# SOOS Reviews **Vendor:** SOOS **Category:** [Software Bill of Materials (SBOM) Software](https://www.g2.com/categories/software-bill-of-materials-sbom) **Average Rating:** 4.6/5.0 **Total Reviews:** 42 ## About SOOS SOOS is the complete application security posture management platform. Scan your software for vulnerabilities, control the introduction of new dependencies, exclude unwanted license types, generate and manage Software Bill of Materials (SBOM), and fill out your compliance worksheets across all your teams. SOOS’s ASPM is a dynamic, comprehensive approach to safeguarding your application infrastructure from vulnerabilities across the Software Development Life Cycle (SDLC) and live deployments. Easy to integrate, all in one dashboard. SCA - Deep tree vulnerability scanning, license compliance, governance DAST - Automated Web & API vulnerability scanning Containers - Scan contents for vulnerabilities SAST - Analyze code for security vulnerabilities IaC - Cloud security coverage SBOMs - Create – monitor – manage ## SOOS Pros & Cons **What users like:** - Users find SOOS to be **extremely easy to use** , enabling quick implementation and trust in its reliability. (8 reviews) - Users benefit from **easy integrations** with SOOS, enabling seamless workflows and proactive vulnerability management in development. (6 reviews) - Users value the **seamless integrations** of SOOS, enabling continuous monitoring for security and compliance as applications evolve. (6 reviews) - Users value the **efficient customer support** of SOOS, which enhances overall user experience and implementation. (5 reviews) - Users value the **easy integration and continuous monitoring** of SOOS, enhancing security and compliance seamlessly. (5 reviews) - Users love the **easy setup** of SOOS, appreciating its intuitive design and seamless integration capabilities. (4 reviews) - Users value the **continuous security monitoring** of SOOS, enhancing compliance and proactively addressing vulnerabilities. (4 reviews) - Setup Ease (4 reviews) - Users appreciate the **seamless cloud integration** of SOOS, enabling smooth workflows and continuous monitoring of vulnerabilities. (3 reviews) - Detection (3 reviews) **What users dislike:** - Users often face **inadequate reporting** in SOOS, hindering effective communication and management of vulnerabilities across projects. (4 reviews) - Users express concerns over **poor reporting** in SOOS, emphasizing the need for better filtering and grouping options. (4 reviews) - Users feel SOOS is **lacking in advanced reporting features** , making it difficult to manage and prioritize vulnerabilities effectively. (3 reviews) - Users find a significant **lack of guidance** in SOOS, affecting onboarding and remediation processes during use. (3 reviews) - Users face **dashboard issues** with display limitations and uncomfortable sign-in, affecting their overall experience with SOOS. (2 reviews) - UX Improvement (2 reviews) - Authentication Issues (1 reviews) - Users find the **getting started process complicated** , which affects their initial experience with SOOS. (1 reviews) - Users find the **complex navigation** of SOOS confusing, particularly with unrecognized package scans. (1 reviews) - Complex Setup (1 reviews) ## SOOS Reviews ### 1. Awesome tool for detecting vulnerabilities within project dependecies **Rating:** 4.5/5.0 stars **Reviewed by:** Nayan C. | DevOps Engineer, Small-Business (50 or fewer emp.) **Reviewed Date:** February 23, 2023 **What do you like best about SOOS?** Easy UI to manage the projects to detect the vulnerabilities in dependencies. Easy project on-boarding process and good integration with DevOps tool chain like Azure DevOps. **What do you dislike about SOOS?** The major downside we've seen till now is how to display the vulnerabilities along with the recommendations to resolve them. Apart from it the sign-in process is not comfortable. 1 more point which just recently added is the ability of scanning in async manner (which was good old process). All the current scans gets complete in sync manner which results into increasing the build time of the code. **What problems is SOOS solving and how is that benefiting you?** Majorly Soos is helping us in detecting the vulnerabilities within our project's dependencies right away from the DevOps toolchain during the compilation phase. Apart from it the recommendations are also very useful. **Official Response from Becca Newton:** > Hi Nayan - we really appreciate you taking the time to provide feedback on your experience with SOOS. We hear you on the sign-in process, and are working to make that more seamless. Please don't hesitate to reach out with any additional comments. Feedback from our users is what continues to drive the product forward! ### 2. Reliable Tool That’s Grown Into Enterprise Use **Rating:** 5.0/5.0 stars **Reviewed by:** Yulian R. | SysAdmin - Compliance, Small-Business (50 or fewer emp.) **Reviewed Date:** November 07, 2023 **What do you like best about SOOS?** One thing we’ve continued to like about SOOS is how easy it is to keep running without constant attention. The GitHub integration works smoothly, weekly scans run reliably, and developers get clear visibility into vulnerabilities and license issues as they come up. Setup stayed simple, the Vanta integration remains low-effort, and support was helpful when we needed guidance on plans and rollout. Overall, it’s been easy to maintain as part of our normal development workflow without slowing teams down. **What do you dislike about SOOS?** While the platform has worked well overall, there are a few areas where SOOS could improve: 1. Documentation and best-practice guidance — some advanced use cases and tuning options could be explained more clearly to help teams onboard faster without trial and error. 2. Developer-facing remediation context — adding more actionable guidance or examples directly in findings would further speed up fixes. 3. Reporting flexibility — more customization options for exports and summaries would be useful for sharing status with different stakeholders. **What problems is SOOS solving and how is that benefiting you?** Staying up to date with Soos alerts has made our development team be aware and more attentive to vulnerabilities and licensing. **Official Response from Kaitlyn Booth:** > Hi Yulian! Thank you so much for taking your time to leave us a review and share your impressions of our SCA and DAST offerings! I am very happy to hear that you found the set up process for SOOS to be hassle free and your team is now easily monitoring and fixing vulnerabilities and license issues and it is great to hear you are leveraging our Vanta integration! I’m also thrilled to hear our Customer Support played such a crucial role in your decision to add SOOS to your cybersecurity toolkit. We strive to provide Customer Support that is the best in the business and we're always happy to hear any feedback, ideas, or feature requests you may have. All the best, Kaitlyn ### 3. SOOS SCA **Rating:** 2.0/5.0 stars **Reviewed by:** Pavan P. | DevOps Admin, Health, Wellness and Fitness, Mid-Market (51-1000 emp.) **Reviewed Date:** November 22, 2022 **What do you like best about SOOS?** Dash Board Scan Reports User-friendly Configurations **What do you dislike about SOOS?** This SOOS billing has frequent changes; these types of changes will lose customers. **What problems is SOOS solving and how is that benefiting you?** Scanning Source Code Vulnerabilities and keeping our Application and Source Code Secure. **Official Response from Becca Newton:** > Pavan - Thank you for your review of SOOS! We appreciate the support and feedback. ### 4. SooS offers everything that my teams need in a great easy-to-use package. **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Computer Software **Reviewed Date:** December 10, 2025 **What do you like best about SOOS?** The product is easy to use, with no-surprises pricing and the support is awesome! **What do you dislike about SOOS?** Nothing that I can think of. They've been a great partner! **What problems is SOOS solving and how is that benefiting you?** SaaS is fully integrated with our CI/CD pipeline and provides us with full-cycle security analysis of our codebase in real time. ### 5. Effective License and Vulnerability Management **Rating:** 4.5/5.0 stars **Reviewed by:** Brallan G. | Site Reliability Engineer (SRE), Computer Software, Small-Business (50 or fewer emp.) **Reviewed Date:** November 14, 2024 **What do you like best about SOOS?** What I like most is that the integration of our pipelines with SOOS has been a great help in maintaining constant analysis, especially as our application evolves and new dependencies are added. Continuous monitoring has streamlined our efforts to proactively fix vulnerabilities and licensing issues that arise on a day-to-day basis. Additionally, SOOS has been instrumental in meeting the rigorous standards required for some certifications, improving both our compliance and security practices. **What do you dislike about SOOS?** I think SOOS should put more effort into advanced reporting options. It would be incredibly useful to have reports with customizable filters and detailed grouping options, such as listing projects that share a specific vulnerability or organizing projects by team. These features would greatly improve visibility and make it easier to prioritize and manage vulnerabilities across different projects. **What problems is SOOS solving and how is that benefiting you?** SOOS has played a key role in our certification processes, by providing essential testing tools that streamline compliance requirements. The integration with Vanta has further simplified our workflow by centralizing platform information, making it much easier to monitor, track, and maintain compliance across our systems. **Official Response from Emily Peden:** > We're glad to hear that SOOS has been helpful in maintaining constant analysis and streamlining your efforts to proactively fix vulnerabilities and licensing issues. We appreciate your feedback on advanced reporting options and are actively working on new and improved dashboards and additional reports. Please reach out to support@soos.io if you have additional requirements that we can consider for our roadmap and continued improvements. ### 6. Fantastic Application **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Computer & Network Security | Mid-Market (51-1000 emp.) **Reviewed Date:** July 31, 2025 **What do you like best about SOOS?** Pretty much everything. No complaints on anything. **What do you dislike about SOOS?** Nothing as such. Liked everything about it **What problems is SOOS solving and how is that benefiting you?** API security **Official Response from Emily Peden:** > We're thrilled to hear that you're enjoying SOOS and that it's meeting your needs for API security. Thank you for your positive feedback! ### 7. Soos is a Fantastic Overall Security Platform **Rating:** 5.0/5.0 stars **Reviewed by:** Brad W. | Small-Business (50 or fewer emp.) **Reviewed Date:** May 10, 2024 **What do you like best about SOOS?** Out of all of the security tools we have tried, Soos is by far the best platform for we have used for many reasons. The UI is thoughtfully constructed, making it simple to understand our vulnerabilities and create tickets to address them. Their integration with Github Actions is well executed, which makes it insanely easy to integrate with our CI and have tests written up exactly how we want them ans have them running within minutes. Another thing that has been great about Soos is their support and their team. They respond quickly to help with any issues, and always have thoughtful and useful replies. Soos's team also listens to this feedback to continuously add new features and make the experience better. **What do you dislike about SOOS?** I can't think of many downsides. Any problem we have had in the past has been addressed quickly by their Support and Engineering Team. I have never had that kind of experience with Security companies in the past, but the Soos team seems to really enjoy meeting/working with the people that use their platform. **What problems is SOOS solving and how is that benefiting you?** We were looking for a tool that could combine our DAST and SCA testing into one tool, that could easily integrate into the other tools we used. Soos did this perfectly while at its foundation also being a really great security tool itself that is easy for both setting up the tests and getting started, and for engineers to use to be alerted to vulnerabilties and quickly fix them. **Official Response from Kaitlyn Booth:** > Hi Brad, We're so glad you appreciate the T.L.C form our support and dev teams! You definitely hit the nail on the head, we truly love meeting our customers and working together to improve our platform. Best, Kaitlyn ### 8. I like the dashboard **Rating:** 5.0/5.0 stars **Reviewed by:** Camilo M. | Sysadmin, Information Technology and Services, Mid-Market (51-1000 emp.) **Reviewed Date:** February 12, 2024 **What do you like best about SOOS?** Integration with Jira I like, the vulnerabilites are easy to solve **What do you dislike about SOOS?** Nothing at the moment, everything is fine, but the support might be better **What problems is SOOS solving and how is that benefiting you?** I don't have any issues at the moment, and it helps us a lot in resolving vulnerabilities **Official Response from Kaitlyn Booth:** > Hi Camilo, We are greatly appreciative of you taking the time to leave us a review! It is great to hear you are getting so much value out of our Jira integration for streamlining the vulnerability resolution process. We put lots of effort into ensuring all of our customers feel fully supported so I am very sorry to hear that you feel the support offerings could be better. Please reach out to me at support@soos.io to let me know how we can improve your experience with SOOS support. Best, Kaitlyn ### 9. Exellent Software with a lot of usability **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Hospital & Health Care | Mid-Market (51-1000 emp.) **Reviewed Date:** May 30, 2024 **What do you like best about SOOS?** Ese of use and is very reliabl, and you can trust your scurity for you and your clients **What do you dislike about SOOS?** So far it is a software with a lot of facilities and I have not found anything I dislike about it. **What problems is SOOS solving and how is that benefiting you?** To find and solve vulnerabilities in an easier way. **Official Response from Emily Peden:** > Thank you so much for your review! We are thrilled to hear our tool has been easy to use and reliable. We love hearing from our customers so if you ever have a suggestion or a question about any of our features, please do not hesitate to reach out to support@soos.io. Thanks! -Emily ### 10. Centralized place to track and maintain the security Vulnerabilities and Project dependencies **Rating:** 4.5/5.0 stars **Reviewed by:** Velu S. | Head of Product, Mid-Market (51-1000 emp.) **Reviewed Date:** February 12, 2024 **What do you like best about SOOS?** Easy to set up and integrate with Azure DevOps tool to maintain and track the project dependencies and security vulnerabilities. **What do you dislike about SOOS?** Custom reports with more detailed dashboards can be improved. Lot of documentation has to be used to understand the product. Can add the short videos as link to each module could more easy for the users to onboard quickly **What problems is SOOS solving and how is that benefiting you?** This tool will help us to stay active with current vulnerabilities and license compliance violations in the product. We can able to deploy the product in more confident that previously. **Official Response from Kaitlyn Booth:** > Hi Velusamy, Thank you for taking the time to provide us with your feedback! We're please to hear that you find SOOS easy to set up and integrate with Azure DevOps and that we are helping you stay on top of your current (and future) vulnerabilities. We will take into consideration your suggestion to add short videos to enhance the onboarding process, we appreciate that input. We have work scheduled on our roadmap for later this year to provide more options for customized reports, keep a look out for future reporting announcements! If you have specific requests for the types of reports you would find most useful, we welcome you to send them to us at support@soos.io. Best, Kaitlyn ### 11. An exceptional experience. **Rating:** 5.0/5.0 stars **Reviewed by:** Rajat S. | Mid-Market (51-1000 emp.) **Reviewed Date:** November 08, 2023 **What do you like best about SOOS?** SOOS provides insights about new vulnerabilities and a mitigation tip as well which helps businesses to remediate the vulnerabilities and make them as best practices to prevent recurrence of those same vulnerabilities. **What do you dislike about SOOS?** I would like SOOS to introduce features for extracting reports in Excel like the number of projects onboard, number of vulnerabilities, etc. **What problems is SOOS solving and how is that benefiting you?** It provides the vulnerabilities while doing the code review. And ease of integration with products like JIRA and ease of creating automatic tickets after integration. Thereby benefiting the projects for a streamlined order to maintain the remediation work. **Official Response from Kaitlyn Booth:** > Hi Rajat! Thank you so much for taking your time to leave us a review and share your impressions of our SCA and DAST offerings! Your interest in a feature to allow for exporting of dashboard metrics is definitely a valuable one; this request has been added to our 2024 roadmap. Currently all SOOS accounts have access to export CSV files for individual scans displaying information about Vulnerabilities, Packages, Licenses, and DAST issues - read more here: https://kb.soos.io/help/soos-reports-for-export Feedback like yours is what helps us continue to make our tools meet the needs of our customers. We're always happy to hear any feedback, ideas, or feature requests you may have. All the best, Kaitlyn ### 12. SooS Review **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Pharmaceuticals | Mid-Market (51-1000 emp.) **Reviewed Date:** May 30, 2024 **What do you like best about SOOS?** Easy to setup and to use. Realiable results **What do you dislike about SOOS?** too restricted configuration, nbot flexible enough **What problems is SOOS solving and how is that benefiting you?** Analysis for security issue on multiple branch, which is crital in medical software development **Official Response from Emily Peden:** > Thank you so much for your review! We are happy to hear it was easy to set up and get scanning. We would also love to hear more about how we could help to make the configurations work better for you. Please reach out to support@soos.io and we would be happy to work through your suggestions to see if we might have a solution for you. Best, -Emily ### 13. Great onboarding experience **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Financial Services | Small-Business (50 or fewer emp.) **Reviewed Date:** October 24, 2023 **What do you like best about SOOS?** It was painless getting the DAST engine scanning our APIs, which really sets SooS apart from their competition. Having SCA in the same platform is really helpful as well in terms of creating a single pane of glass for AppSec. The SooS team was also very engaged during onboarding and made sure we chose the configuration and options that best suited our needs. **What do you dislike about SOOS?** Nothing negative to say about our experience at this point. **What problems is SOOS solving and how is that benefiting you?** SooS was a great fit for testing our API-first b2b platform. It has great support for the OWASP API Top 10, and integrates cleanly with the rest of our development toolchain. **Official Response from Kaitlyn Booth:** > Hi there! Thank you so much for taking your time to leave us a review and share your impressions of our SCA and DAST offerings! I’m thrilled to hear that you had such a good experience with our onboarding support and even more happy to hear that the ease of use for our DAST tool helps SOOS stand out from the crowd. Feedback like yours is what helps us continue to make our tools meet the needs of our customers. We're always happy to hear any feedback, ideas, or feature requests you may have. All the best, Kaitlyn ### 14. Great tool to keep compliance **Rating:** 4.5/5.0 stars **Reviewed by:** Carlos M. | S, Mid-Market (51-1000 emp.) **Reviewed Date:** February 16, 2024 **What do you like best about SOOS?** They are constantly adding options for integrations. the customer support is really efficient **What do you dislike about SOOS?** the getting started process is a little bit complicated **What problems is SOOS solving and how is that benefiting you?** SOOS provided us a very comprehensive tool to keep our controls with compliance. We achieved the SOC2 and Hitrust certification and helped with SOOS. **Official Response from Kaitlyn Booth:** > Hi Carlos, Thank you for taking some time to share your impressions of SOOS! We are pleased that you are getting such value using our tools, congrats on the SOC2 and Hitrust certifications! We take pride in our customer support and our continuing efforts to add new options for integrations and other add-on services for our customers. If you want to share your experiences with the complications you ran into while getting started we'd love to hear them so we can strive to make it better for future users. Send us a message at support@soos.io with any additional thoughts you have. Best, Kaitlyn ### 15. Intern's journey in using soos **Rating:** 4.5/5.0 stars **Reviewed by:** NAVEEN KUMAR P. | React Native Developer, Small-Business (50 or fewer emp.) **Reviewed Date:** February 24, 2024 **What do you like best about SOOS?** Soos dependency scanning helped in our project to find potential open source license issues. As an intern, it helped thing I didn’t know. **What do you dislike about SOOS?** Not anything particular. As intern its easy to use **What problems is SOOS solving and how is that benefiting you?** It helps to find the open source usage in project **Official Response from Kaitlyn Booth:** > Thank you for sharing your positive experience with SOOS! We're thrilled to hear that our dependency scanning feature has been helpful in identifying potential open source license issues in your project. We're glad to hear that it has been easy for you to use as an intern. If you have any further feedback or encounter any issues in the future, please don't hesitate to reach out to us. We're here to support you every step of the way. Thank you for choosing SOOS to help with your open source usage in the project. ### 16. I have been working as a software developer **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Computer Software | Mid-Market (51-1000 emp.) **Reviewed Date:** February 12, 2024 **What do you like best about SOOS?** I cand find the vulnerabilities easy that I have to fix on the project. **What do you dislike about SOOS?** currently everything I like, because It cover all that I need. **What problems is SOOS solving and how is that benefiting you?** I can the vulnerabilities quickly on the project. **Official Response from Kaitlyn Booth:** > It's great to hear that SOOS is effectively helping you identify and address vulnerabilities in your projects. We appreciate your feedback and are dedicated to supporting your security efforts. Best, Kaitlyn ### 17. SOOS **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Internet | Small-Business (50 or fewer emp.) **Reviewed Date:** February 12, 2024 **What do you like best about SOOS?** Good SBOM generation with information including some findings. Support to generate SBOM for multiple platforms with different languages **What do you dislike about SOOS?** Need to click generate SBOM and downlaoding after some time + individually **What problems is SOOS solving and how is that benefiting you?** SBOM generation **Official Response from Kaitlyn Booth:** > Hi there! We appreciate you so much for taking the time to leave us a review and we are very excited to hear you are getting so much use of the SOOS SBOM generation feature! Check out our SBOM Manager offering if you have third-party SBOMs that need to be monitored as well. SBOM Manager also gives you the power to compile individual project SBOMs into one master product SBOM for export. We do have options that you could explore that would alleviate your need to click to generate individual SBOMs and make it more automated. Reach out to us at support@soos.io so we can share the details and work with you to customize a plan to make SBOM generation more efficient. Best, Kaitlyn ### 18. Tool track security vulnerabilities **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Computer Software | Mid-Market (51-1000 emp.) **Reviewed Date:** February 15, 2024 **What do you like best about SOOS?** Supports npm, nuget and easy to find security vulnerabilities in the open source used in the project. Also, Soos suggest possible solutions and allows to download reports. **What do you dislike about SOOS?** Easy to use. No problem so far and still long way to go. **What problems is SOOS solving and how is that benefiting you?** used to track security vulnerabilities of various open sources used in project and helped to choose right version and right tools **Official Response from Kaitlyn Booth:** > Thank you for sharing your positive experience with SOOS. We're pleased to hear that it has been helpful in identifying security vulnerabilities and providing possible solutions. We'll continue to enhance our platform to better serve your needs. Best, Kaitlyn ### 19. Simple Tool for all you SCA and DAST needs. Support Team are amazing **Rating:** 4.5/5.0 stars **Reviewed by:** Chris S. | Mid-Market (51-1000 emp.) **Reviewed Date:** February 28, 2023 **What do you like best about SOOS?** Simple integration with all our Azure DevOps Pipelines. Easy to find the issues and gives suggestions on fixes making remediation very simple Dashboard is nice and simple and allows customisation. My Team like the tool which can be hard to please everyone **What do you dislike about SOOS?** DAST may not be as strong as some other offerings but still amazing value. DevOps Integration is not directly in the pipeline but minor issue that am sure will be resolved. Anything else in SOOS not to your liking, you can raise suggestions to support and they consider for addition in the future which is great as already seen some of these in only a few months of using the product. **What problems is SOOS solving and how is that benefiting you?** SOOS provides a single point of view of ALL our security vulnerabilities and Licensing issues. You instantly know how good or bad things are and what needs to be addressed that could be putting you at risk. **Official Response from Becca Newton:** > Hi Chris - we really appreciate you taking the time to review SOOS. We are so glad to hear you are getting value out of the product, and out of our support team. Users like you are what help us drive the direction of the product, so please don't hesitate to keep the suggestions coming! ### 20. Efficiently and Easily Manage Third-Party Code **Rating:** 5.0/5.0 stars **Reviewed by:** Arunabh R. | Chief Information Security Officer, Mid-Market (51-1000 emp.) **Reviewed Date:** January 27, 2023 **What do you like best about SOOS?** Very easy to set up and has a very good dashboard with insights into OSS licenses and vulnerabilities. I also liked that their tech team was open to ideas and enhancements and suggestions. **What do you dislike about SOOS?** There are a few features that can be extended like single click reports export of all projects but from my interaction with Soos, this is a feature under development. That said, it is also easy to export the reports one project at a time but is a manual effort and time-consuming. **What problems is SOOS solving and how is that benefiting you?** We started with one problem at hand i.e. license management of the OSS packages included in our codebase, then came the vulnerabilities associated with them. Our investors also wanted the license information so that they do not invest in an application that would fall under the public license domain just because certain OSS licenses mandate the code to be made public just by using them. Soos makes that curation part super easy. **Official Response from Becca Newton:** > Arunabh, thank you so much for taking the time to review SOOS. Glad we've been able to provide a good experience so far. We are always striving to make the product better, so please keep the feedback coming! ### 21. SOOS delivers everything we need for SCA & DAST **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Pharmaceuticals | Mid-Market (51-1000 emp.) **Reviewed Date:** June 07, 2023 **What do you like best about SOOS?** We loved that SOOS met all our base requirements for SCA & DAST. The product support and admin support has been wonderful. We have even had positive response about a future feature request we submitted. Hoping for many, many more great features to be added as the product develops. Awesome experience so far! **What do you dislike about SOOS?** We were a bit disappointed that SOOS did not have the Microsoft Azure DevOps integration built in yet. Having said that however, SOOS has committed to bringing this requirement into their roadmap. We are looking forward to seeing this soon! **What problems is SOOS solving and how is that benefiting you?** Initially SCA and understanding vulnerabilities within the software components. Now want to integrate it directly to Azure DevOps to make the experience even more seemless. **Official Response from Kaitlyn Booth:** > Hi there! Thank you so much for taking your time to leave us a review and share your impressions of our SCA and DAST offerings! Thank you for helping us highlight the importance of a more robust Azure DevOps integration for current and future customers like yourselves. We have added several items to our development roadmap in Q3&4 this year that we are looking forward to releasing to expand DevOps capabilities. Feedback like yours is what helps us continue to make our tools meet the needs of our customers. We're always happy to hear any feedback, ideas, or feature requests you may have. All the best, Kaitlyn ### 22. Really easy to integrate with SCA **Rating:** 5.0/5.0 stars **Reviewed by:** Gonzalo O. | Small-Business (50 or fewer emp.) **Reviewed Date:** February 08, 2023 **What do you like best about SOOS?** When we started using the tool we were surprised by how easy and intuitive it was to get started, as it only required some basic pipeline-setup knowledge and there are several examples available that truly "just work". We find the app-provided feedback to be super helpful and actionable. **What do you dislike about SOOS?** We didn’t find any particular low-lights, just a few small nuances, like some issues being listed as critical (that our team thinks are less critical), or having to manually add the product on each pipeline (as we have 100+ services), but this only has to be done once. **What problems is SOOS solving and how is that benefiting you?** We find the dashboard to be super helpful, as it allows us to easily order issues by criticity and provides the tree of dependencies. Furthermore it also provides several details on each issue & recommended steps to fix each instance.Finally we found the licensing report to be really important, and definitely adds value as it allows to quickly identify licensing implications (e.g. open software usage, incompatible licenses, etc.) **Official Response from Becca Newton:** > Gonzalo - thank you so much for taking the time to review SOOS! We appreciate your feedback, and are glad to hear the app feedback has been helpful. We appreciate all feedback, so please don't ever hesitate to reach out! ### 23. Complete evaluation of our applications **Rating:** 4.0/5.0 stars **Reviewed by:** Brallan G. | SRE & DevOps Engineer, Program Development, Mid-Market (51-1000 emp.) **Reviewed Date:** February 21, 2023 **What do you like best about SOOS?** With the integration we have in our pipelines, the ability to provide continuous assessment of software security as changes are made to the application and new dependencies are added has been very useful. Additionally, SOOS has been of great importance for our certification processes (Hitrust, SOC2) **What do you dislike about SOOS?** I think SOOS needs a dashboard with more complete reports, reports that allow filters and more specific groupings, for example listing the projects with the same vulnerability, grouping the projects by team would be very useful. **What problems is SOOS solving and how is that benefiting you?** SOOS has been of great importance for our certification processes (Hitrust, SOC2) as it provides us with part of the necessary tests, and the integration with Vanta makes things much easier for us by allowing us to centralize the information of our platforms. **Official Response from Becca Newton:** > HI Brallan - thank you for your review of SOOS. Happy to hear our tools have been helpful, especially in your certification processes! As for our dashboards, thanks for the feedback. We are actively working on updating our reporting, so stay tuned for more information on that. ### 24. Very useful tool when upgrading and updating existing old infrastructure. **Rating:** 4.0/5.0 stars **Reviewed by:** Jacob T. | Software Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** March 02, 2023 **What do you like best about SOOS?** Getting automated reports generated from Azure DevOps pipelines makes it extremely easy to implement into new or existing workflows and ensure that security concerns are recognised where they may not be otherwise. **What do you dislike about SOOS?** Some features of the website are unintuitive for new users. For example, it is unclear what will happen / needs to happen when a scan discovers packages it does not recognise. **What problems is SOOS solving and how is that benefiting you?** Currently completing a cloud migration and utilising SCA for security analysis whilst upgrading packages and brining tech debt under control. **Official Response from Becca Newton:** > Jacob - thanks for taking the time to review SOOS! We're excited to hear it's been helpful in upgrading your infrastructure. Thanks for the feedback on the new user experience, I will be sure to get this back to the team. Please don't ever hesitate to reach out with additional feedback. ### 25. The people are friendly and knowledgeable and they build software that is easy to use. **Rating:** 5.0/5.0 stars **Reviewed by:** Andrew C. | Small-Business (50 or fewer emp.) **Reviewed Date:** March 03, 2023 **What do you like best about SOOS?** The implementation was easy and the results are instant. The dashboard is great and allow us to quickly identify problem areas in our apps. **What do you dislike about SOOS?** I would like more feedback when I run the scans so that I dont have to visit the dashboard to get that information. **What problems is SOOS solving and how is that benefiting you?** They make it very easy to identify vulnerabilities in our apps. The clarity in which they present the information helps so that we know which vulnerabilities are a greater threat vs which are not. **Official Response from Becca Newton:** > Thank you for the great review of SOOS Andrew - we really appreciate it! We are always working on improving the platform, and I'll be sure to make the team aware of your concerns on having to consistently go back to the dashboard for information. If you have any other feedback you would like to share, please don't hesitate to contact us. ### 26. Simple and does exactly what we want, great support team **Rating:** 5.0/5.0 stars **Reviewed by:** David R. | Software Engineer, Small-Business (50 or fewer emp.) **Reviewed Date:** October 12, 2022 **What do you like best about SOOS?** The support team is quick to respond to our questions and suggestions to improve their software. Additionally, we have tested this product side-by-side with others in the industry and have found it performs better than many others, accurately finding and reporting things that some competing products did not. The flexibility on where and when the SOOS scans run is excellent and we believe their solution is setup in such a way to best handle growth in our company. **What do you dislike about SOOS?** The reporting, while accurate, leaves a lot to be desired in looks and accessibility. We brought up the fact that we would love to have formatted reports that we can easily hand to clients and have them understand with SOOS's support team and we were told this is a feature in development. Looking forward to the final product! **What problems is SOOS solving and how is that benefiting you?** SOOS takes a lot of time out of scanning and discovering coding and surface level security issues by running these scans for us and alerting us of issues discovered on a regular basis. **Official Response from Becca Newton:** > David, thank you so much for taking the time to provide a review of SOOS. We appreciate your feedback and are always striving to improve upon the product. Improved reporting is a priority for us, so stay tuned for more information coming soon! ### 27. A centralized place to analyze and fix our vulnerabilities **Rating:** 3.5/5.0 stars **Reviewed by:** Yvan C. | Mid-Market (51-1000 emp.) **Reviewed Date:** February 23, 2023 **What do you like best about SOOS?** A unique place where I can easily check the vulnerabilities we have on many repositories. The analysis is pretty quick and the platform well designed which is enable its friendly used. **What do you dislike about SOOS?** The platform is vast and I feel lost sometimes between the table. I need to spend more time on the documentation to understand it well. **What problems is SOOS solving and how is that benefiting you?** It enables me to fix the vulnerabilities I have in my repositories, mainly in the python libraries. **Official Response from Becca Newton:** > Thank you for your feedback Yvan, we truly appreciate it. We realize there is a lot of information on the SOOS platform, and are more than willing to spend some time walking through it. Please contact us if that would be helpful. Thanks! ### 28. Easy to Use Product with Good Support **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Computer Software | Mid-Market (51-1000 emp.) **Reviewed Date:** May 08, 2023 **What do you like best about SOOS?** It is easy to navigate around the website and setup integration with GitHub. The price is very affordable. **What do you dislike about SOOS?** While it may not have all of the same features as other software, they did already take our suggestion and released an update to include a feature we needed. **What problems is SOOS solving and how is that benefiting you?** The software is allowing us to find out what security issues we have with our code so that we can fix them. **Official Response from Kaitlyn Booth:** > Hi there - We really appreciate you taking the time to review SOOS! We are so glad to hear that the GitHub integration and app UI are easy to use and that you are getting value out of the product. I'm also happy we could improve your experience by adding a feature request. Users like you are what help us drive the direction of the product, so please don't hesitate to keep the suggestions coming! ### 29. Strong vulnerability management product, fast ui, and responsive team **Rating:** 4.5/5.0 stars **Reviewed by:** Matthew F. | Mid-Market (51-1000 emp.) **Reviewed Date:** June 09, 2023 **What do you like best about SOOS?** I liked how quickly feature requests were addressed. I really appreciate the speed of the solution, the ui doesn't drag at all. It's cheap! **What do you dislike about SOOS?** I wish there was stronger support for bitbucket, particularly automated PR requests. **What problems is SOOS solving and how is that benefiting you?** Managing open-source vulnerabilities and open-source licenses and supporting our SOC2 responsibilities around this. **Official Response from Kaitlyn Booth:** > Hi there! Thank you so much for taking your time to leave us a review and share your impressions of our SCA and DAST offerings! We absolutely want to expand to provide support for direct Bitbucket integration, much like the integration we offer now for GitHub. We've got a Bitbucket integration epic on our development roadmap and are chipping away in that direction. We'll send out an announcement when the time comes but please feel free to check in with us if you're interested in the status. We're also glad to hear SOOS is helping you keep your SOC2 tasks under control! All the best, Kaitlyn All the best, Kaitlyn ### 30. Still learning how to tune the product **Rating:** 3.0/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Small-Business (50 or fewer emp.) **Reviewed Date:** May 03, 2023 **What do you like best about SOOS?** Provides a nice way to manage supply chain defenses **What do you dislike about SOOS?** Seems to over-include packages, creating false positives for things that aren't in our BOM. Need to understand how to configure the system to get a more accurate result. Also, would like a CSV export of vulnerability data to make it possible to create necessary reports for stakeholders. **What problems is SOOS solving and how is that benefiting you?** Supply-chain defenses and management. **Official Response from Kaitlyn Booth:** > Hi there - Thank you for sharing your impressions on your use of our tool! I wanted to provide some insight regarding the inclusion of packages not directly declared in your BOM. By default SOOS inspects not only your direct dependencies, but also your transitive dependencies to ensure that we find any issues, including those lurking deep in your dependency tree. This can be a shock if you've been using other tools that only look at your direct dependencies. You can see this within the dependency tab of your project details along with the introduction paths that will tell you exactly where that dependency came from. That said, this dependency tree scan depth setting is customizable either globally or at the project level so you can configure your scans to only inspect direct dependencies if you would prefer that. Additionally, you can choose to include or ignore dev/test dependencies, and/or use lock files as the source for the dependency tree. We're confident in our abilities to locate issues and resolve dependencies, but if you think you found a problem, definitely let the support team know and we'll take a look. We are also more than happy to provide you guidance and resources so you can fine-tune your scans in a way that better fits your needs. You can get in touch with SOOS Support using the 'Help' link in the left nav. menu within the app or using the support widget found on our main site. As for CSV exports, these are on our list to be added soon! In the meantime we have many other export options, including SARIF, SPDX SBOMs, VEX, and CycloneDX SBOMs in a variety of file types (JSON, HTML, Text, HTML). ### 31. The SOOS toolset gives us peace of mind **Rating:** 5.0/5.0 stars **Reviewed by:** Smara F. | Director of Engineering, Mid-Market (51-1000 emp.) **Reviewed Date:** October 26, 2022 **What do you like best about SOOS?** Their product is easy to use and they iterate on it constantly. The team has been responsive and knowledgeable to any asks we've had in the past. SOOS allows us to shift left on security and make it part of our continuous delivery. **What do you dislike about SOOS?** Nothing so far. I don't love the fact that there are security vulnerabilities we need to deal with but knowing is better than not knowing and SOOS empowers our team with actionable security insights. **What problems is SOOS solving and how is that benefiting you?** Keeping our technology secure so that we can better serve our clients and their clients. **Official Response from Becca Newton:** > Smara, thank you for your support and feedback. As one of the earliest adopters of SOOS, your we can't thank you enough for your insights. ### 32. Quick setup and great insights **Rating:** 5.0/5.0 stars **Reviewed by:** Erik P. | CTO, Small-Business (50 or fewer emp.) **Reviewed Date:** November 17, 2022 **What do you like best about SOOS?** Configured an account and was up and running in minutes. The results allow us to proactively address vulnerabilities before they become concerns and will go a long way to supporting our secure development practices. **What do you dislike about SOOS?** I have not found a downside yet. We did have a slight delay in setting up one user but overall the process was smooth and easy. **What problems is SOOS solving and how is that benefiting you?** As we continuously improve our development practices and security profile, being proactive about library vulnerabilities and OSS licensing was our nextstep. **Official Response from Becca Newton:** > Erik, thank you for your support and feedback of SOOS! We are glad to hear you are having a positive experience so far. ### 33. SOOS SCA helps us ensure we are secure system wide all day every day **Rating:** 5.0/5.0 stars **Reviewed by:** David S. | Director of Strategic Acquisitions, Small-Business (50 or fewer emp.) **Reviewed Date:** November 15, 2022 **What do you like best about SOOS?** Easy and straightforward to use. From the easy plugins, to the excellent dashboard, the feature set helps us every day without taking a lot of time. This is very important as we could need to change our code at any time. **What do you dislike about SOOS?** Nothing specifically to dislike. The only thing I'd say is I hope SOOS keeps coming out with new features quickly, There is always something that helps us with new releases. The quicker, the better for us. **What problems is SOOS solving and how is that benefiting you?** Simply put, it reduces our risk and development time spent looking for vulnerabilities. The cost savings, both from risk and time savings, are enormous. This allows us to turn out features at a faster rate. **Official Response from Becca Newton:** > David, thank you for your support and feedback. We are glad to hear you are having a positive experience so far with SOOS. We continue to strive to get features out quickly, and always appreciate customer feedback, so please keep it coming! ### 34. SCA is really good we are able to integrate to our Pipeline **Rating:** 4.5/5.0 stars **Reviewed by:** pradeep j. | Sr. Architect, Mid-Market (51-1000 emp.) **Reviewed Date:** November 17, 2022 **What do you like best about SOOS?** Reports that is generated is very good and very user firendly **What do you dislike about SOOS?** Not able to schedule the scan as per the frequency of my need, frequency time is fixed which is not so user friendly **What problems is SOOS solving and how is that benefiting you?** We are able to generate the reports that are required for security release and tool is giving the complete list of packages what we have used along with licenses of the same **Official Response from Becca Newton:** > Pradeep, thank you for your review of SOOS. We appreciate the support and feedback. We are continuously looking for ways to improve the product, and will certainly take your frequency concerns into consideration. ### 35. Amazing and simple tool for SCA and DAST **Rating:** 4.5/5.0 stars **Reviewed by:** Jinal P. | Small-Business (50 or fewer emp.) **Reviewed Date:** March 01, 2023 **What do you like best about SOOS?** Easy to start with! Simple integration with Azure DevOps pipelines Easy to find issues and resolutions for the same Great support **What do you dislike about SOOS?** Nothing found till now! Overall Great experience! **What problems is SOOS solving and how is that benefiting you?** We scanned our next js source code and helped us to find and fix vulnerabilities and keep our Application and Source Code Secure. **Official Response from Becca Newton:** > Hi Jinal, thank you for taking the time to review SOOS! We are glad you are enjoying your experience with the tool. Please don't ever hesitate to reach out with questions or feedback. ### 36. One of best SCA tools **Rating:** 4.5/5.0 stars **Reviewed by:** Deepshikha C. | Small-Business (50 or fewer emp.) **Reviewed Date:** March 01, 2023 **What do you like best about SOOS?** It helped us get insights from others in our industry to make better, more informed decisions. **What do you dislike about SOOS?** None so far but it so vast so can make it better for ease of understanding. **What problems is SOOS solving and how is that benefiting you?** In our organization, it helped a lot to get the correct product by comparing it with other products and features. **Official Response from Becca Newton:** > Deepshikha, thank you so much for your review of SOOS! We know there is a lot of information to go through, and if it would be helpful to have someone walk you through it, please don't hesitate to contact us. We want to make sure you have the best experience as possible with the platform. ### 37. SOOS is the easy button for SCA. **Rating:** 5.0/5.0 stars **Reviewed by:** Jeff G. | Application Security Engineer **Reviewed Date:** September 29, 2022 **What do you like best about SOOS?** SOOS works about as well as Snyk or Sonatype for SCA, and at about 0.1% of the price. Their support has been super responsive and helpful when we have run into issues. **What do you dislike about SOOS?** They are early-stage and sometimes things don't quite work as you would expect, or there is missing data. But their support has been extremely responsive when we run into any bad data or usability issues and we've seen continuous improvements just in the few months we've been using the product. **What problems is SOOS solving and how is that benefiting you?** We are primarily using SOOS for the license analysis feature. We can scan every repository on every commit and analyze whether risky licenses (specified by the legal department) have been added to the project. **Official Response from Becca Newton:** > Jeff, thank you for your support, we're glad to hear you are enjoying SOOS so far. Please don't ever hesitate to reach out with additional feedback. Client input is critical to our success! ### 38. Amazing team and great tools! **Rating:** 5.0/5.0 stars **Reviewed by:** Heather D. | SVP, Technology, Mid-Market (51-1000 emp.) **Reviewed Date:** November 16, 2022 **What do you like best about SOOS?** We were fortunate enough to be a beta partner for SOOS and couldn't be happier. They have been extremely responsive and have made quick improvements based on some of our suggestions. The tools they offer are intuitive and easy to use - it's so helpful having all the information I need to make security related decisions at my fingertips on a single dashboard! **What do you dislike about SOOS?** Nothing. I love working with this company and their amazing team! **What problems is SOOS solving and how is that benefiting you?** It helps give me the information I need to prioritize security vulnerabilities and fixes **Official Response from Becca Newton:** > Heather, thank you for taking the time to review the SOOS DAST Tool. As one of our earliest adopters, your feedback in extremely valuable. We appreciate your support! ### 39. SOOS has integrations with the software artefact distribution capabilities of RKVST. **Rating:** 5.0/5.0 stars **Reviewed by:** Robert B. | Co-Founder & VP Business Development, Small-Business (50 or fewer emp.) **Reviewed Date:** November 21, 2022 **What do you like best about SOOS?** Very easy to get started and follow guidelines to begin sharing artefacts **What do you dislike about SOOS?** Nothing to dislike here, this is how all SCA tool should be. **What problems is SOOS solving and how is that benefiting you?** Meeting comlpliance to regulations that call for sharing of software supply chain artefacts. **Official Response from Becca Newton:** > Rob - thank you for your support of SOOS! Our RKVST integration is a wonderful way to share SBOMs and we are excited to offer it as an option to our customers. ### 40. SOOS keeps our code safe **Rating:** 5.0/5.0 stars **Reviewed by:** Hank B. | CTO, Small-Business (50 or fewer emp.) **Reviewed Date:** November 17, 2022 **What do you like best about SOOS?** Really friendly UI - loads of info. Support was also great. **What do you dislike about SOOS?** Sometimes too much info but other than that it's great **What problems is SOOS solving and how is that benefiting you?** It keeps our inventory current - and very easy to show customers **Official Response from Becca Newton:** > Hank - thank you so much for taking the time to review SOOS! I'm glad to hear you are enjoying your experience so far. Please don't hesitate to reach out with any feedback! ### 41. SOOS - A diamond discovery... **Rating:** 5.0/5.0 stars **Reviewed by:** Marlon B. | CTO, Small-Business (50 or fewer emp.) **Reviewed Date:** December 13, 2021 **What do you like best about SOOS?** Giving Legal, IT, developers, & management peace of mind for only $99/month - it's a fantastic value at an unbelievable price. We've tested SOOS against the biggest companies out there who are providing the same features and the results are awesome. Why pay hundreds of dollars per month for 10 users when you can go unlimited with SOOS for only $99/month? **What do you dislike about SOOS?** There's nothing to dislike - they respond with gusto whenever there's a question or a possible issue. **Recommendations to others considering SOOS:** Start using it now, even if you're using a competitive product. At $99/month it's a no-brainer to see first-hand the value it delivers. Give it a try for a few months and watch your team gravitate towards SOOS and away from the other product you were using... then watch your bottom line expand as you focus your monthly spend away from those other products and towards SOOS. $99/month! **What problems is SOOS solving and how is that benefiting you?** We needed certainty that our software wasn't leveraging open source components that have known vulnerabilities; SOOS definitely handles this with ease. We also needed to know if a new library was introduced that violated our software license policies; again, SOOS delivered and continues to deliver. **Official Response from Becca Newton:** > Marlon, thank you for your support and feedback. We are happy you are enjoying SOOS and hope you continue to reach out with any feedback you have! ### 42. SOOS - you can't afford not to. **Rating:** 5.0/5.0 stars **Reviewed by:** Jim B. | SVP, Small-Business (50 or fewer emp.) **Reviewed Date:** December 14, 2021 **What do you like best about SOOS?** Cost-effective for startups. I always put off scanning my open-source libraries because the cost was too high to bear. SOOS takes that off the table. **What do you dislike about SOOS?** It's a young product, but continuous improvement and customer focus means new releases frequently have the features or corrections we requested. **What problems is SOOS solving and how is that benefiting you?** Clear understanding of open-source vulnerabilities in our code. **Official Response from Emily Peden:** > Thank you for your feedback! We are committed to continuous improvement and customer satisfaction, and we're glad to hear that our efforts are making a difference for you. - [View SOOS pricing details and edition comparison](https://www.g2.com/products/soos/reviews?section=pricing&secure%5Bexpires_at%5D=2026-05-24+13%3A13%3A43+-0500&secure%5Bsession_id%5D=7e5f1ead-e9f5-43e3-9c5b-0a41e8e5c272&secure%5Btoken%5D=fb70c0b8dfd3adebfc595929155f4ba2577a1409a48a3df4d6fd3c7361ae6b6e&format=llm_user) ## SOOS Features **Administration** - API / Integrations - Extensibility **Functionality - Software Composition Analysis ** - Language Support - Integration - Transparency **Security** - Tampering - Malicious Code - Verification - Security Risks **Functionality - Software Bill of Materials (SBOM)** - Format Support - Annotations - Attestation **Analysis** - Reporting and Analytics - Issue Tracking - Static Code Analysis - Vulnerability Scan - Code Analysis **Effectiveness - Software Composition Analysis** - Remediation Suggestions - Continuous Monitoring - Thorough Detection **Tracking** - Bill of Materials - Audit Trails - Monitoring **Management - Software Bill of Materials (SBOM)** - Monitoring - Dashboards - User Provisioning **Testing** - Test Automation - Compliance Testing - Black-Box Scanning - Detection Rate - False Positives ## Top SOOS Alternatives - [Snyk](https://www.g2.com/products/snyk/reviews) - 4.5/5.0 (132 reviews) - [Mend.io](https://www.g2.com/products/mend-io/reviews) - 4.3/5.0 (105 reviews) - [GitHub](https://www.g2.com/products/github/reviews) - 4.7/5.0 (2,284 reviews)