Xygeni Reviews & Product Details

Xygeni gives us full visibility across the software supply chain in a single platform, replacing what used to require multiple disconnected tools. The unified dashboard, alert deduplication, and smooth integration into our CI/CD workflows have made our security process far more efficient.

The AI-powered capabilities are also a major advantage; AI SAST provides much more accurate findings, and the auto-fix features help developers remediate issues quickly without slowing delivery. The platform is built for modern, AI-driven development environments. Review collected by and hosted on G2.com.

There isn’t much to dislike. More customization for dashboards and reports would be useful, and additional support for some niche DevOps tools would be nice to have. But these are minor compared to the overall value, especially given how strong the platform’s AI-driven detection and remediation already are. Review collected by and hosted on G2.com.

CI/CD Integration: Xygeni integrates smoothly into our CI/CD pipelines, allowing them to detect and fix vulnerabilities early in the development process without hindering their release pace.

Policy Enforcement: They value the automated security compliance across their open-source dependencies, especially the ability to define custom security policies based on their risk tolerance, giving them fine-grained control over their codebase.

Detailed Reporting and Risk Insights: Xygeni provides clear explanations of vulnerabilities and their potential impact. This helps both developers and security teams prioritize fixes effectively by understanding the "why" and "how" behind security risks, which is crucial for a fast-moving SaaS company. Review collected by and hosted on G2.com.

While Xygeni generally integrates well with most CI/CD pipelines, we've encountered minor configuration challenges with certain edge cases that necessitated manual adjustments.

We believe that more robust, pre-configured templates for diverse CI/CD environments would significantly streamline this process.

Furthermore, enhanced documentation—particularly for less common or complex security issues—would greatly benefit users in navigating these non-trivial scenarios. Review collected by and hosted on G2.com.

At Metricool, maintaining a secure and efficient software development process is critical, and Xygeni has been a fantastic addition to our security stack. One of the standout features is its seamless CI/CD integration, which allows us to identify and fix vulnerabilities early in the development pipeline without slowing down our releases.

We also appreciate the advanced policy enforcement mechanisms, which help us automate security compliance across our open-source dependencies. The ability to define custom security policies based on risk tolerance gives us fine-grained control over what enters our codebase.

Another major advantage is the detailed reporting and risk insights. The platform provides clear explanations of vulnerabilities and their potential impact, helping both developers and security teams prioritize fixes more effectively. Instead of just listing issues, Xygeni helps us understand the "why" and "how" behind security risks, which is invaluable for a fast-moving SaaS company like ours. Review collected by and hosted on G2.com.

While Xygeni integrates well with most CI/CD pipelines, we did run into minor configuration challenges with certain edge cases, which required manual adjustments. Improved pre-configured templates for different CI/CD environments would make the process smoother. Review collected by and hosted on G2.com.

- Real-time malware detection: Xygeni’s early warning system has been a game-changer, identifying malicious open source components before they can be exploited.

- Policy-based security enforcement: Help us automate security checks and prevent risky code from entering production.

- Contextual risk prioritization: Instead of flooding us with alerts, Xygeni prioritizes real threats, allowing our team to focus on the most critical security issues.

Overall, Xygeni has given us peace of mind by ensuring our open source dependencies are free from malware and security risks without slowing down development.

Highly recommended! Review collected by and hosted on G2.com.

If I had to mention an area for improvement, it would be the learning curve for first-time users. While the platform is intuitive, some of the deeper security insights require a bit of familiarity with AppSec best practices. That said, their customer support and documentation have been great at guiding our team. Review collected by and hosted on G2.com.

Its scanning capabilities (very robust), the fact that it prevents secrets from reaching the repository, and the direct feedback it provides to developers via Slack. Thanks to its Git Hook integration, we can proceed with immedate corrective actions (across the entire Software Supply Chain) Review collected by and hosted on G2.com.

The platform provides a lot of information as it recognizes and validates an extensive array of secret formats, whether they are passwords, API keys, tokens, or cryptographic keys. It would be nice if the platform was able to validate even a major number of secrets and to discern whether a password is valid or not. There are too many things to validate. Review collected by and hosted on G2.com.