We performed a comparison between GitLab and Sonatype Nexus Firewall based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Result: Based on the parameters we compared, Sonatype Nexus Firewall came out ahead of GitLab. Although both products have valuable features and can be estimated as high-end solutions, our reviewers found that GitLab's complexity is its main drawback, which some users find overwhelming and difficult to navigate.
"This is a scalable solution. We had around 200 users working with it."
"CI/CD is very good. The version control system is also good. These are the two features that we use."
"We have seen a couple of merge requests or pull requests raised in GitLab. I see the interface, the way it shows the difference between the two source codes, that it is easy for anyone to do the review and then accept the request; the pull request is the valuable feature."
"The important feature is the entire process of versioning source code maintenance and easy deployment. It is a necessity for the CI/CD pipeline."
"It speeds up our development, it's faster, safer, and more convenient."
"We use the Git repository and tagging feature. We are a product-based company and use this solution to move to a forward or backward tag."
"It is very useful for reviews. We are using branch merging operations and full reset operations. It is also very useful for merging our code and tracking another branch. The graph diagrams of Git are very useful. Its interface is straightforward and not too complex for us."
"The tool helps to integrate CI/CD pipeline deployments. It is very easy to learn. Its security model is good."
"Another thing that I like about Sonatype is that if you download something today, and five days from today it becomes vulnerable, it will notify you."
"The product's network and intrusion protection features are valuable. It also has rules and compliance features for security."
"I'm new to GitLab, so I would appreciate more documentation about the code and commands."
"GitLab's Windows version is yet not available and having this would be an improvement."
"There was a problem with the build environment when we were looking at developing iOS applications. iOS build require Mac machines and there are no Mac machines provided by GitLab in their cloud. So to build for mobile iOS application, we needed to use our own Mac machine within our own infrastructure. If GitLab were to provide a feature such that an iOS application could also be built through GitLab directly, that would be great."
"Expand features to match other tools such as a static code analysis tool so third-party integrations are not required."
"I would like to have some features to support peer review."
"I would like configuration of a YML file to be done via UI rather than a code file."
"GitLab would be improved with the addition of templates for deployment on local PCs."
"The only thing our company is really waiting on in terms of features is the development of metrics."
"What I don't like is the lack of an option to pick up the phone and call someone for support. That is something they need to improve on. They need to have a professional services package, or they need to include that option with their services."
"The tool needs to improve its file systems. The product should also include zero test feature."
GitLab is ranked 6th in Application Security Tools with 70 reviews while Sonatype Repository Firewall is ranked 35th in Application Security Tools with 3 reviews. GitLab is rated 8.6, while Sonatype Repository Firewall is rated 8.4. The top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". On the other hand, the top reviewer of Sonatype Repository Firewall writes "You will get clean code every time, and that's a great achievement". GitLab is most compared with Microsoft Azure DevOps, SonarQube, Bamboo, AWS CodePipeline and Tekton, whereas Sonatype Repository Firewall is most compared with JFrog Xray, Cisco Secure Firewall, Black Duck, GitHub and Snyk. See our GitLab vs. Sonatype Repository Firewall report.
See our list of best Application Security Tools vendors and best Software Composition Analysis (SCA) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.