We already u...
What do you like most about NeuVector?
The most valuable feature of SUSE NeuVector is its run-time security.
What is your experience regarding pricing and costs for NeuVector?
SUSE NeuVector is an open-source solution. You have to pay for the support.
What needs improvement with NeuVector?
One area for improvement is NeuVector's ability to import CVEs from different sources. Additionally, using a node por...
 

Also Known As

PingSafe
JFrog Security Essentials
NeuVector
 

Overview

 

Sample Customers

Information Not Available
google, amazon, cisco, netflix, oracle, vmware, facebook
Figo, Clear Review, Arvato Bertelsmann, Experian, Chime
Find out what your peers are saying about JFrog Xray vs. SUSE NeuVector and other solutions. Updated: March 2025.
842,651 professionals have used our research since 2012.