# Xygeni Reviews **Vendor:** Xygeni Security **Category:** [Software Supply Chain Security Solutions](https://www.g2.com/categories/software-supply-chain-security-tools) **Average Rating:** 4.6/5.0 **Total Reviews:** 5 ## About Xygeni Secure your Software Development and Delivery! Xygeni Security specializes in Application Security Posture Management (ASPM), using deep contextual insights to effectively prioritize and manage security risks while minimizing noise and overwhelming alerts. Our innovative technologies automatically detect malicious code in real-time upon new and updated components publication, immediately notifying customers and quarantining affected components to prevent potential breaches. With extensive coverage spanning the entire Software Supply Chain—including Open Source components, CI/CD processes and infrastructure, Anomaly detection, Secret leakage, Infrastructure as Code (IaC), and Container security—Xygeni ensures robust protection for your software applications. Trust Xygeni to protect your operations and empower your team to build and deliver with integrity and security. ## Xygeni Pros & Cons **What users like:** - Users value the **comprehensive security features** of Xygeni, ensuring efficient development while protecting against vulnerabilities. (2 reviews) - Users commend Xygeni for its **effective prioritization of security risks** , enabling focused attention on critical issues efficiently. (2 reviews) - Users value Xygeni for its **effective risk management** , ensuring security without hindering the development process. (2 reviews) - Users value the **robust security features** of Xygeni, safeguarding open-source dependencies while streamlining development. (2 reviews) - Users value the **seamless CI/CD integration** of Xygeni, enhancing security without hindering development speed. (1 reviews) - Compliance Management (1 reviews) - Customization (1 reviews) - Easy Integrations (1 reviews) - Features (1 reviews) - Insights (1 reviews) **What users dislike:** - Users face **difficult setup** challenges with Xygeni, requiring manual adjustments for certain edge cases during integration. (1 reviews) - Users find the **learning curve for first-time users** challenging, despite the platform's intuitive design and helpful support. (1 reviews) ## Xygeni Reviews ### 1. Very good tool for DevSecOps approach **Rating:** 4.5/5.0 stars **Reviewed by:** Carlos A. | Cybersecurity Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** March 20, 2025 **What do you like best about Xygeni?** At Metricool, maintaining a secure and efficient software development process is critical, and Xygeni has been a fantastic addition to our security stack. One of the standout features is its seamless CI/CD integration, which allows us to identify and fix vulnerabilities early in the development pipeline without slowing down our releases. We also appreciate the advanced policy enforcement mechanisms, which help us automate security compliance across our open-source dependencies. The ability to define custom security policies based on risk tolerance gives us fine-grained control over what enters our codebase. Another major advantage is the detailed reporting and risk insights. The platform provides clear explanations of vulnerabilities and their potential impact, helping both developers and security teams prioritize fixes more effectively. Instead of just listing issues, Xygeni helps us understand the "why" and "how" behind security risks, which is invaluable for a fast-moving SaaS company like ours. **What do you dislike about Xygeni?** While Xygeni integrates well with most CI/CD pipelines, we did run into minor configuration challenges with certain edge cases, which required manual adjustments. Improved pre-configured templates for different CI/CD environments would make the process smoother. **What problems is Xygeni solving and how is that benefiting you?** Before adopting Xygeni, we struggled with visibility into the security posture of our software supply chain. Keeping track of vulnerabilities in dependencies was a time-consuming, manual process. Xygeni has completely automated this, allowing us to identify and mitigate risks in real-time. By integrating security checks into our CI/CD pipelines, we’ve eliminated last-minute security surprises before deployment. The risk-based prioritization ensures we focus on the most critical threats first, making our security efforts more efficient. Overall, Xygeni has significantly improved our ability to maintain a secure software development lifecycle without adding unnecessary complexity. ### 2. Advanced malware detection capabilities, especially for securing the software supply chain. **Rating:** 4.5/5.0 stars **Reviewed by:** Óscar G. | CISO, Small-Business (50 or fewer emp.) **Reviewed Date:** February 25, 2025 **What do you like best about Xygeni?** - Real-time malware detection: Xygeni’s early warning system has been a game-changer, identifying malicious open source components before they can be exploited. - Policy-based security enforcement: Help us automate security checks and prevent risky code from entering production. - Contextual risk prioritization: Instead of flooding us with alerts, Xygeni prioritizes real threats, allowing our team to focus on the most critical security issues. Overall, Xygeni has given us peace of mind by ensuring our open source dependencies are free from malware and security risks without slowing down development. Highly recommended! **What do you dislike about Xygeni?** If I had to mention an area for improvement, it would be the learning curve for first-time users. While the platform is intuitive, some of the deeper security insights require a bit of familiarity with AppSec best practices. That said, their customer support and documentation have been great at guiding our team. **What problems is Xygeni solving and how is that benefiting you?** - Securing the software supply chain. - Real time threat intelligence to detect malicious dependencies. - Integration with Azure Devops pipelines. - [View Xygeni pricing details and edition comparison](https://www.g2.com/products/xygeni/reviews?filters%5Bsentiment_snippet%5D=2033535&qs=pros-and-cons§ion=pricing&secure%5Bexpires_at%5D=2026-05-13+09%3A04%3A04+-0500&secure%5Bsession_id%5D=bce5f86b-35b3-47ba-9e41-ff894e5fb4e7&secure%5Btoken%5D=33d8f237ebdebeb00741c589d9325caf69452b0764606f7593329bfbb85fe328&format=llm_user) ## Xygeni Features **Administration** - Risk Scoring - Secrets Management - Security Auditing - Configuration Management **Performance** - Issue Tracking - Detection Rate - False Positives - Automated Scans **Functionality - Software Composition Analysis ** - Language Support - Integration - Transparency **Security** - Tampering - Malicious Code - Verification - Security Risks **Risk management - Application Security Posture Management (ASPM)** - Vulnerability Management - Risk Assessment and Prioritization - Compliance Management - Policy Enforcement **Functionality - Software Bill of Materials (SBOM)** - Format Support - Annotations - Attestation **Cloud Visibility** - Data Discovery - Cloud Registry - Cloud Gap Analytics **Monitoring** - Continuous Image Assurance - Behavior Monitoring - Observability **Network** - Compliance Testing - Perimeter Scanning - Configuration Monitoring **Effectiveness - Software Composition Analysis** - Remediation Suggestions - Continuous Monitoring - Thorough Detection **Tracking** - Bill of Materials - Audit Trails - Monitoring **Integration and efficiency - Application Security Posture Management (ASPM)** - Integration with Development Tools - Automation and Efficiency **Management - Software Bill of Materials (SBOM)** - Monitoring - Dashboards - User Provisioning **Security** - Data Security - Data loss Prevention - Security Auditing **Protection** - Dynamic Image Scanning - Runtime Protection - Workload Protection - Network Segmentation **Application** - Manual Application Testing - Static Code Analysis - Black Box Testing **Reporting and Analytics - Application Security Posture Management (ASPM)** - Trend Analysis - Risk Scoring - Customizable Dashboards **Identity** - SSO - Governance - User Analytics **Agentic AI - Vulnerability Scanner** - Autonomous Task Execution - Proactive Assistance **Agentic AI - Application Security Posture Management (ASPM)** - Autonomous Task Execution - Multi-step Planning ## Top Xygeni Alternatives - [Wiz](https://www.g2.com/products/wiz-wiz/reviews) - 4.7/5.0 (773 reviews) - [GitHub](https://www.g2.com/products/github/reviews) - 4.7/5.0 (2,276 reviews) - [GitLab](https://www.g2.com/products/gitlab/reviews) - 4.5/5.0 (873 reviews)