• Home
  • CoreOS Clair vs. JFrog Xray

CoreOS Clair vs JFrog Xray comparison

Cancel
You must select at least 2 products to compare!
SentinelOne Logo
SentinelOne Singularity Cloud Security
Read 77 SentinelOne Singularity Cloud Security reviews
1,647 views|542 comparisons
98% willing to recommend
Red Hat Logo
CoreOS Clair
Read 1 CoreOS Clair review
697 views|552 comparisons
100% willing to recommend
JFrog Logo
JFrog Xray
Read 7 JFrog Xray reviews
2,370 views|1,784 comparisons
100% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Container Security
June 2024
Executive Summary

We performed a comparison between CoreOS Clair and JFrog Xray based on real PeerSpot user reviews.

Find out what your peers are saying about Palo Alto Networks, Wiz, Microsoft and others in Container Security.
To learn more, read our detailed Container Security Report (Updated: June 2024).
Download the complete report
772,679 professionals have used our research since 2012.
Featured Review
Ritesh P.
It's more scalable and flexible than our previous solution because we don't need to install any agents
Before PingSafe, we couldn't identify all of the hidden vulnerabilities on the endpoints. A manual approach was insufficient because we weren't... Read more →
Anonymous User
Excellent detection accuracy
Narendra-Singh
Useful dependencies hierarchy view and scales well
JFrog Xray has helped us improve our architecture.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Cloud Native Security offers attack path analysis.""The most valuable features of PingSafe are the asset inventory and issue indexing.""The real-time detection and response capabilities overall are great.""I did a lot of research before signing up and doing the demo. They have a good reputation as far as catching threats early on.""We use the infrastructure as code scanning, which is good.""The tool identifies issues quickly.""The solution helped free other staff to work on other projects or other tasks. We basically just had to do a bunch of upfront configuring. With it, we do not have to spend as much time in the console.""We liked the search bar in PingSafe. It is a global search. We were able to get some insights from there."

More SentinelOne Singularity Cloud Security Pros →

"CoreOS Clair's best feature is detection accuracy."

More CoreOS Clair Pros →

"The most valuable feature of JFrog Xray is the display of the entire internal dependencies hierarchy.""I would say that this solution has helped our organization by allowing us to automate a lot of the processes.""If multiple dependencies and vulnerabilities are found in a project, JFrog Xray is intelligent enough to tell you which vulnerability to target first.""The solution is stable and reliable.""JFrog Xray shows us a list of vulnerabilities that can impact our code.""Good reporting functionalities.""JFrog Xray's reporting feature has a lot of options in it, including scanning."

More JFrog Xray Pros →

Cons
"Maybe container runtime security could be improved.""When we get a new finding from PingSafe, I wish we could get an alert in the console, so we can work on it before we see it in the report. It would be very useful for the team that is actively working on the PingSafe platform, so we can close the issue the same day before it appears in the daily report.""We are experiencing problems with Cloud Native Security reporting.""Some of the navigation and some aspects of the portal may be a little bit confusing.""In some cases, the rules are strictly enforced but do not align with real-world use cases.""The could improve their mean time to detect.""One of our use cases was setting up a firewall for our endpoints, specifically for our remote users... We were hoping to utilize SentinelOne's firewall capabilities, but there were limitations on how many URLs we could implement. Because of those limitations on the number of URLs, we weren't able to utilize that feature in the way we had hoped to.""Cloud Native Security's reporting could be better. We are unable to see which images are impacted. Several thousand images have been deployed, so if we can see some application-specific information in the dashboard, we can directly send that report to the team that owns the application. We'd also like the option to download the report from the portal instead of waiting for the report to be sent to our email."

More SentinelOne Singularity Cloud Security Cons →

"An area for improvement is that CoreOS Clair doesn't provide information about the location of vulnerabilities it detects."

More CoreOS Clair Cons →

"JFrog Xray's documentation and error logging could be improved.""Lacks deeper reporting, the ability to compare things.""Since we have been using the solution via APIs, there are some limitations in the APIs.""The speed of JFrog Xray should improve. Other solutions have better performance.""I think that the user interface should be expanded to provide customers with a better dashboard for reviewing their feedback regarding their images and the vulnerabilities that are associated with the images.""Reporting is crucial, but it is lacking in the current tool. Every organization seeks specific data points rather than general information. Therefore, we require customized reports from the Xray tool.""JFrog Xray does not have a dashboard."

More JFrog Xray Cons →

Pricing and Cost Advice
  • "As a partner, we receive a discount on the licenses."
  • "It's a fair price for what you get. We are happy with the price as it stands."
  • "I wasn't sure what to expect from the pricing, but I was pleasantly surprised to find that it was a little less than I thought."
  • "Singularity Cloud Workload Security's pricing is good."
  • "Singularity Cloud Workload Security's licensing and price were cheaper than the other solutions we looked at."
  • "I understand that SentinelOne is a market leader, but the bill we received was astronomical."
  • "It's not expensive. The product is in its initial growth stages and appears more competitive compared to others. It comes in different variants, and I believe the enterprise version costs around $55 per user per year. I would rate it a five, somewhere fairly moderate."
  • "The pricing is fair. It is not inexpensive, and it is also not expensive. When managing a large organization, it is going to be costly, but it meets the business needs. In terms of what is out there on the market, it is fair and comparable to what I have seen, so I do not have any complaints about the cost"

    • More SentinelOne Singularity Cloud Security Pricing and Cost Advice →

  • "CoreOS Clair is open-source and free of charge."

    • More CoreOS Clair Pricing and Cost Advice →

    Information Not Available
    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Container Security solutions are best for your needs.
    See Recommendations
    772,679 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about PingSafe?
    Top Answer:The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best… more »
    Read all 44 answers   →
    What is your experience regarding pricing and costs for PingSafe?
    Top Answer:I'm not aware of the exact pricing.
    Read all 31 answers   →
    What needs improvement with PingSafe?
    Top Answer:When I joined my organization, I saw that PingSafe was already implemented. I started to use the tool's alerting… more »
    Read all 44 answers   →
    What do you like most about CoreOS Clair?
    Top Answer:CoreOS Clair's best feature is detection accuracy.
    What is your experience regarding pricing and costs for CoreOS Clair?
    Top Answer:CoreOS Clair is open-source and free of charge.
    What needs improvement with CoreOS Clair?
    Top Answer:An area for improvement is that CoreOS Clair doesn't provide information about the location of vulnerabilities it… more »
    What do you like most about JFrog Xray?
    Top Answer:JFrog Xray shows us a list of vulnerabilities that can impact our code.
    Read all 5 answers   →
    What needs improvement with JFrog Xray?
    Top Answer:There is a tool called DefectDojo for reporting. Reporting is crucial, but it is lacking in the current tool. Every… more »
    Read all 5 answers   →
    What is your primary use case for JFrog Xray?
    Top Answer:We use this solution to identify vulnerabilities in the dependency file. We have the Artifactory package which… more »
    Read all 5 answers   →
    Comparisons
    Also Known As
    PingSafe
    JFrog Security Essentials
    Learn More
    SentinelOne
    Red Hat
    JFrog
    Overview

    Singularity Cloud Security is SentinelOne’s comprehensive, cloud-native application protection platform (CNAPP). It combines the best of agentless insights with AI-powered threat protection, to secure and protect your multi-cloud infrastructure, services, and containers from build time to runtime. SentinelOne’s CNAPP applies an attacker’s mindset to help security practitioners better prioritize their  remediation tasks with evidence-backed Verified Exploit Paths™. The efficient and scalable runtime protection, proven over 5 years and trusted by many of the world’s leading cloud enterprises, harnesses local, autonomous AI engines to detect and thwart runtime threats in real-time. CNAPP data and workload telemetry is recorded to SentinelOne’s unified security lake, for easy access and investigation.

    Singularity Cloud Security includes both agentless and AI-powered cloud security controls, which represent two halves of our strategy to keep public cloud and container environments safe. Radically reduce your cloud attack surface with Singularity Cloud Native Security, formerly PingSafe, with agentless insights and evidence-based prioritization; protect runtime compute and container with Singularity Cloud Workload Security, SentinelOne’s real-time CWPP, with AI-powered machine-speed blocking of threats.

    Clair is an open source project for the static analysis of vulnerabilities in appc and docker containers.

    Vulnerability data is continuously imported from a known set of sources and correlated with the indexed contents of container images in order to produce lists of vulnerabilities that threaten a container. When vulnerability data changes upstream, the previous state and new state of the vulnerability along with the images they affect can be sent via webhook to a configured endpoint. All major components can be customized programmatically at compile-time without forking the project.

    JFrog is on a mission to enable continuous updates through Liquid Software, empowering developers to code high-quality applications that securely flow to end-users with zero downtime. The world’s top brands such as Amazon, Facebook, Google, Netflix, Uber, VMware, and Spotify are among the 4500 companies that already depend on JFrog to manage binaries for their mission-critical applications. JFrog is a privately-held, global company, and is a proud sponsor of the Cloud Native Computing Foundation [CNCF].

    If you are a team player and you care and you play to WIN, we have just the job you're looking for.

    As we say at JFrog: "Once You Leap Forward You Won't Go Back!"​

    Sample Customers
    Information Not Available
    eBay, Veritas, Verizon, SalesForce
    google, amazon, cisco, netflix, oracle, vmware, facebook
    Top Industries
    REVIEWERS
    Computer Software Company27%
    Construction Company13%
    Financial Services Firm10%
    Insurance Company8%
    VISITORS READING REVIEWS
    Computer Software Company21%
    Financial Services Firm15%
    Manufacturing Company10%
    Insurance Company4%
    VISITORS READING REVIEWS
    Financial Services Firm19%
    Computer Software Company14%
    Manufacturing Company14%
    Government7%
    VISITORS READING REVIEWS
    Financial Services Firm24%
    Manufacturing Company15%
    Computer Software Company12%
    Insurance Company5%
    Company Size
    REVIEWERS
    Small Business39%
    Midsize Enterprise20%
    Large Enterprise41%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise13%
    Large Enterprise61%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise9%
    Large Enterprise74%
    REVIEWERS
    Midsize Enterprise29%
    Large Enterprise71%
    VISITORS READING REVIEWS
    Small Business14%
    Midsize Enterprise10%
    Large Enterprise76%
    Buyer's Guide
    Container Security
    June 2024
    Download Free Report
    Find out what your peers are saying about Palo Alto Networks, Wiz, Microsoft and others in Container Security. Updated: June 2024.
    DOWNLOAD NOW
    772,679 professionals have used our research since 2012.

    CoreOS Clair is ranked 26th in Container Security with 1 review while JFrog Xray is ranked 19th in Container Security with 7 reviews. CoreOS Clair is rated 8.0, while JFrog Xray is rated 8.2. The top reviewer of CoreOS Clair writes "Excellent detection accuracy". On the other hand, the top reviewer of JFrog Xray writes "An intelligent solution that prioritizes which vulnerability to target first in your project". CoreOS Clair is most compared with Red Hat Advanced Cluster Security for Kubernetes, Snyk, Prisma Cloud by Palo Alto Networks, Aqua Cloud Security Platform and Qualys VMDR, whereas JFrog Xray is most compared with Black Duck, Snyk, Mend.io and Veracode.

    See our list of best Container Security vendors.

    We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.