50 OX Security Reviews
OX delivers comprehensive security testing and assessment capabilities, addressing the key requirements of a security-mature organization. Its intuitive dashboard provides a centralized and unified approach to issue management, ensuring streamlined tracking and resolution. A versatile set of plugins enables seamless integration with various ticketing systems for issue management, as well as the import of findings from other security tools. Majority of these integrations are fairly simple to implement. A particularly valuable feature is its pipeline functionality, which allows the creation of customized workflows based on scan results, making prevention and notification processes highly adaptable. Additionally, OX is backed by a well-structured and responsive support team, ensuring continuous availability and prompt handling of all inquiries and feedback. Review collected by and hosted on G2.com.
Some features currently lack documentation, and certain security testing capabilities are not yet fully covered. Additionally, the integration of more external security testing tool plugins would enhance functionality. However, most of these improvements are already planned and included in the development roadmap. Review collected by and hosted on G2.com.
OX Security’s ASPM solution excels at delivering a comprehensive, end-to-end view of the security posture across the entire software development lifecycle. The platform’s intuitive interface makes it easy to pinpoint vulnerabilities early, prioritize critical issues, and streamline remediation processes. I particularly appreciate the seamless integrations with existing DevOps tools, ensuring that security insights flow naturally into development workflows without creating bottlenecks. The real-time visibility and actionable intelligence provided by OX Security foster a security-first mindset, boosting both the confidence of our development team and the overall resilience of our applications. Review collected by and hosted on G2.com.
While OX Security’s ASPM platform is robust and feature-rich, it can feel a bit overwhelming when first getting started. The wealth of options and detailed analytics might require a brief learning curve for newer team members. However, with a little time and the helpful documentation available, our team quickly adapted and now fully leverages all the platform’s powerful capabilities. Review collected by and hosted on G2.com.
1. The platform’s seamless integration into our existing tools enables quick adoption by the team.
2. Its capability to cover static code analysis and supply chain risks, ensuring comprehensive security coverage.
3. The intuitive interface makes navigating and extracting insights simple, especially for diverse teams.
4. Customizable Workflows: The ability to tailor some aspects of the scanning process helps us align with our internal security policies.
5. The ability to catch vulnerabilities during code commits is a game-changer, helping us address risks early in the development lifecycle.
6. Intuitive and Clean UI: The dashboard design is straightforward, making it easy to navigate between different modules and access actionable insights without overwhelming users.
7. Outstanding Customer Support: The customer success and support teams are responsive and proactive, ensuring smooth onboarding and timely assistance with configuration or technical issues. Review collected by and hosted on G2.com.
1. Coverage Gaps for Certain Languages: While the platform is strong overall, it lacks full support for C++ (currently, they are adding it gradually) and .NET, which could limit its usability in some environments.
2. SIEM Integration: The process for connecting OX Security to SIEM systems could be smoother, as not all SIEM platforms are listed in the connector options, requiring contacting support. Review collected by and hosted on G2.com.
I must admit it has a lot of functionalities that we barly scratched the surface of. But from the initial scans we were already blown away by the amount of detections it has made. Its advanced if you want, but also simple to use. Mind you, if something is missing, they will gladly add it to the scanning as well. We primarly are using it for Gitlab repo code security scanning, but you can use it in your CI/CD pipeline as well. What's great about OX is they will first let you do a POC, and then if you're happy you can continue using it. To integrate it, just point it to your GIT repository! Then if you wish, it can generate Jira tickets for you.
When you start using it they will provide you with onboarding sessions which is great, and after that you can have reocurring calls with them to resolve any issues you are having or talk about new features. Just a great experience from start to finish with OX. Review collected by and hosted on G2.com.
No downsides yet. We are enjoying the product. Review collected by and hosted on G2.com.
OX Security provides unparalleled security precision and support, outperforming competitors in every aspect. The technical support from OX Security is exceptional, offering quick responses and real assistance throughout every stage of integration and management. In addition, the comprehensive nature of the tool ensures robust protection with minimal setup, making it efficient and easy to implement. The deployment process is quick and intuitive, allowing for a seamless implementation of the full security suite in a production environment. Review collected by and hosted on G2.com.
Lack of full integration with GCP, but we’re set to gain access to the beta version, and they’re already working on it—amazing! Review collected by and hosted on G2.com.
Ox Security consolidates various tools into a single dashboard by integrating with multiple vendors, providing holistic visibility and seamless AI-powered integrations to aid in issue resolution.
Additionally, Ox Security offers an on-premises solution, which I find especially valuable since many organizations prefer not to upload their code to third-party platforms. With Ox Security's on-premises solution, code scanning occurs locally, ensuring that code remains secure within the organization’s own infrastructure. Review collected by and hosted on G2.com.
If Ox security, have their DataCentre in india that would be awsome for indian market. But still it can be manageble because they have few certifications to ensure audience on their data. And espically they are offering On prem solutins as well. Review collected by and hosted on G2.com.
OX Security has greatly improved our security posture with its seamless integrations, especially with GitLab, Jira, and Slack, which keep our team proactive and efficient. The platform’s combination of SAST, and open-source checks under one tool is a huge win for us, as it streamlines security processes and offers in-depth insights across our cloud and CI/CD environments. Review collected by and hosted on G2.com.
While the platform already covers a lot, there are a few features we’d love to see in future updates, like enhanced reporting options and more GCP integrations. These would make an already excellent tool even more robust, and I’m excited to see how OX Security evolves over time! Review collected by and hosted on G2.com.
We use Ox as our code security solution. The platform automatically scans our codebase and Pull Requests, and creates Jira tickets for security findings based on multiple criteria, routing them directly to the responsible teams. This automation has made Ox our single source of truth for code security, enabling our RnD, SecOps, and Product teams to effectively manage the security fix lifecycle Review collected by and hosted on G2.com.
Ox could be even more effective with the ability to rescan specific code after Jira issues are marked as resolved, and by adding an option to scan individual repositories or projects rather than requiring full codebase scans. Review collected by and hosted on G2.com.
Seamless and fast integration with your tools; a wide amount of features; user-friendly easy to use interface; great level of technical and non-technical support from the vendor. Review collected by and hosted on G2.com.
Few bugs over time and non-detailed/non-comprehensive documentation. Review collected by and hosted on G2.com.
Ox is a fantastic tool at the heart of our AppSec strategy. It’s easy to implement and provides an overwhelming volume of crucial, interrelated data that is vital to running a secure and effective SDLC.
The platform offers a wealth of features for use across your environment, gathering data from multiple stages of the SDLC and creating a top-down view to apply effective risk management strategies. Collected issues are contextually reassessed, and reprioritised severities help better organise and address findings efficiently.
We’ve integrated Ox scanning into our CI pipeline, enabling engineers to identify issues early in the development cycle—before code is merged—thanks to Ox’s pipeline rules. The variety of scans offered is impressive, accounting for numerous variables throughout the code journey.
Ox’s capabilities extend to our EKS clusters, validating image deployments and helping us better organize our registry. The data it provides on identified issues is invaluable for remediation planning, including the source of findings and associated code snippets. While the UI could be more intuitive and has a slight learning curve, it’s clear that all the necessary data is readily accessible within the platform. Administrators can also customise user views to hide irrelevant features, minimizing distractions for engineers.
The recent implementation of RBAC has further simplified our workflows, limiting users' visiblity scope and assigning the appropriate privileges. By dividing findings among the teams that own them and leveraging the application owner features, we can effectively delegate responsibilities and streamline remediation efforts.
Ox’s customer support has been excellent—attentive to our needs and super responsive to feedback. They convey professionalism and a genuine passion for their product and purpose, it shows.
Ox consistently delivers upgrades and new features, almost on a weekly basis. The new BOM capabilities, including Artifact BOM and Cloud BOM, provide unparalleled visibility into our cloud infrastructure and artifacts, helping us maintain control and avoid unvalidated components.
Overall, I highly recommend Ox Security. With their pace of innovation and commitment to excellence, I have no doubt they’ll be an industry leader in the coming years. Review collected by and hosted on G2.com.
It's worth mentioning that the Ox team are aware of these points and are currently working to have the features implemented to support them shortly.
Issue metrics - Whilst there's great clarity on the issues that are open, it is harder to track what's been closed and why.
Jira integration - This is being developed, but our experience has shown that there is room for optimisation here, the integration at this stage simply creates tickets, it does not have the ability to close or add updates to the tickets through the lifecycle of the vulnerability remediation.
RBAC - This has been implemented and is great, but still requires some work to be a little more dynamic Review collected by and hosted on G2.com.
