---
title: Dependency-Track Reviews
meta_title: 'Dependency-Track Reviews 2026: Details, Pricing, & Features | G2'
meta_description: Filter reviews by the users' company size, role or industry to find
  out how Dependency-Track works for a business like yours.
aggregate_rating:
  rating_value: 4.3
  review_count: 4
  scale: '5'
date_modified: '2026-06-30'
parent_category:
  name: "DevSecOps\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t"
  url: https://www.g2.com/categories/devsecops
---

# Dependency-Track Reviews
**Vendor:** OWASP  
**Category:** [Software Composition Analysis Tools](https://www.g2.com/categories/software-composition-analysis)  
**Average Rating:** 4.3/5.0  
**Total Reviews:** 4
## About Dependency-Track
Dependency-Track is an intelligent Supply Chain Component Analysis platform that allows organizations to identify and reduce risk from the use of third-party and open source components. Dependency-Track takes a unique and highly beneficial approach by leveraging the capabilities of Software Bill of Materials (SBOM). This approach provides capabilities that traditional Software Composition Analysis (SCA) solutions cannot achieve. Dependency-Track monitors component usage across all versions of every application in its portfolio in order to proactively identify risk across an organization. The platform has an API-first design and is ideal for use in Continuous Integration (CI) and Continuous Delivery (CD) environments.



## Dependency-Track Pros & Cons
**What users like:**

- Users appreciate the **neat UI** of Dependency-Track, complemented by helpful side nav bars and illustrative dashboards. (1 reviews)
- Users appreciate the **neat UI and illustrative dashboards** of Dependency-Track, enhancing usability and integrating easily. (1 reviews)
- Users value the **neat UI** of Dependency-Track, finding the dashboards and integrations remarkably helpful for risk management. (1 reviews)
- Users appreciate the **neat UI with side nav bars and illustrative dashboards** , enhancing their overall experience. (1 reviews)

**What users dislike:**

- Users find the **limited cloud integration** frustrating, often needing to copy data to cooperate with teams efficiently. (1 reviews)

## Dependency-Track Reviews
  ### 1. An open source SCA with a Neat GUI but fails short of homerun

**Rating:** 3.0/5.0 stars

**Reviewed by:** Atanu M. | Security Consultant, Enterprise (> 1000 emp.)

**Reviewed Date:** September 29, 2024

**What do you like best about Dependency-Track?**

Its neat UI assisted by side nav bars and illustrative dashboards and tables as required is the best feature followed by ease of integration.

**What do you dislike about Dependency-Track?**

The main shortcoming is that there is no way to export the data off of this tool. We end up resorting to the crude methods of copy pasting the data in excel for collaborating with development teams.

**What problems is Dependency-Track solving and how is that benefiting you?**

Dependency Track is a Software composition Analysis tool where we can upload SBOM files to test for. 
It benefits in terms of maintaining clear versions for each SBOM uploaded and their respective results. Providing us list of all dependencies used alongwith a separate section for Vulnerable dependencies.
There is also a pictorial Dependency Graph tab one can make use of. 
Another feature to benefit from is the uniformly color coded scheme of all severities assiged to each vulnerability. The use of simple icons and color schemes is really handy.
However I do need to warn users of a intermittent issue of false positives and we might need to verify certain vulnerabilities instead of blindly trusting the tool.

  ### 2. Full focus on vulnerabilities

**Rating:** 5.0/5.0 stars

**Reviewed by:** Verified User in Medical Devices | Enterprise (> 1000 emp.)

**Reviewed Date:** January 21, 2025

**What do you like best about Dependency-Track?**

API-first design
Assessment database as part of data structure and process

**What do you dislike about Dependency-Track?**

Project views are limited 
No built-in export

**What problems is Dependency-Track solving and how is that benefiting you?**

SCA and scan against NVD

  ### 3. Dependency track

**Rating:** 4.0/5.0 stars

**Reviewed by:** Suryansh G. | Principal Engineer, Cloud HSM, Mid-Market (51-1000 emp.)

**Reviewed Date:** June 23, 2022

**What do you like best about Dependency-Track?**

No restriction on the number of repositories one can scan.

**What do you dislike about Dependency-Track?**

Access to zero day vulnerabilities is not there and only works with an old DB leaving an attack surface open

**Recommendations to others considering Dependency-Track:**

Integrate it with your CI pipeline and see how amazingly it'll benefit your team to be more productive.

**What problems is Dependency-Track solving and how is that benefiting you?**

keeps track of software's used across versions covering licenses, vulnerabilities

  ### 4. Best open-source SCA tool in the market

**Rating:** 5.0/5.0 stars

**Reviewed by:** Vis C. | Software Security Technical Director, Enterprise (> 1000 emp.)

**Reviewed Date:** June 24, 2022

**What do you like best about Dependency-Track?**

Has multiple vulnerability sources (NVD, OSS Index, etc.) and thus higher positive percentage.

**What do you dislike about Dependency-Track?**

Slow in performance, especially the GUI operations

**What problems is Dependency-Track solving and how is that benefiting you?**

Software composition analysis on software. This essentially means identifying 3rd party libraries (SBOM) and reporting vulnerabilities on them.


## Dependency-Track Discussions
  - [What is Dependency-Track used for?](https://www.g2.com/discussions/what-is-dependency-track-used-for) - 1 comment

- [View Dependency-Track pricing details and edition comparison](https://www.g2.com/products/dependency-track/reviews?section=pricing&secure%5Bexpires_at%5D=2026-07-06+17%3A51%3A24+-0500&secure%5Bsession_id%5D=d2651092-7254-4ba3-9e01-72d0ef586ccc&secure%5Btoken%5D=f43c689fa8e2eda366546c034ef5833cdc9c6bbaa8cd6abd6d1461ee5406dceb&format=llm_user)

## Dependency-Track Features
**Functionality - Software Composition Analysis **
- Language Support
- Integration
- Transparency

**Effectiveness - Software Composition Analysis**
- Remediation Suggestions
- Continuous Monitoring
- Thorough Detection

## Top Dependency-Track Alternatives
  - [GitLab](https://www.g2.com/products/gitlab/reviews) - 4.5/5.0 (881 reviews)
  - [GitHub](https://www.g2.com/products/github/reviews) - 4.7/5.0 (2,308 reviews)
  - [Wiz](https://www.g2.com/products/wiz-wiz/reviews) - 4.7/5.0 (817 reviews)

