We performed a comparison between GitLab and Sonatype Nexus Firewall based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Result: Based on the parameters we compared, Sonatype Nexus Firewall came out ahead of GitLab. Although both products have valuable features and can be estimated as high-end solutions, our reviewers found that GitLab's complexity is its main drawback, which some users find overwhelming and difficult to navigate.
"The solution makes the CI/CD pipelines easy to execute."
"Git hosting has an integration with ACD which is why we liked this solution in the first place."
"GitLab is a solution for source code management, container registry, pipelines, testing, and deployment."
"GitLab is kind of an image of GitHub, so it gives us the flexibility to monitor our changes in the repos."
"We're only using the basic features of GitLab and haven't used any advanced features. The solution works fine, so that's what we like about GitLab. We're party using GitHub and GitLab. We have a GitHub server, while we use GitLab locally or only within our team, and it works okay. We don't have any significant problems with the solution. We also found the straightforward setup, stability, and scalability of GitLab valuable."
"The solution's most valuable feature is that it is compatible with GitHub. The product's integration capabilities are sufficient for our small company of 35 people."
"The most valuable feature of GitLab is the automatic merging of code."
"It is a speedy platform compared to the others I have used. I have also enjoyed using the platform as this solution offers a good user experience."
"Another thing that I like about Sonatype is that if you download something today, and five days from today it becomes vulnerable, it will notify you."
"The product's network and intrusion protection features are valuable. It also has rules and compliance features for security."
"We are having a few problems integrating with Jira at the moment, which is something that our IT department is investigating."
"GitLab can improve the integration with third-party applications. It could be made easier. Additionally, having API control from my application could be helpful."
"I rate the support from GitLab a four out of five."
"GitLab's UI could be improved."
"I would like to have some features to support peer review."
"GitLab could improve by having more plugins and better user-friendliness."
"The solution could improve by providing more integration into the CI/CD pipeline, an autocomplete search tool, and more supporting documentation."
"GitLab could add a plugin to integrate with Kubernetes stuff."
"The tool needs to improve its file systems. The product should also include zero test feature."
"What I don't like is the lack of an option to pick up the phone and call someone for support. That is something they need to improve on. They need to have a professional services package, or they need to include that option with their services."
GitLab is ranked 6th in Application Security Tools with 70 reviews while Sonatype Repository Firewall is ranked 35th in Application Security Tools with 3 reviews. GitLab is rated 8.6, while Sonatype Repository Firewall is rated 8.4. The top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". On the other hand, the top reviewer of Sonatype Repository Firewall writes "You will get clean code every time, and that's a great achievement". GitLab is most compared with Microsoft Azure DevOps, SonarQube, Bamboo, AWS CodePipeline and Tekton, whereas Sonatype Repository Firewall is most compared with JFrog Xray, Cisco Secure Firewall, Black Duck, GitHub and Snyk. See our GitLab vs. Sonatype Repository Firewall report.
See our list of best Application Security Tools vendors and best Software Composition Analysis (SCA) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.