We performed a comparison between GitLab and JFrog Xray based on real PeerSpot user reviews.
Find out in this report how the two Software Composition Analysis (SCA) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Key features allow creation of well-presented Wiki that includes ideas, development, and domains."
"I like that it's easy to deploy our services over GitLab. The customer support is also good with a really active community. You have a lot of support that you can get online with your stack. That is probably one of the benefits of using GitLab. It's also really fast."
"Of all available products, it was the easiest to use and easy to install."
"The solution's service delivery model is fantastic."
"It is scalable."
"The tool helps to integrate CI/CD pipeline deployments. It is very easy to learn. Its security model is good."
"For us, Gitlab's most valuable feature is the integration with Cypress. We're using Cypress as an automation tool, so we're using GitLab as a tool for running in parallel."
"We like that we can have an all-encompassing product and don't have to implement different solutions."
"JFrog Xray's reporting feature has a lot of options in it, including scanning."
"JFrog Xray shows us a list of vulnerabilities that can impact our code."
"The most valuable feature of JFrog Xray is the display of the entire internal dependencies hierarchy."
"The solution is stable and reliable."
"I would say that this solution has helped our organization by allowing us to automate a lot of the processes."
"If multiple dependencies and vulnerabilities are found in a project, JFrog Xray is intelligent enough to tell you which vulnerability to target first."
"Good reporting functionalities."
"We are having a few problems integrating with Jira at the moment, which is something that our IT department is investigating."
"We would like to have easier tutorials. Their tutorials are too technical for a user to understand. They should be more detailed but less technical."
"The documentation could be improved to help newcomers better understand things like creating new branches."
"It can be free for commercial use."
"GitLab can improve by integrating with more tools, such as servers with Docker."
"The solution could improve by providing more integration into the CI/CD pipeline, an autocomplete search tool, and more supporting documentation."
"Merge conflicts and repository maintenance could improve. If there is someone new to the system they would not know if there is a conflict."
"There is a need to improve or adopt AI into the ecosystem like a co-pilot, which Microsoft has done with GitHub."
"JFrog Xray's documentation and error logging could be improved."
"Reporting is crucial, but it is lacking in the current tool. Every organization seeks specific data points rather than general information. Therefore, we require customized reports from the Xray tool."
"Since we have been using the solution via APIs, there are some limitations in the APIs."
"Lacks deeper reporting, the ability to compare things."
"JFrog Xray does not have a dashboard."
"The speed of JFrog Xray should improve. Other solutions have better performance."
"I think that the user interface should be expanded to provide customers with a better dashboard for reviewing their feedback regarding their images and the vulnerabilities that are associated with the images."
GitLab is ranked 6th in Software Composition Analysis (SCA) with 70 reviews while JFrog Xray is ranked 7th in Software Composition Analysis (SCA) with 7 reviews. GitLab is rated 8.6, while JFrog Xray is rated 8.2. The top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". On the other hand, the top reviewer of JFrog Xray writes "An intelligent solution that prioritizes which vulnerability to target first in your project". GitLab is most compared with Microsoft Azure DevOps, Bamboo, SonarQube, AWS CodePipeline and Tekton, whereas JFrog Xray is most compared with Black Duck, Snyk, Veracode, Mend.io and Amazon Inspector. See our GitLab vs. JFrog Xray report.
See our list of best Software Composition Analysis (SCA) vendors.
We monitor all Software Composition Analysis (SCA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.