We performed a comparison between GitLab and JFrog Xray based on real PeerSpot user reviews.
Find out in this report how the two Software Composition Analysis (SCA) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Everything is easy to configure and easy to work with."
"The solution is stable."
"The solution's most valuable feature is that it is compatible with GitHub. The product's integration capabilities are sufficient for our small company of 35 people."
"CI/CD and GitLab scanning are the most valuable features."
"It is scalable."
"GitLab is being used as a repository for our codebase and it is a one stop DevOps tool we use in our team."
"I have found the most valuable feature is security control. I also like the branching and cloning software."
"GitLab is a solution for source code management, container registry, pipelines, testing, and deployment."
"If multiple dependencies and vulnerabilities are found in a project, JFrog Xray is intelligent enough to tell you which vulnerability to target first."
"JFrog Xray shows us a list of vulnerabilities that can impact our code."
"I would say that this solution has helped our organization by allowing us to automate a lot of the processes."
"The most valuable feature of JFrog Xray is the display of the entire internal dependencies hierarchy."
"The solution is stable and reliable."
"JFrog Xray's reporting feature has a lot of options in it, including scanning."
"Good reporting functionalities."
"This solution could be improved by adding modifications such as slack notifications."
"We'd always like to see better pricing on the product."
"We'd like to see better integration with the Atlassian ecosystem."
"The solution does not have many built-in functions or variables so scripting is required."
"The solution could improve by providing more integration into the CI/CD pipeline, an autocomplete search tool, and more supporting documentation."
"We would like to generate document pages from the sources."
"I rate the support from GitLab a four out of five."
"I would like more Agile features in the Premium version. The Premium version should have all Agile features that exist in the Ultimate version. IBM AOM has a complete Agile implementation, but in GitLab, you only have these features if you buy the Ultimate version. It would be good if we can use these in the Premium version."
"The speed of JFrog Xray should improve. Other solutions have better performance."
"I think that the user interface should be expanded to provide customers with a better dashboard for reviewing their feedback regarding their images and the vulnerabilities that are associated with the images."
"JFrog Xray does not have a dashboard."
"JFrog Xray's documentation and error logging could be improved."
"Reporting is crucial, but it is lacking in the current tool. Every organization seeks specific data points rather than general information. Therefore, we require customized reports from the Xray tool."
"Lacks deeper reporting, the ability to compare things."
"Since we have been using the solution via APIs, there are some limitations in the APIs."
GitLab is ranked 6th in Software Composition Analysis (SCA) with 70 reviews while JFrog Xray is ranked 7th in Software Composition Analysis (SCA) with 7 reviews. GitLab is rated 8.6, while JFrog Xray is rated 8.2. The top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". On the other hand, the top reviewer of JFrog Xray writes "An intelligent solution that prioritizes which vulnerability to target first in your project". GitLab is most compared with Microsoft Azure DevOps, Bamboo, SonarQube, AWS CodePipeline and Tekton, whereas JFrog Xray is most compared with Black Duck, Snyk, Mend.io, Veracode and Amazon Inspector. See our GitLab vs. JFrog Xray report.
See our list of best Software Composition Analysis (SCA) vendors.
We monitor all Software Composition Analysis (SCA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.