FOSSA vs. Sonatype Vulnerability Scanner

FOSSA

2 Reviews and Ratings

Sonatype Vulnerability Scanner

Sonatype Vulnerability Scanner

1 Reviews and Ratings

Overview
Product	Rating	Most Used By	Product Summary	Starting Price
FOSSA	Score 2.0 out of 10	N/A	FOSSA is a software composition analysis tool that continuously scans for open-source components and tracks dependencies and license compliance.	N/A
Sonatype Vulnerability Scanner	Score 9.1 out of 10	N/A	Sonatype Vulnerability Scanner (formerly DepShield) discovers vulnerability among open source components and code in an application. It is available free and open source.	$0

Pricing

FOSSA

Sonatype Vulnerability Scanner

Editions & Modules

No answers on this topic

No answers on this topic

Offerings

Pricing Offerings
FOSSA	Sonatype Vulnerability Scanner
Free Trial
No	Yes
Free/Freemium Version
No	Yes
Premium Consulting/Integration Services
No	No

Entry-level Setup Fee

No setup fee

No setup fee

Additional Details

—

—

More Pricing Information

Community Pulse
	FOSSA	Sonatype Vulnerability Scanner
Top Pros	Pro Automated emails	No answers on this topic

Best Alternatives
	FOSSA	Sonatype Vulnerability Scanner
Small Businesses	No answers on this topic	No answers on this topic
Medium-sized Companies	Veracode Score 8.5 out of 10	Veracode Score 8.5 out of 10
Enterprises	Veracode Score 8.5 out of 10	Veracode Score 8.5 out of 10
All Alternatives	View all alternatives	View all alternatives

User Ratings
	FOSSA	Sonatype Vulnerability Scanner
Likelihood to Recommend	5.0 (1 ratings)	9.1 (1 ratings)
Support Rating	10.0 (1 ratings)	- (0 ratings)

User Testimonials
	FOSSA	Sonatype Vulnerability Scanner
Likelihood to Recommend	FOSSA The only issue we have had is sometimes the web app is too slow, and that causes issues with us wanting to continue to use FOSSA over going with another tool. That is the only problem. I noticed it happened more recently, but if that is solved now or will be solved, I would 100% recommend this tool to anyone! Incentivized Verified User Anonymous Read full review	Sonatype Well suited for organizations with small application security team as the solution scales and is easy for devs to use. The only choice if you develop in Java as their data is the most accurate. Incentivized Verified User Anonymous Read full review
Pros	FOSSA Setup of tool. Speed of scans. Automated emails with reports. Incentivized Verified User Anonymous Read full review	Sonatype No answers on this topic
Cons	FOSSA Interface for loading results can be slow, this is the #1 issue we have faced. Speed of scans could be improved. Incentivized Verified User Anonymous Read full review	Sonatype No answers on this topic
Support Rating	FOSSA Never needed support but the chat and help seem forefront of the app! Incentivized Verified User Anonymous Read full review	Sonatype No answers on this topic
Alternatives Considered	FOSSA BlackDuck and Synk Incentivized Verified User Anonymous Read full review	Sonatype No answers on this topic
Return on Investment	FOSSA Hard to measure the ROI, but no doubt having licenses be above board is fantastic for protection of your software. Caused developers to make more informed decisions. Incentivized Verified User Anonymous Read full review	Sonatype No answers on this topic
ScreenShots