Overview
Product Information on Snyk Open Source
What is Snyk Open Source?
Snyk Open Source Pricing
Snyk Open Source Product Images
Overall experience with Snyk Open Source
“Continuous Code Scanning and Security Screening Features with Good Reporting”
“Traditional SCA Solution Faces Modern Challenges”
About Company
Company Description
Snyk specializes in providing security solutions that enable security teams and developers to work together to reduce application risk and speed software delivery. By integrating application security into developers' workflows, Snyk aims to help organizations secure their applications from code creation to cloud deployment. The end-to-end view of applications gives developers and security the shared perspective to improve security posture, while enhancing developers' productivity, preventing issues early in the development cycle, and allowing for the fastest response when security events like zero days occur.
Company Details
Do You Manage Peer Insights at Snyk?
Access Vendor Portal to update and manage your profile.
Key Insights
A Snapshot of What Matters - Based on Validated User Reviews
Reviewer Insights for: Snyk Open Source
Deciding Factors: Snyk Open Source Vs. Market Average
Performance of Snyk Open Source Across Market Features
Snyk Open Source Likes & Dislikes
The CLI scanning tools are very powerful. The UI is intuitive and has very good reporting dashboards. The API is powerful and can be used for data extraction. There are multiple integrations available such as Jira, GitHub, BitBucket, Artifactory.
Easy to deploy, results are pretty accurate and customizable for most needs related to vulnerabilities and license checks. Also (I think) that they support the highest number of technologies when compared to other SCA solutions in the market.
After running a scan, automatic checks compare the used dependencies with new vulnerabilities regularly without any interaction. If vulnarabilities occur, alert mails are send so the issue can be address fast.
Sometimes, when importing repos into Snyk, the import fails but the reason is not obvious. This can be due to dependencies not being accessible - for example, they are in Artifactory - or because the version of the tools (python, java) or package manager (e.g. npm, maven) used in the repo don't match the versions used by Snyk.
When talking about large scale, they had many issues with the integration to GitHub such as rate limit issues, failing scans, etc. The product is also unaware of the code context without a runtime agent and its reachability checks aren't good enough.
The scan process does not address relationships in multi project builds so duplicate alerts are send for the same issue in all downstream projects
Top Snyk Open Source Alternatives
Peer Discussions
Snyk Open Source Reviews and Ratings
- IT Security & Risk Management AssociateGov't/PS/EdEducationReview Source
Continuous Code Scanning and Security Screening Features with Good Reporting
Snyk is used to continuously scan our code base as well as providing security screening by means of the Pull Request Checks. The interface and API provide a great way to manage vulnerability issues. - PRINCIPAL SOFTWARE ENGINEER<50M USDIT ServicesReview Source
Automatic Alerts Enable Fast Response to New Vulnerabilities in Dependencies
Easy to set up (just install scanner, authenticate, run monitor), UI is informative and easy to read. Automatic mails with alerts help to address issues fast - Cybersecurity Analyst<50M USDTransportationReview Source
Security Analysts Find Snyk Useful but Note Missing Task Tracking Capabilities
Snyk has proven quite useful for us to enable code security. Its features and integrations give you the ease of managing code vulnerabilities and mitigation operations. - Software Development Manager50M-1B USDSoftwareReview Source
Heavily easy to take into use
This is a truly developer friendly tool, very easy to onboard and get results - Head of Platform Engineering<50M USDSoftwareReview Source
Great tooling with comprehensive support and solid customer service.
Great product, great onboarding. They listen to your feedback well and offer hands on support when you ask for it.