Name: Snyk Code
Rating: 4.3 (135 reviews)

Overview

Product Information on Snyk Code

Updated 2nd April 2024

What is Snyk Code?

Snyk Code is a developer-first SAST solution that keeps pace with modern development, analyzing source code directly with speed and accuracy across the software development lifecycle (SDLC). Snyk’s DeepCode AI engine performs in-depth scans involving single-file, interfile, and data flow analysis in real time, ensuring accurate scans that remove false positive results and earn developer trust. In addition to providing visibility and governance during development, Snyk Code reduces vulnerability backlogs and time-to-fix by providing developers with actionable fixes in-line with code in their IDE, CLI, and pull request workflows.

Overall experience with Snyk Code

Security Analyst

500M - 1B USD, Software

FAVORABLE

“Dynamic Outbound IPs Hinder Snyk Code Integration With Corporate Security Controls”

4.0

May 10, 2026

I've had a very positive experience with Snyk Code overall, the platform is easy to integrate into existing development workflows and provides actionable security insights without slowing down developers. The IDE integrations and pull request feedback are especially useful for catching issues early in the development lifecycle.

Security

<50M USD, Software

CRITICAL

“Snyk Offers Effective Code Security Controls and Developer Feedback Integration”

3.0

Oct 21, 2025

Snyk provides the security controls we require to ensure the code deployed meets our desired security standards.

About Company

Company Description

Snyk specializes in providing security solutions that enable security teams and developers to work together to reduce application risk and speed software delivery. By integrating application security into developers' workflows, Snyk aims to help organizations secure their applications from code creation to cloud deployment. The end-to-end view of applications gives developers and security the shared perspective to improve security posture, while enhancing developers' productivity, preventing issues early in the development cycle, and allowing for the fastest response when security events like zero days occur.

Company Details

Company type

Private

Year Founded

2015

Head office location

Boston, United States

Number of employees

501 - 1000

Website

https://snyk.io/what-is-snyk/

Do You Manage Peer Insights at Snyk?

Access Vendor Portal to update and manage your profile.

Key Insights

A Snapshot of What Matters - Based on Validated User Reviews

User Sentiment About Snyk Code

Reviewer Insights for: Snyk Code

Deciding Factors: Snyk Code Vs. Market Average

Performance of Snyk Code Across Market Features

Snyk Code Likes & Dislikes

The platform is intuitive, easy to integrate into existing development workflows, and provides valuable security insights without negatively impacting developer productivity. What I like most about the product is how developer-friendly it is, especially the seamless integrations with IDEs, repositories and CI/CD pipelines, which make adoption very straightforward across teams. I also appreciate the quality and clarity of the security findings, since the contextual reocmmendations and remediation guidance help developers undesrstand and fix issues quickly. Another strong point is the real-time feedback during development and pull requests, allowing vulnerabilities and code risks to be identified early without disrupting the workflow.

Commit and deployment pipeline integration - Actionable feedback for developers - Integration with our defect management system

Developer-friendly experience - Clear, contextual findings with remediation guidance that developers can act on without deep security expertise. Strong IDE and CI/CD integrations - Enables early detection of issues directly in the developer workflow, supporting shift-left security. Accurate static analysis - Snyk Code provides meaningful signal with fewer false positives compared to several traditional SAST tools.

One of the main issues we experienced is that the outbound IP addresses used for scanning code... (GitHub repositories) are dynamic because they originate from the Google Cloud Snyk infrastructure. In enterprise environments, this makes it difficult to properly identify and whitelist legitimate Snyk traffic, and it can trigger internal security alerts related to large-scale repository access or repository dump exfiltration. Having an option for fixed or dedicated outbound IP ranges would significantly improve integration with corporate security controls. Another area that could be improved is the amount of noise generated by some findings, esmecially in large projects where prioritization becomes challenging. While the detection capabilities are strong, reducing false positives and iomproving risk-based prioritization would help teams focus faster on the most critical issues. We also found that reporting and customization capabilities could be more flexible for entrerprise use cases. In some scenarios, creating highly tailored dashboards, exports and workflows for different teams requires additional manual work compared to other security platforms.

Additional cost for open source scanning - Filtering of results could be more intuitive

Reporting customization is limited, policy tuning can be challenging at scale, and clarifying feature overlap across the broader Snyk platform can require additional effort.

Top Snyk Code Alternatives

4.5

(409 Ratings)

4.6

(401 Ratings)

4.8

(318 Ratings)

View All Alternatives

Peer Discussions

Snyk Code Reviews and Ratings

4.3

(135 Ratings)

Rating Distribution

5 Star: 53%
4 Star: 41%
3 Star: 3%
2 Star: 1%
1 Star: 1%

Customer Experience

Evaluation & Contracting

4.4

Integration & Deployment

4.5

Service & Support

4.5

Product Capabilities

4.5

Filter Reviews

Sort By:

Most helpful

Last 12 Months

Star Rating

Reviewer Type

Reviewer's Company Size

Reviewer's Industry

Reviewer's Region

Reviewer's Job Function

Security Analyst
50M-1B USD
Software
Review Source
Dynamic Outbound IPs Hinder Snyk Code Integration With Corporate Security Controls
4.0
May 10, 2026
I've had a very positive experience with Snyk Code overall, the platform is easy to integrate into existing development workflows and provides actionable security insights without slowing down developers. The IDE integrations and pull request feedback are especially useful for catching issues early in the development lifecycle.
Software Developer
10B+ USD
Finance (non-banking)
Review Source
Strong Developer-Focuses SAST with Solid Integrations
4.0
May 8, 2026
Overall our experience with Snyk Code has been positive. The product integrates well into developer workflows, provides actionable findings with relatively low false positives, and supports shifting security left. Areas for improvement include reporting customization and greater flexibility in policy tuning for larger or more complex codebases.
IT Security & Risk Management Associate
10B+ USD
Consumer Goods
Review Source
A Developer First SAST Platform That Truly Shifts Left, But Requires Strong Governance To Scale Effectively
5.0
May 4, 2026
Snyk Code has helped our organization truly shift-left, providing scanning and remediation support with different integration points such as an IDE plugin, a CLI, and a WebUI.
IT Security & Risk Management Associate
1B-10B USD
Transportation
Review Source
Smooth integration and responsive support enable vulnerability management, but contextual severity settings need work
4.0
May 28, 2026
The overall experience has been exceptional. The support team is responsive, the product integrates well with what we are doing and they've continued to evolve and develop the solution to meet our needs.
IT Security & Risk Management Associate
50M-1B USD
Media
Review Source
Usability and technical breadth drive strong coverage in application security
5.0
May 15, 2026
In my 15+ years as an application security engineer, I feel the usability and technical breadth of the Snyk Platform is what makes Snyk a leader in AppSec. Snyk recent investments in AI and Agentic SDLC is highly encouraging as we all embrace this evolving technology.

...

Showing Result 1-5 of 137

Recommended Gartner Insights

This service may contain translations provided by Google. Google disclaims all warranties related to the translations, express or implied, including any warranties of accuracy, reliability, and any implied warranties of merchantability, fitness for a particular purpose and noninfringement. Gartner's use of this provider is for operational purposes and does not constitute an endorsement of its products or services.

Overview

Product Information on Snyk Code

What is Snyk Code?

Snyk Code Pricing

Snyk Code Product Images

Overall experience with Snyk Code

“Dynamic Outbound IPs Hinder Snyk Code Integration With Corporate Security Controls”

“Snyk Offers Effective Code Security Controls and Developer Feedback Integration”

About Company

Company Description

Company Details

Key Insights

A Snapshot of What Matters - Based on Validated User Reviews

User Sentiment About Snyk Code

Reviewer Insights for: Snyk Code

Deciding Factors: Snyk Code Vs. Market Average

Performance of Snyk Code Across Market Features

Snyk Code Likes & Dislikes

Top Snyk Code Alternatives

1. Veracode

2. Checkmarx SAST

3. Fluid Attacks Continuous Hacking

Peer Discussions

Snyk Code Reviews and Ratings

4.3

(135 Ratings)

Rating Distribution

Customer Experience

Product Capabilities

Dynamic Outbound IPs Hinder Snyk Code Integration With Corporate Security Controls

Strong Developer-Focuses SAST with Solid Integrations

A Developer First SAST Platform That Truly Shifts Left, But Requires Strong Governance To Scale Effectively

Smooth integration and responsive support enable vulnerability management, but contextual severity settings need work

Usability and technical breadth drive strong coverage in application security

Recommended Gartner Insights

User Sentiment About Snyk Code

Reviewer Insights for: Snyk Code

Deciding Factors: Snyk Code Vs. Market Average

Performance of Snyk Code Across Market Features

Snyk Code Likes & Dislikes