--- title: Xygeni Reviews meta_title: 'Xygeni Reviews 2026: Details, Pricing, & Features | G2' meta_description: Filter reviews by the users' company size, role or industry to find out how Xygeni works for a business like yours. aggregate_rating: rating_value: 4.6 review_count: 5 scale: '5' date_modified: '2026-06-24' parent_category: name: Development url: https://www.g2.com/categories/development --- # Xygeni Reviews **Vendor:** Xygeni Security **Category:** [Software Supply Chain Security Solutions](https://www.g2.com/categories/software-supply-chain-security-tools) **Average Rating:** 4.6/5.0 **Total Reviews:** 5 ## About Xygeni Secure your Software Development and Delivery! Xygeni Security specializes in Application Security Posture Management (ASPM), using deep contextual insights to effectively prioritize and manage security risks while minimizing noise and overwhelming alerts. Our innovative technologies automatically detect malicious code in real-time upon new and updated components publication, immediately notifying customers and quarantining affected components to prevent potential breaches. With extensive coverage spanning the entire Software Supply Chain—including Open Source components, CI/CD processes and infrastructure, Anomaly detection, Secret leakage, Infrastructure as Code (IaC), and Container security—Xygeni ensures robust protection for your software applications. Trust Xygeni to protect your operations and empower your team to build and deliver with integrity and security. ## Xygeni Pros & Cons **What users like:** - Users value the **comprehensive security** of Xygeni, ensuring open-source dependencies are safe without hindering development pace. (2 reviews) - Users value Xygeni's **effective prioritization of security threats** , allowing focus on critical issues without development delays. (2 reviews) - Users value the **robust risk management capabilities** of Xygeni, enhancing security without hindering development speed. (2 reviews) - Users value the **robust security features** of Xygeni, providing peace of mind and maintaining a fast development pace. (2 reviews) - Users value the **seamless CI/CD integration** of Xygeni, enabling early vulnerability detection without hindering development speed. (1 reviews) - Compliance Management (1 reviews) - Customization (1 reviews) - Easy Integrations (1 reviews) - Features (1 reviews) - Insights (1 reviews) **What users dislike:** - Users face **difficult setup** challenges with Xygeni, requiring manual adjustments to integrate with certain CI/CD environments. (1 reviews) - Users find the **learning curve** challenging for first-time use, needing deeper AppSec knowledge to fully utilize the platform. (1 reviews) ## Xygeni Reviews ### 1. Revolutionized Our Security Workflow with Unified, AI-Driven Efficiency **Rating:** 5.0/5.0 stars **Reviewed by:** Yerassyl K. | Administrator, Small-Business (50 or fewer emp.) **Reviewed Date:** November 24, 2025 **What do you like best about Xygeni?** Xygeni gives us full visibility across the software supply chain in a single platform, replacing what used to require multiple disconnected tools. The unified dashboard, alert deduplication, and smooth integration into our CI/CD workflows have made our security process far more efficient. The AI-powered capabilities are also a major advantage; AI SAST provides much more accurate findings, and the auto-fix features help developers remediate issues quickly without slowing delivery. The platform is built for modern, AI-driven development environments. **What do you dislike about Xygeni?** There isn’t much to dislike. More customization for dashboards and reports would be useful, and additional support for some niche DevOps tools would be nice to have. But these are minor compared to the overall value, especially given how strong the platform’s AI-driven detection and remediation already are. **What problems is Xygeni solving and how is that benefiting you?** Xygeni helps us address key challenges in application security by identifying vulnerable or malicious open-source dependencies, detecting CI/CD misconfigurations, and preventing hard-coded secret exposure. The platform significantly reduces noise through accurate risk prioritization and provides full visibility across our software supply chain. With Xygeni, we respond to threats faster, reduce manual workload for developers, and strengthen the overall security of our products. It has noticeably improved our DevSecOps processes and increased confidence in our final builds. ### 2. The essential tool for proactive security and confident development **Rating:** 4.5/5.0 stars **Reviewed by:** Marcos C. | CTO, Mid-Market (51-1000 emp.) **Reviewed Date:** July 14, 2025 **What do you like best about Xygeni?** CI/CD Integration: Xygeni integrates smoothly into our CI/CD pipelines, allowing them to detect and fix vulnerabilities early in the development process without hindering their release pace. Policy Enforcement: They value the automated security compliance across their open-source dependencies, especially the ability to define custom security policies based on their risk tolerance, giving them fine-grained control over their codebase. Detailed Reporting and Risk Insights: Xygeni provides clear explanations of vulnerabilities and their potential impact. This helps both developers and security teams prioritize fixes effectively by understanding the "why" and "how" behind security risks, which is crucial for a fast-moving SaaS company. **What do you dislike about Xygeni?** While Xygeni generally integrates well with most CI/CD pipelines, we've encountered minor configuration challenges with certain edge cases that necessitated manual adjustments. We believe that more robust, pre-configured templates for diverse CI/CD environments would significantly streamline this process. Furthermore, enhanced documentation—particularly for less common or complex security issues—would greatly benefit users in navigating these non-trivial scenarios. **What problems is Xygeni solving and how is that benefiting you?** Xygeni has addressed the lack of visibility in the software supply chain, allowing us to identify and mitigate risks in real time. Xygeni has eliminated unexpected security issues just prior to launch. ### 3. Very good tool for DevSecOps approach **Rating:** 4.5/5.0 stars **Reviewed by:** Carlos A. | Cybersecurity Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** March 20, 2025 **What do you like best about Xygeni?** At Metricool, maintaining a secure and efficient software development process is critical, and Xygeni has been a fantastic addition to our security stack. One of the standout features is its seamless CI/CD integration, which allows us to identify and fix vulnerabilities early in the development pipeline without slowing down our releases. We also appreciate the advanced policy enforcement mechanisms, which help us automate security compliance across our open-source dependencies. The ability to define custom security policies based on risk tolerance gives us fine-grained control over what enters our codebase. Another major advantage is the detailed reporting and risk insights. The platform provides clear explanations of vulnerabilities and their potential impact, helping both developers and security teams prioritize fixes more effectively. Instead of just listing issues, Xygeni helps us understand the "why" and "how" behind security risks, which is invaluable for a fast-moving SaaS company like ours. **What do you dislike about Xygeni?** While Xygeni integrates well with most CI/CD pipelines, we did run into minor configuration challenges with certain edge cases, which required manual adjustments. Improved pre-configured templates for different CI/CD environments would make the process smoother. **What problems is Xygeni solving and how is that benefiting you?** Before adopting Xygeni, we struggled with visibility into the security posture of our software supply chain. Keeping track of vulnerabilities in dependencies was a time-consuming, manual process. Xygeni has completely automated this, allowing us to identify and mitigate risks in real-time. By integrating security checks into our CI/CD pipelines, we’ve eliminated last-minute security surprises before deployment. The risk-based prioritization ensures we focus on the most critical threats first, making our security efforts more efficient. Overall, Xygeni has significantly improved our ability to maintain a secure software development lifecycle without adding unnecessary complexity. ### 4. Advanced malware detection capabilities, especially for securing the software supply chain. **Rating:** 4.5/5.0 stars **Reviewed by:** Óscar G. | CISO, Small-Business (50 or fewer emp.) **Reviewed Date:** February 25, 2025 **What do you like best about Xygeni?** - Real-time malware detection: Xygeni’s early warning system has been a game-changer, identifying malicious open source components before they can be exploited. - Policy-based security enforcement: Help us automate security checks and prevent risky code from entering production. - Contextual risk prioritization: Instead of flooding us with alerts, Xygeni prioritizes real threats, allowing our team to focus on the most critical security issues. Overall, Xygeni has given us peace of mind by ensuring our open source dependencies are free from malware and security risks without slowing down development. Highly recommended! **What do you dislike about Xygeni?** If I had to mention an area for improvement, it would be the learning curve for first-time users. While the platform is intuitive, some of the deeper security insights require a bit of familiarity with AppSec best practices. That said, their customer support and documentation have been great at guiding our team. **What problems is Xygeni solving and how is that benefiting you?** - Securing the software supply chain. - Real time threat intelligence to detect malicious dependencies. - Integration with Azure Devops pipelines. ### 5. Xygeni has revolutionized how we manage and secure our digital assets. **Rating:** 5.0/5.0 stars **Reviewed by:** Alvaro A. | Small-Business (50 or fewer emp.) **Reviewed Date:** January 22, 2024 **What do you like best about Xygeni?** Its scanning capabilities (very robust), the fact that it prevents secrets from reaching the repository, and the direct feedback it provides to developers via Slack. Thanks to its Git Hook integration, we can proceed with immedate corrective actions (across the entire Software Supply Chain) **What do you dislike about Xygeni?** The platform provides a lot of information as it recognizes and validates an extensive array of secret formats, whether they are passwords, API keys, tokens, or cryptographic keys. It would be nice if the platform was able to validate even a major number of secrets and to discern whether a password is valid or not. There are too many things to validate. **What problems is Xygeni solving and how is that benefiting you?** Xygeni has revolutionized how we manage and secure our digital assets. Instead of using several tools, its unified platform provides comprehensive control over our secrets, not just within our source code but across our entire software landscape, including pipelines and IaC files. The seamless integration of these diverse elements into a single platform has streamlined our security processes, enhancing our overall digital resilience. Xygeni has opened our eyes to a new standard of security, safeguarding every facet of our software infrastructure with unmatched efficiency. - [View Xygeni pricing details and edition comparison](https://www.g2.com/products/xygeni/reviews?section=pricing&secure%5Bexpires_at%5D=2026-06-27+09%3A15%3A37+-0500&secure%5Bsession_id%5D=529ec9c1-1802-48e0-9782-be96c005c41b&secure%5Btoken%5D=6e624093ff41070cf267741d952d4026a6ea5c2c05df517f5e8dd51638d9a1bb&format=llm_user) ## Xygeni Features **Administration** - Risk Scoring - Secrets Management - Security Auditing - Configuration Management **Performance** - Issue Tracking - Detection Rate - False Positives - Automated Scans **Functionality - Software Composition Analysis ** - Language Support - Integration - Transparency **Security** - Tampering - Malicious Code - Verification - Security Risks **Risk management - Application Security Posture Management (ASPM)** - Vulnerability Management - Risk Assessment and Prioritization - Compliance Management - Policy Enforcement **Functionality - Software Bill of Materials (SBOM)** - Format Support - Annotations - Attestation **Cloud Visibility** - Data Discovery - Cloud Registry - Cloud Gap Analytics **Monitoring** - Continuous Image Assurance - Behavior Monitoring - Observability **Network** - Compliance Testing - Perimeter Scanning - Configuration Monitoring **Effectiveness - Software Composition Analysis** - Remediation Suggestions - Continuous Monitoring - Thorough Detection **Tracking** - Bill of Materials - Audit Trails - Monitoring **Integration and efficiency - Application Security Posture Management (ASPM)** - Integration with Development Tools - Automation and Efficiency **Management - Software Bill of Materials (SBOM)** - Monitoring - Dashboards - User Provisioning **Security** - Data Security - Data loss Prevention - Security Auditing **Protection** - Dynamic Image Scanning - Runtime Protection - Workload Protection - Network Segmentation **Application** - Manual Application Testing - Static Code Analysis - Black Box Testing **Reporting and Analytics - Application Security Posture Management (ASPM)** - Trend Analysis - Risk Scoring - Customizable Dashboards **Identity** - SSO - Governance - User Analytics **Agentic AI - Vulnerability Scanner** - Autonomous Task Execution - Proactive Assistance **Agentic AI - Application Security Posture Management (ASPM)** - Autonomous Task Execution - Multi-step Planning ## Top Xygeni Alternatives - [Wiz](https://www.g2.com/products/wiz-wiz/reviews) - 4.7/5.0 (809 reviews) - [GitHub](https://www.g2.com/products/github/reviews) - 4.7/5.0 (2,301 reviews) - [GitLab](https://www.g2.com/products/gitlab/reviews) - 4.5/5.0 (880 reviews)