We performed a comparison between GitLab and Sonatype Nexus Firewall based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Result: Based on the parameters we compared, Sonatype Nexus Firewall came out ahead of GitLab. Although both products have valuable features and can be estimated as high-end solutions, our reviewers found that GitLab's complexity is its main drawback, which some users find overwhelming and difficult to navigate.
"I like that you can use GitLab as a double-sided solution for both DevOps and version management. It's a good product for working in these two areas, and the user interface makes it easy to understand."
"The important feature is the entire process of versioning source code maintenance and easy deployment. It is a necessity for the CI/CD pipeline."
"GitLab's best features are continuous integration and fast deployment."
"We like that we can create branches and then the branches can be reviewed and you can mesh those branches back. You can independently work with your own branch, you don't need to really control the core of other people."
"Git hosting has an integration with ACD which is why we liked this solution in the first place."
"I have had no problem with the stability of the solution."
"The solution's most valuable feature is that it is compatible with GitHub. The product's integration capabilities are sufficient for our small company of 35 people."
"The most valuable feature of GitLab is the automatic merging of code."
"The product's network and intrusion protection features are valuable. It also has rules and compliance features for security."
"Another thing that I like about Sonatype is that if you download something today, and five days from today it becomes vulnerable, it will notify you."
"We would like to have easier tutorials. Their tutorials are too technical for a user to understand. They should be more detailed but less technical."
"Perhaps the integration could be better."
"We'd like to see better integration with the Atlassian ecosystem."
"Merge conflicts and repository maintenance could improve. If there is someone new to the system they would not know if there is a conflict."
"It would be better if there weren't any outages. There are occasions where we usually see a lot of outages using GitLab. It happens at least once a week or something like that. Whatever pipelines you're running, to check the logs, you need to have a different set of tools like Argus or something like that. If you have pipelines running on GitLab, you need a separate service deployed to view the logs, which is kind of a pain. If the logs can be used conveniently on GitLab, that would be definitely helpful. I'm not talking about the CI/CD pipelines but the back-end services and microservices deployed over GitLab. To view the logs for those microservices, you need to have separate log viewers, which is kind of a pain."
"I believe there's room for improvement in the advanced features, particularly in enhancing the pipeline functionalities."
"I would like to have some features to support peer review."
"It could have more security integrations and the ability to check the vulnerability of the code. I don't think it is a responsibility of Gitlab, but it would be nice to have more options to integrate with."
"What I don't like is the lack of an option to pick up the phone and call someone for support. That is something they need to improve on. They need to have a professional services package, or they need to include that option with their services."
"The tool needs to improve its file systems. The product should also include zero test feature."
GitLab is ranked 7th in Application Security Tools with 70 reviews while Sonatype Repository Firewall is ranked 34th in Application Security Tools with 3 reviews. GitLab is rated 8.6, while Sonatype Repository Firewall is rated 8.4. The top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". On the other hand, the top reviewer of Sonatype Repository Firewall writes "You will get clean code every time, and that's a great achievement". GitLab is most compared with Microsoft Azure DevOps, SonarQube, Bamboo, AWS CodePipeline and Tekton, whereas Sonatype Repository Firewall is most compared with JFrog Xray, Cisco Secure Firewall, Black Duck, GitHub and Snyk. See our GitLab vs. Sonatype Repository Firewall report.
See our list of best Application Security Tools vendors and best Software Composition Analysis (SCA) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.