Name: Review of FOSSA
Item: FOSSA
Rating: 4.1
Author: Verified Reviewer

Reviewed in Last 12 Months

How Alternatives Are Selected

1. Mend

By Mend.io

4.3

(115 Ratings)

Mend provides a mature platform with extensive coverage across SCA, SAST and container security which has helped improve visibility across our software supply chain. However, customer communication and out-of-date documentation has been a challenge.

Read all insights and reviews for Mend

Where RapidFort Platform Scored Higher

Better at service and support
Easier to integrate and deploy
Better evaluation and contracting

Compare with RapidFort Platform

Add to Compare

2. Veracode

By Veracode

4.2

(17 Ratings)

It does what it says on the tin for supply chain security but it can be of a heavy lift to manage dat to day. Getting it integrated into Pipelines was fine, but we spend way too much time sifting through vuln reports for dev dependencies that dont actually reach production.

Read all insights and reviews for Veracode

Where RapidFort Platform Scored Higher

Better at service and support
Easier to integrate and deploy
Better evaluation and contracting

Compare with RapidFort Platform

Add to Compare

3. Black Duck Software Composition Analysis

By Black Duck

(13 Ratings)

The design of the on-prem version of the platform is a bit dated. It required a considerable amount of the engineering effort to operate the platform.

Read all insights and reviews for Black Duck Software Composition Analysis

Where RapidFort Platform Scored Higher

Better at service and support
Easier to integrate and deploy
Better evaluation and contracting

Compare with RapidFort Platform

Add to Compare

4. Snyk Open Source

By Snyk

4.2

(13 Ratings)

An excellent and highly accurate vulnerability analysis tool for third-party software using SCA, although it should be noted that the CLI still needs improvements to allow for real-time vulnerability monitoring. Additionally, the results and reports management lacks features for efficient results handling, as it currently only allows for individual modifications per result, not global ones.

Automated Translation from Spanish

Read all insights and reviews for Snyk Open Source

Where RapidFort Platform Scored Higher

Better at service and support
Easier to integrate and deploy
Better evaluation and contracting

Compare with RapidFort Platform

Add to Compare

5. Tenable Cloud Security

By Tenable

4.7

(13 Ratings)

My experience has been very positive. The platform offers a comprehensive approach to vulnerability management and cloud security, allowing for rapid risk identification and prioritization of actions based on their impact. It's also important to mention the centralized visibility it provides across different environments, which greatly simplifies monitoring.

Automated Translation from Spanish

Read all insights and reviews for Tenable Cloud Security

Where RapidFort Platform Scored Higher

Better at service and support
Easier to integrate and deploy
Better evaluation and contracting

Compare with RapidFort Platform

Add to Compare

6. Aikido Security

By Aikido Security

4.8

(13 Ratings)

We use many SAASes and I've personally selected and onboarded several of them. It's safe to say I'm by far and away happiest with the choice of Aikido out of all of them. The product is great and does everything we need, but the support is phenomenal, world class and makes it a joy to work with them.

Read all insights and reviews for Aikido Security

Where RapidFort Platform Scored Higher

Better at service and support

Compare with RapidFort Platform

Add to Compare

7. GitLab

By GitLab

4.3

(12 Ratings)

Transitioning to GitLab Ultimate has fundamentally shifted our posture from "reactive patching" to "proactive supply chain security". As an organisation heavily invested in the Google ecosystem, the ability to consolidate source code management, CI/CD and security scanning into a single platform has significantly reduced our operational overhead.

Read all insights and reviews for GitLab

Where RapidFort Platform Scored Higher

Better at service and support
Easier to integrate and deploy
Better evaluation and contracting

Compare with RapidFort Platform

Add to Compare

8. Sonatype Nexus One Platform

By Sonatype

4.5

(11 Ratings)

We have had a very positive experience using Sonatype Nexus IQ as part of our enterprise application security program. The platform has helped us significantly strengthen our open source governance, improve visibility into third party risk, and integrate security controls directly into our DevSecOps pipelines. The policy engine is flexible and allows us to align with internal security standards while enabling development teams to move quickly. Reporting and component intelligence are mature and actionable. Overall, it has become a foundational part of our software supply chain security strategy.

Read all insights and reviews for Sonatype Nexus One Platform

Where RapidFort Platform Scored Higher

Better at service and support
Easier to integrate and deploy

Compare with RapidFort Platform

Add to Compare

Showing Result 1-8 of 34