We performed a comparison between GitHub and Snyk based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The features that I have found most valuable are that it can support you for most of the road map and it can automate some tasks which works really well with collaboration with the teams. They are really interested in how they organize the history of the code itself which is good."
"We can make a private repository."
"Any complex banking can be handled very easily in GitHub. It allows us to integrate with tools like Grid, where we can merge and resolve conflicts without any hassle."
"GitHub's source code management is top-notch. It's easy to inspect changes and visualize code and differences. Their action system is comprehensive in terms of making changes and automation."
"A great feature is being able to have different repositories and different kinds of projects in a single solution at a single time. It's just a click away."
"The code versioning is excellent, and having a detailed log, including every change made to the code by every developer, is invaluable. It makes it so that if there is a bug or problem in the product channel, we can find exactly where it happened and how to fix it."
"The most valuable features are GitHub are the standard features, they are very useful."
"We use GitHub instead of our regular shared drive. It offers instant access to shared folders as well as good security."
"Snyk is a developer-friendly product."
"It's very easy for developers to use. Onboarding was an easy process for all of the developers within the company. After a quick, half-an-hour to an hour session, they were fully using it on their own. It's very straightforward. Usability is definitely a 10 out of 10."
"The most valuable feature is that they add a lot of their own information to the vulnerabilities. They describe vulnerabilities and suggest their own mitigations or version upgrades. The information was the winning factor when we compared Snyk to others. This is what gave it more impact."
"Snyk categorizes the level of vulnerability into high, medium, and low, which helps organizations prioritize which issues to tackle first."
"The product's most valuable features are an open-source platform, remote functionality, and good pricing."
"It has a nice dashboard where I can see all the vulnerabilities and risks that they provided. I can also see the category of any risk, such as medium, high, and low. They provide the input priority-wise. The team can target the highest one first, and then they can go to medium and low ones."
"I think all the standard features are quite useful when it comes to software component scanning, but I also like the new features they're coming out with, such as container scanning, secrets scanning, and static analysis with SAST."
"We use Snyk to check vulnerabilities and rectify potential leaks in GitHub."
"GitHub could expand the limits of the free version."
"The product must document the CI/CD process more."
"The only thing I see missing in GitHub is that it isn't very user friendly for key personnel who don't have in-depth, technical knowledge. In Jira, there are many functions to upload our test cases, and in GitHub we can only do it manually. There are functions which can be used to upload different files, but that still requires some technical knowledge. A layman cannot do it."
"The onboarding process could be simplified."
"GitHub uses basic configuration, but messaging is not clear."
"It would be beneficial if GitHub provided some security scanning for new libraries to ensure that there are no viruses in it."
"The storage for this solution could be improved."
"GitHub needs to improve its UI."
"I think Snyk should add more of a vulnerability protection feature in the tool since it is an area where it lacks."
"A feature we would like to see is the ability to archive and store historical data, without actually deleting it. It's a problem because it throws my numbers off. When I'm looking at the dashboard's current vulnerabilities, it's not accurate."
"The solution's integration with JFrog Artifactory could be improved."
"The product is very expensive."
"I would like to give further ability to grouping code repositories, in such a way that you could group them by the teams that own them, then produce alerting to those teams. The way that we are seeing it right now, the alerting only goes to a couple of places. I wish we could configure the code to go to different places."
"DAST has shortcomings, and Snyk needs to improve and overcome such shortcomings."
"Compatibility with other products would be great."
"All such tools should definitely improve the signatures in their database. Snyk is pretty new to the industry. They have a pretty good knowledge base, but Veracode is on top because Veracode has been in this business for a pretty long time. They do have a pretty large database of all the findings, and the way that the correlation engine works is superb. Snyk is also pretty good, but it is not as good as Veracode in terms of maintaining a large space of all the historical data of vulnerabilities."
GitHub is ranked 12th in Application Security Tools with 69 reviews while Snyk is ranked 4th in Application Security Tools with 41 reviews. GitHub is rated 8.6, while Snyk is rated 8.2. The top reviewer of GitHub writes "Beneficial version control and continuous integration, but guides would be helpful". On the other hand, the top reviewer of Snyk writes "Performs software composition analysis (SCA) similar to other expensive tools". GitHub is most compared with AWS CodeCommit, Bitbucket, Fortify on Demand, Atlassian SourceTree and Checkmarx One, whereas Snyk is most compared with SonarQube, Black Duck, GitHub Advanced Security, Fortify Static Code Analyzer and Mend.io. See our GitHub vs. Snyk report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.