--- title: MergeBase Reviews meta_title: 'MergeBase Reviews 2026: Details, Pricing, & Features | G2' meta_description: Filter 20 reviews by the users' company size, role or industry to find out how MergeBase works for a business like yours. aggregate_rating: rating_value: 4.5 review_count: 20 scale: '5' date_modified: '2026-05-05' parent_category: name: "DevSecOps\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t" url: https://www.g2.com/categories/devsecops --- # MergeBase Reviews **Vendor:** MergeBase Software **Category:** [Software Composition Analysis Tools](https://www.g2.com/categories/software-composition-analysis) **Average Rating:** 4.5/5.0 **Total Reviews:** 20 ## About MergeBase MergeBase is revolutionizing software supply chain protection with a full-featured, developer-oriented SCA solution that brings the lowest false positives in the industry and complete DevOps coverage from coding/building to deployment and run-time. MergeBase’s SCA tool analyzes the open-source/third-party libraries for vulnerabilities. Our mission is to protect the software supply chain. We provide a full-featured, developer-oriented solution that has the industry’s lowest false positive rates and complete coverage of the DevOps process. ## MergeBase Reviews ### 1. Revolutionizing Software Supply Chain Protection with MergeBase's SCA Platform **Rating:** 5.0/5.0 stars **Reviewed by:** Disha K. | Mid-Market (51-1000 emp.) **Reviewed Date:** February 03, 2023 **What do you like best about MergeBase?** MergeBase provides a full-featured, developer-oriented solution that covers the entire DevOps process, from coding and building to deployment and run-time. MergeBase has a focus on low false positive rates, making it easier for security and development teams to triage and prioritise vulnerabilities. The platform provides real-time warnings about vulnerabilities in applications running in production, including from third-part components and software. **What do you dislike about MergeBase?** Implementing a comprehensive SCA solution like MergeBase may come with a high cost, particularly for large organisations with complex development environments. Integrating MergeBase into an existing development workflow may require significant time and effort ay require additional resources and expertise. **What problems is MergeBase solving and how is that benefiting you?** MergeBase is solving a number of problems related to the use of open-source and third-party components in software development. The increasing use of open-source and third-party components in software applications has created new security risks. MergeBase aims to improve the security and quality of software applications while also making the development process more efficient. ### 2. MergeBase Detector of risk and vulnerabilities **Rating:** 4.5/5.0 stars **Reviewed by:** Prashant S. | Small-Business (50 or fewer emp.) **Reviewed Date:** March 15, 2023 **What do you like best about MergeBase?** There's no doubt that MergeBase is a fantastic software for measuring the risk and security of any code we are deploying, due to which saves a lot of time in coding and development. **What do you dislike about MergeBase?** Overall it is a good website, but its pricing model is high compared to its competitors for a small group of organisations. If they reduce their pricing, it will indeed become the best. **What problems is MergeBase solving and how is that benefiting you?** Really, MergeBase is fantastic if you use this, you don't have to worry about any kind of risk or vulnerability as it detects them for you and lets you know about them, and it's precise too. ### 3. MergeBase review. **Rating:** 5.0/5.0 stars **Reviewed by:** Wendy N. | Sales Manager, Hospitality, Enterprise (> 1000 emp.) **Reviewed Date:** April 18, 2023 **What do you like best about MergeBase?** It's an amazing and fantastic application for measuring security of any code we're deploying thus saving much time in coding and deployment. I like ease of usage and deployment. MergeBase has a very intuitive and user-friendly interface which makes it super easy to learn and understand. **What do you dislike about MergeBase?** Nothing negative to mention about MergeBase. It meets all our expectations. **What problems is MergeBase solving and how is that benefiting you?** MergeBase gives developer guidance about risk and compatibility. I like how it helps to measure the risk and take security measures when thinking about coding. ### 4. Extremely functional development tool **Rating:** 4.0/5.0 stars **Reviewed by:** Divit G. | Coordinator, Enterprise (> 1000 emp.) **Reviewed Date:** October 31, 2022 **What do you like best about MergeBase?** The best feature of MergeBase has to be it's ease of usage. Development for future becomes super easy purely because of the intuitiveness of the interface and the ease by which the tools can be used. **What do you dislike about MergeBase?** With respect to the features provided by MergeBase, the pricing tiers used seem a little overpriced to me. Although I can use the free trial initially, but still the annual cost seems a little too high for a small organisation. **What problems is MergeBase solving and how is that benefiting you?** The biggest problem that I have solved is given my developers confidence to execute codes and commands without worrying about the security aspect, which MergeBase seamlessly handles. ### 5. Excellent for reducing open-source risk **Rating:** 4.5/5.0 stars **Reviewed by:** Gabriela G. | Web Designer, Small-Business (50 or fewer emp.) **Reviewed Date:** October 31, 2022 **What do you like best about MergeBase?** Every day, new vulnerabilities arise that risk the security of company information. To prevent corporate computers and data from being affected, it is advisable to detect them in time and solve possible incidents as quickly as possible with Mergebase. **What do you dislike about MergeBase?** Technical support is only by email; just one of the plans has dedicated support. The automated system should be included in all plans to increase team productivity. **What problems is MergeBase solving and how is that benefiting you?** Thanks to this product, I don't waste time on false positives. The analyzes are more precise than other products, which reduces the team's productivity and are more expensive. ### 6. MergeBase - Best softwarre to detect vulnerability and risk **Rating:** 5.0/5.0 stars **Reviewed by:** ankit r. | Sr. Design engineer, Small-Business (50 or fewer emp.) **Reviewed Date:** November 22, 2022 **What do you like best about MergeBase?** MergeBase is one of kind software which is analyse vulnerability and licence risk duting coding, building, deployment and running of your application. It also give developer guidance about risk and compatibility. **What do you dislike about MergeBase?** I don think about dislike of this software but it is one of kind which guidance abiut risk and it triggers warning about vulnerability application running in production. So one of the best software **What problems is MergeBase solving and how is that benefiting you?** As we know it useful in guide developers about risk and popularity. Mergebase accelarate developers ability to code securily with developer frindly tools and control into our codebase. ### 7. MergeBase is a great tool! **Rating:** 4.0/5.0 stars **Reviewed by:** Vandana A. | Project Manager & Web Developer, Enterprise (> 1000 emp.) **Reviewed Date:** October 31, 2022 **What do you like best about MergeBase?** MergeBase is a very helpful tool. It helps to measure the risk and take security measures when you're thinking about coding, development, and deploying your code. This is something every company should have! **What do you dislike about MergeBase?** There is nothing in particular I would say that I dislike about the MeegeBase product. One thing is the price that users have to make in order to obtain this product, but it's well worth it. **What problems is MergeBase solving and how is that benefiting you?** MergeBase is helping me solve a lot of business problems. For example, when I'm into development or design and not necessarily thinking about security, this tool comes into play and I love this concept. ### 8. Review of Mergebase - Code green **Rating:** 5.0/5.0 stars **Reviewed by:** Laxman T. | Technology lead, Enterprise (> 1000 emp.) **Reviewed Date:** October 31, 2022 **What do you like best about MergeBase?** It is easy to Integrate with Bitbucket and github; It is developer friendly, it has robust control that prevent the vulnerabilities and alerts the developers in the early stages of developers which reduces the savings and development time **What do you dislike about MergeBase?** Pricing and it takes to adapt for new users. **What problems is MergeBase solving and how is that benefiting you?** Merge base identifies the highest number of vulnerabilities, Developer friendly, Integration with Software development lifecycle, remediation options ### 9. Used to analyse security vulnerabilities in an open source project **Rating:** 4.0/5.0 stars **Reviewed by:** Rob F. | Senior Unity Developer, Mid-Market (51-1000 emp.) **Reviewed Date:** November 03, 2022 **What do you like best about MergeBase?** Has good integrations for devops and source code change analysis. Worked better for us than alternatives like Snyk. Used on a large open source project that was hard to keep track of without such a solution. **What do you dislike about MergeBase?** Although the platform has some good integrations, would like to see it more tightly integrated with systems like Git Labs and Bitbucket to make it easier to bring in halfway into production. **What problems is MergeBase solving and how is that benefiting you?** Checking for security vulnerabilities in code that is open source especially when we had pull requests from external developers, we had to check that the code was still secure during devops. ### 10. Managing Platform without any vulnerability provides developer guidance for better preparation **Rating:** 5.0/5.0 stars **Reviewed by:** Sasikumar S. | Project manager, Enterprise (> 1000 emp.) **Reviewed Date:** November 11, 2022 **What do you like best about MergeBase?** Provides better guidance while developing applications. Triggers warning about the application that has security warnings in the production, including third party applications **What do you dislike about MergeBase?** Pricing models seem to be a little high. Difficult for small case industries to integrate the solution. Needs a better model for small case industries so solutions can be combined. **What problems is MergeBase solving and how is that benefiting you?** The best part is we can integrate third party applications. It has the lowest false positive alerts. it has mechanism to show the false positive alerts as soon it has identified ### 11. Brings visibility into the potential risk within development cycles **Rating:** 4.5/5.0 stars **Reviewed by:** Lisa D. | Underwriting Assistant, Small-Business (50 or fewer emp.) **Reviewed Date:** October 31, 2022 **What do you like best about MergeBase?** We used MergeBase to help identify the risk factors inherent in our back end development process when designing our user account applications. This helped us reduce compliance risks and streamline our development process. **What do you dislike about MergeBase?** It emphasized the ability to block attacks on more vulnerable production components but we often had to manually take action rather than receiving automated alerts. **What problems is MergeBase solving and how is that benefiting you?** MergeBase sped up our overall development time and enabled us to code more easily without having to spend more time analyzing our processes for potential vulnerabilities within the code. ### 12. provides good protection for software development lifecycle **Rating:** 4.5/5.0 stars **Reviewed by:** Imran khan P. | Senior software analyst, Mid-Market (51-1000 emp.) **Reviewed Date:** October 31, 2022 **What do you like best about MergeBase?** this software helps our developers to achieve the various stages in software development cycle especially during build release **What do you dislike about MergeBase?** It has almost all the features like other software which help in SDLC methods, so this is good no cons **What problems is MergeBase solving and how is that benefiting you?** we are able to achieve the risk of removing any open source vulnerabilites found in our codes which are developed and find the mitigation plan well before the release process. It scans the repository throughout multiple stages to identify the risk before it moves to infrastructure ### 13. A good to go tool for risk minimisation in software dev **Rating:** 3.5/5.0 stars **Reviewed by:** Chandan M. | Product Manager, Small-Business (50 or fewer emp.) **Reviewed Date:** October 31, 2022 **What do you like best about MergeBase?** It helps in reducing risk in whole product development by suggesting and removing vulnerabilities An all in one product+ consultation solution on risk management **What do you dislike about MergeBase?** No dislikes as such however looking for some recent system vulnerabilities with troubleshooting mechanisms. IIntegration of issue tracker such as gitlab, Github etc **What problems is MergeBase solving and how is that benefiting you?** Complete devops risk minimisation and security Filter on 3rd party tools top make sure of risk free usability It's a good to go tool if you want to make sure of healthy security audit of your app ### 14. A good method to upscale your work with technology **Rating:** 5.0/5.0 stars **Reviewed by:** Harshit P. | Business Development Manager, Mid-Market (51-1000 emp.) **Reviewed Date:** November 02, 2022 **What do you like best about MergeBase?** It is simple in feature with excellent feature. The system of tagging is very user friendly and helps in productivity and smooth process of work **What do you dislike about MergeBase?** It is not easy to preview the entire response set before submitting.And also required alot of manual scrolling is required. And faced few technical glitches **What problems is MergeBase solving and how is that benefiting you?** Software extremely easy to work with company frequently upgrades technology. And able to handle multiple work at a same time ### 15. Good tool to know about vulnerabilities beforehand **Rating:** 5.0/5.0 stars **Reviewed by:** Atul C. | Technical Consulting Engineer, Enterprise (> 1000 emp.) **Reviewed Date:** October 31, 2022 **What do you like best about MergeBase?** We get to know vulnerabilities and false positive threats before hand which makes our code secure. **What do you dislike about MergeBase?** I have nothing to dislike about apart from the fact that it is not widely used and skills are rare. **What problems is MergeBase solving and how is that benefiting you?** We used to spend a lot of time in addressing vulnerabilities after coding as VA scan is one of the last process but it is informing us beforehand and we can act immediately. ### 16. Best software to protect software supply chain **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Internet | Mid-Market (51-1000 emp.) **Reviewed Date:** January 11, 2023 **What do you like best about MergeBase?** The functionality of this software is way more convenient. It's easy to use and provides developer oriented solutions. One of the best in the industry. **What do you dislike about MergeBase?** Price is bit high as compared to the other softwares. Overall good for mid size companies. **What problems is MergeBase solving and how is that benefiting you?** It's helping with own solution which is reducing false positive rates. Providing the full coverage of the devOps process. ### 17. As a developer it is the most feasible and important tool for me **Rating:** 5.0/5.0 stars **Reviewed by:** Bhupesh K. | Software engineer, Small-Business (50 or fewer emp.) **Reviewed Date:** November 01, 2022 **What do you like best about MergeBase?** The most helpful product of mergebase for developer for building and managing the applications **What do you dislike about MergeBase?** As of my initial use I didn't faced any issue regarding this product **What problems is MergeBase solving and how is that benefiting you?** Personally I am getting benefits of managing my application codes and all the basic problems of managment ### 18. Mergebase Review **Rating:** 4.0/5.0 stars **Reviewed by:** Diptanu S. | Sales & Marketing Manager, Small-Business (50 or fewer emp.) **Reviewed Date:** October 31, 2022 **What do you like best about MergeBase?** The warning system when it recognises vulnerabilities in the system **What do you dislike about MergeBase?** Sometimes it issues too many warnings which are not potentially risky **What problems is MergeBase solving and how is that benefiting you?** it identifies the risks along with the ones associated with third party software and help navigate through it faster ### 19. Software composition analysis tool **Rating:** 3.0/5.0 stars **Reviewed by:** Arjun D. | Program Head, Small-Business (50 or fewer emp.) **Reviewed Date:** November 17, 2022 **What do you like best about MergeBase?** I like the wide variety of options that the tool provides **What do you dislike about MergeBase?** the website is not informative enough about all the services **What problems is MergeBase solving and how is that benefiting you?** It helps me with software security testing ### 20. Easy way to scan for vulnerabilities and triggers **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Computer Software | Mid-Market (51-1000 emp.) **Reviewed Date:** November 04, 2022 **What do you like best about MergeBase?** I like how Mergebase helps us scan for any kind of vulnerabilities and attacks while the code is being written. This has helped us save time and has increased the efficiency of our team. **What do you dislike about MergeBase?** The pricing seems quite high especially for a small organization **What problems is MergeBase solving and how is that benefiting you?** Mergebase allows us to focus on building code and designing solutions without really stressing about the security aspect - [View MergeBase pricing details and edition comparison](https://www.g2.com/products/mergebase/reviews?section=pricing&secure%5Bexpires_at%5D=2026-06-25+01%3A06%3A56+-0500&secure%5Bsession_id%5D=2cb9c48b-8022-4dff-8ebf-d25eec64a467&secure%5Btoken%5D=137405a191723ffb81710e9a60bc143915e620ea086a3f9e24e10594093d447b&format=llm_user) ## MergeBase Features **Functionality - Software Composition Analysis ** - Language Support - Integration - Transparency **Functionality - Software Bill of Materials (SBOM)** - Format Support - Annotations - Attestation **Effectiveness - Software Composition Analysis** - Remediation Suggestions - Continuous Monitoring - Thorough Detection **Management - Software Bill of Materials (SBOM)** - Monitoring - Dashboards - User Provisioning ## Top MergeBase Alternatives - [GitHub](https://www.g2.com/products/github/reviews) - 4.7/5.0 (2,301 reviews) - [GitLab](https://www.g2.com/products/gitlab/reviews) - 4.5/5.0 (880 reviews) - [Wiz](https://www.g2.com/products/wiz-wiz/reviews) - 4.7/5.0 (808 reviews)