Black Duck Software Composition Analysis (SCA) vs. NGINX

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Black Duck Software Composition Analysis (SCA)
Score 10.0 out of 10
N/A
Black Duck is a software composition analysis tool acquired and now supported by Synopsys since 2017.N/A
NGINX
Score 9.1 out of 10
Enterprise companies (1,001+ employees)
NGINX, a business unit of F5 Networks, powers over 65% of the world's busiest websites and web applications. NGINX started out as an open source web server and reverse proxy, built to be faster and more efficient than Apache. Over the years, NGINX has built a suite of infrastructure software products o tackle some of the biggest challenges in managing high-transaction applications. NGINX offers a suite of products to form the core of what organizations need to create…N/A
Pricing
Black Duck Software Composition Analysis (SCA)NGINX
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Black Duck Software Composition Analysis (SCA)NGINX
Free Trial
NoYes
Free/Freemium Version
NoYes
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeOptionalOptional
Additional DetailsContact the Synopsys Software Integrity Group (SIG) Sales team at https://www.synopsys.com/software-integrity/contact-sales.html for more detailed pricing information.
More Pricing Information
Community Pulse
Black Duck Software Composition Analysis (SCA)NGINX
Considered Both Products
Black Duck Software Composition Analysis (SCA)
Chose Black Duck Software Composition Analysis (SCA)
Black Duck is an obvious choice, with its versatility, integration, best enterprise support and on top of the list the knowledge base Black Duck has.

Vega or Grabber also scans the application and tells about vulnerabilities. But it can never be compared with the feature set of …
Chose Black Duck Software Composition Analysis (SCA)
Black Duck had similar capabilities to other vendors in the industry but where they come out on top is their extensive catalog of known open source in their knowledge base.
NGINX
Chose NGINX
Evolution and coupling with F5

Evolución y acople con F5
Chose NGINX
HAProxy Community Edition, HAProxy Enterprise and NGINX Ingress Controller
Chose NGINX
We chose NGINX because, in our experience, NGINX is a Better product and does its core role
Chose NGINX
All of those are paid solutions with very good features, but they also offer dedicated scenarios for web application hosting. If you run applications on on-premises web servers and don't have a Microsoft licence agreement, Nginx is a very good and reliable option, based on …
Chose NGINX
NGINX its part of Modular Solution and can be used integrated with XC and BIG IP
Chose NGINX
In our organization, we use different solutions depending on if the database is on premise or in the cloud. We went from multiple solutions across different departments towards a more consolidated model to achieve standardization and economies of scale. We’ve mainly moved …
Chose NGINX
Apache AGE, Azure Front Door and F5 Distributed Cloud API Security
Chose NGINX
NGINX is more expensive than HA Proxy.
Chose NGINX
The support and ability to provide near zero downtime for changes is a winner. The lightweight engine also helps reduce cost.
Chose NGINX
Apache HTTP Server, Apache Tomcat and Microsoft IIS
Chose NGINX
Easy to Install and configure.
Pick the configuration dynamically without restarting
All the configurations at one place
Chose NGINX
NGINX is faster to deploy and it has minimal setup needs for our POCs over Apache Tomcat
Chose NGINX
How does it compare? We use Apache ATP server and we also use Tom Cat also owned by Apache, but both Apache, ATP, and MKA. They are relatively older than GX and so they're one problem for Apache and MKA they need more power, more memory, and more space.
Chose NGINX
NGINX have higher market share which obviously show to us it is the preferred choice of most of the customers. Both of platform competes in the Web and Application server areas, but due the security features of NGINX be more flexible this in my opinion makes more sense.
Chose NGINX
It is like comparing a formula 1 car against a regular street car in terms of performance or installation simplicity
Chose NGINX
Apache is a market leader but NGINX is new and has new features. Lightweight and can handle static requests. We use EC2 and I believe NGINX is more suited when it comes to scalability.
Chose NGINX
Imperva Web Application Firewall (WAF)
Features
Black Duck Software Composition Analysis (SCA)NGINX
Application Servers
Comparison of Application Servers features of Product A and Product B
Black Duck Software Composition Analysis (SCA)
-
Ratings
NGINX
8.8
Ratings
10% above category average
IDE support00 Ratings8.10 Ratings
Security management00 Ratings8.60 Ratings
Administration and management00 Ratings8.90 Ratings
Application server performance00 Ratings9.10 Ratings
Installation00 Ratings9.10 Ratings
Open-source standards compliance00 Ratings9.00 Ratings
Best Alternatives
Black Duck Software Composition Analysis (SCA)NGINX
Small Businesses

No answers on this topic

Apache HTTP Server
Apache HTTP Server
Score 9.1 out of 10
Medium-sized Companies
Veracode
Veracode
Score 8.7 out of 10
Apache Tomcat
Apache Tomcat
Score 7.9 out of 10
Enterprises
Veracode
Veracode
Score 8.7 out of 10
Apache Tomcat
Apache Tomcat
Score 7.9 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
Black Duck Software Composition Analysis (SCA)NGINX
Likelihood to Recommend
10.0
(0 ratings)
9.3
(0 ratings)
Likelihood to Renew
-
(0 ratings)
9.0
(0 ratings)
Usability
8.0
(0 ratings)
8.3
(0 ratings)
Support Rating
8.2
(0 ratings)
8.0
(0 ratings)
Implementation Rating
-
(0 ratings)
8.0
(0 ratings)
User Testimonials
Black Duck Software Composition Analysis (SCA)NGINX
Likelihood to Recommend
If you are using a lot of open-source libraries, which is most likely, this is a must-have to ensure no known vulnerabilities slip into production
Read full review
[NGINX] is very well suited for high performance. I have seen it used on servers with 1k current connections with no issues. Despite seeing it used in many environments I've never seen software developers use it over apache, express, IIS in local dev environments so it may be more difficult to setup. I've also seen it used to load balance again without issues.
Read full review
Pros
  • Vulnerability scans
  • Tracking of the problem
  • Alerting
Read full review
  • Straight-forward configuration format that users of all skill levels can learn, and yet is powerful enough for the huge breadth of features that Nginx provides.
  • Massive scale right out the box. We've never had a Nginx instance overwhelmed by requests, and if we did it would be trivial to spin up more Nginx instances to handle the load.
  • SSL termination means that we can deliver content over HTTPS without needing our individual services to require TLS support. This saves us a lot of time and headache while keeping us secure.
  • Nginx is open-source and free, meaning that anyone can use it to power their services, from individual projects to billion-dollar websites.
Read full review
Cons
  • Very slow.
  • Bad UX.
  • Outdated design.
  • Too expensive.
Read full review
  • Customer support can be strangely condescending, perhaps it's a language issue?
  • I find it a little weird how the release versions used for Nginx+ aren't the same as for open source version. It can be very confusing to determine the cross-compatibility of modules, etc., because of this.
  • It seems like some (most?) modules on their own site are ancient and no longer supported, so their documentation in this area needs work.
  • It's difficult to navigate between nginx.com commercial site and customer support. They need to be integrated together.
  • I'd love to see more work done on nginx+ monitoring without requiring logging every request. I understand that many statistics can only be derived from logs, but plenty should work without that. Logging is not an option in many environments.
Read full review
Likelihood to Renew
No answers on this topic
Great value for the product
Read full review
Usability
If you don’t know how to scan for the language, it isn’t entirely user friendly
Read full review
This tool is really easy to use and configure. Consumes very less system resources. It is highly modular and configurable. You can easily use it with other tools like certbot for SSLs. You can configure basic security with configuration and headers
Read full review
Support Rating
I have a very strong reason for the very best rating. Usually, Black Duck support is quick enough and they continuously keep me updated about the status if some issue is taking time for them to resolve. Overall, I am happy with the response I get from t customer care. I was planning an upgrade and I ran into an issue as the migrated Postgres database does not get identified by the new version of the hub. And all the projects, scans and the huge amount of work we put in comments under version are all lost. I immediately opened a case in the Black Duck customer portal. And in no time, I get a message back from the support for a quick WebEx session. And support was able to help me and my weekend was saved. Thank you for the quick support Black Duck. Appreciate it. I also have some questions on using Black Duck in an optimal way. I get helpful replies quick enough.
Read full review
Community support is great, and they've also had a presence at conferences. Overall, there is no shortage of documentation and community support. We're currently using it to serve up some WordPress sites, and configuring NGINX for this purpose is well documented.
Read full review
Alternatives Considered
Black Duck is an obvious choice, with its versatility, integration, best enterprise support and on top of the list the knowledge base Black Duck has. Vega or Grabber also scans the application and tells about vulnerabilities. But it can never be compared with the feature set of Black Duck. Black Duck can also generate reports.
Read full review
All of those are paid solutions with very good features, but they also offer dedicated scenarios for web application hosting. If you run applications on on-premises web servers and don't have a Microsoft licence agreement, Nginx is a very good and reliable option, based on Linux distributions and available as freeware.
Read full review
Return on Investment
  • It is hard to measure ROI since Black Duck Hub saves us from costly legal battles that have thankfully never had to happen.
Read full review
  • Our websites are noticeably faster, causing an increase in customer satisfaction.
  • Nginx has such a low memory/resource footprint that we save money from not needing multiple large, expensive servers.
  • Ability to load balance traffic, have server-redundancy, and have high-availability allows for 100% uptime and provides cost-effective solutions to alternatives that can cost a lot.
Read full review
ScreenShots

Black Duck Software Composition Analysis (SCA) Screenshots

Screenshot of Black Duck helps you find and fix your highest-priority vulnerabilitiesScreenshot of Use Black Duck to comply with open source license obligations and to verify compliance with all open source license  termsScreenshot of Black Duck automatically creates tickets in your activity tracking applications like Jira for both policy violations and vulnerabilitiesScreenshot of Black Duck's vulnerability ImpactAnalysis indicates whether a vulnerability is actually being called by your applicationScreenshot of The Black Duck security advisory gives the information you need to address security risks and make the fixScreenshot of Black Duck generates a Bill of Materials which gives you a complete and detailed inventory of all open source identified in your codebase

NGINX Screenshots

Screenshot of Overview of the NGINX Application PlatformScreenshot of NGINX Controller - MonitoringScreenshot of NGINX Controller - Configuration