TrustRadius
Overview
ProductRatingMost Used ByProduct SummaryStarting Price
FOSSA
Score 2.0 out of 10
N/A
FOSSA is a software composition analysis tool that continuously scans for open-source components and tracks dependencies and license compliance.N/A
Metasploit
Score 9.0 out of 10
N/A
Metasploit is open source network security software described by Rapid7 as the world’s most used penetration testing framework, designed to help security teams do more than just verify vulnerabilities, manage security assessments, and improve security awareness.N/A
Sonatype Vulnerability Scanner
Score 9.1 out of 10
N/A
Sonatype Vulnerability Scanner (formerly DepShield) discovers vulnerability among open source components and code in an application. It is available free and open source.
$0
Pricing
FOSSAMetasploitSonatype Vulnerability Scanner
Editions & Modules
No answers on this topic
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
FOSSAMetasploitSonatype Vulnerability Scanner
Free Trial
NoNoYes
Free/Freemium Version
NoNoYes
Premium Consulting/Integration Services
NoNoNo
Entry-level Setup FeeNo setup feeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
FOSSAMetasploitSonatype Vulnerability Scanner
Best Alternatives
FOSSAMetasploitSonatype Vulnerability Scanner
Small Businesses

No answers on this topic

No answers on this topic

No answers on this topic

Medium-sized Companies
Veracode
Veracode
Score 8.8 out of 10
Veracode
Veracode
Score 8.8 out of 10
Veracode
Veracode
Score 8.8 out of 10
Enterprises
Veracode
Veracode
Score 8.8 out of 10
Veracode
Veracode
Score 8.8 out of 10
Veracode
Veracode
Score 8.8 out of 10
All AlternativesView all alternativesView all alternativesView all alternatives
User Ratings
FOSSAMetasploitSonatype Vulnerability Scanner
Likelihood to Recommend
5.0
(1 ratings)
10.0
(5 ratings)
9.1
(1 ratings)
Support Rating
10.0
(1 ratings)
7.0
(1 ratings)
-
(0 ratings)
User Testimonials
FOSSAMetasploitSonatype Vulnerability Scanner
Likelihood to Recommend
FOSSA
The only issue we have had is sometimes the web app is too slow, and that causes issues with us wanting to continue to use FOSSA over going with another tool. That is the only problem. I noticed it happened more recently, but if that is solved now or will be solved, I would 100% recommend this tool to anyone!
Verified User
Anonymous
Read full review
Rapid7
It is easy to use with sufficient documentation on how to use the tools for end users or newbies. Experienced testers will find it easy to customise and configure the test cases. Just wished that I could have taken up a course on using this tool in my study days so that I could had explored more and improved my familiarity with the tool, unlike when working where access and time to explore the other features of the tool is limited
Verified User
Anonymous
Read full review
Sonatype
Well suited for organizations with small application security team as the solution scales and is easy for devs to use. The only choice if you develop in Java as their data is the most accurate.
Verified User
Anonymous
Read full review
Pros
FOSSA
  • Setup of tool.
  • Speed of scans.
  • Automated emails with reports.
Verified User
Anonymous
Read full review
Rapid7
  • Easy to use.
  • Many exploits available.
  • Multi-platform.
Omar Israel Sánchez Monroy | TrustRadius Reviewer
Omar Israel Sánchez Monroy
Auditor de Seguridad de la Información
Read full review
Sonatype
No answers on this topic
Cons
FOSSA
  • Interface for loading results can be slow, this is the #1 issue we have faced.
  • Speed of scans could be improved.
Verified User
Anonymous
Read full review
Rapid7
  • More robust menus
  • Better plugin inter-operation
Alan Matson, CCNA:S, MCP | TrustRadius Reviewer
Alan Matson, CCNA:S, MCP
Senior Network Security Engineer
Read full review
Sonatype
No answers on this topic
Support Rating
FOSSA
Never needed support but the chat and help seem forefront of the app!
Verified User
Anonymous
Read full review
Rapid7
We don't use it.
Omar Israel Sánchez Monroy | TrustRadius Reviewer
Omar Israel Sánchez Monroy
Auditor de Seguridad de la Información
Read full review
Sonatype
No answers on this topic
Alternatives Considered
FOSSA
BlackDuck and Synk
Verified User
Anonymous
Read full review
Rapid7
Metasploit is the most well-known tool in the average pen tester's toolkit. It's hard to compare to its neighbor's due to its size and following.
Verified User
Anonymous
Read full review
Sonatype
No answers on this topic
Return on Investment
FOSSA
  • Hard to measure the ROI, but no doubt having licenses be above board is fantastic for protection of your software.
  • Caused developers to make more informed decisions.
Verified User
Anonymous
Read full review
Rapid7
  • Positive: Improves efficiency of our network penetration testing operations.
  • Positive: Allows for collaboration and information sharing during a penetration test.
Verified User
Anonymous
Read full review
Sonatype
No answers on this topic
ScreenShots