I'm using this solution for scanning artifacts related to the Jfrog Artifactory. I'm scanning them, checking licenses and things like that. I'm a DevOps engineer intern and we are customers of JFrog.
DevOps Engineer Intern at University of Nebraska at Omaha
Stable, scalable and offers great reporting functionalities
Pros and Cons
- "Good reporting functionalities."
- "Lacks deeper reporting, the ability to compare things."
What is our primary use case?
What is most valuable?
I would say the reporting functionalities are pretty good as are the policy watches. I like them a lot.
What needs improvement?
I'd like to see deeper reporting, they're pretty basic and there are no categories for comparing things. I'd also like to see an improvement with the documentation, there's not much available on their website.
For how long have I used the solution?
I've been using this solution for a couple of months.
Buyer's Guide
JFrog Xray
August 2025
Learn what your peers think about JFrog Xray. Get advice and tips from experienced pros sharing their opinions. Updated: August 2025.
866,391 professionals have used our research since 2012.
What do I think about the stability of the solution?
This solution is stable.
What do I think about the scalability of the solution?
The solution is scalable.
How was the initial setup?
I wasn't involved in the setup but I heard from my team that they faced some issues although I don't know what they were. We had a great consultant working with us and they solved the problems.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Buyer's Guide
Download our free JFrog Xray Report and get advice and tips from experienced pros
sharing their opinions.
Updated: August 2025
Product Categories
Vulnerability Management Container Security Software Composition Analysis (SCA) Software Supply Chain SecurityPopular Comparisons
Microsoft Defender for Cloud
Prisma Cloud by Palo Alto Networks
GitLab
SentinelOne Singularity Cloud Security
Checkmarx One
Veracode
Qualys VMDR
Tenable Nessus
Tanium
Black Duck
CrowdStrike Falcon Cloud Security
Mend.io
Tenable Vulnerability Management
Buyer's Guide
Download our free JFrog Xray Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- How inadvisable is it to use a single vulnerability analysis tool?
- What are the benefits of continuous scanning for vulnerability management?
- When evaluating Vulnerability Management, what aspect do you think is the most important to look for?
- What is a more effective approach to cyber defense: risk-based vulnerability management or vulnerability assessment?
- What are the main KPIs that need to be implemented to have better posture in vulnerability projects?
- Which is the best vulnerability scanner tool?
- What are your recommended automated penetration testing tools?
- How do you use the MITRE ATT&CK framework for improving enterprise security?
- Can you recommend API for Tenable Connector into ServiceNow
- What penetration testing tool (or tools) do you recommend for SMB/SME?
