We performed a comparison between Snyk and Trend Micro Cloud One based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Snyk is highly regarded for its developer-friendly approach, seamless integration, and ability to automatically generate pull requests. It particularly shines in software composition analysis and supports container usage. Trend Micro Cloud One is praised for its extensive range of features, strong vulnerability protection, and real-time server security. Snyk users say the solution could improve in terms of compatibility and reporting while expanding its vulnerability database. Trend Micro Cloud One should focus on providing equal support for AWS and Azure and enhance its automation capabilities.
Service and Support: Reviewers say Snyk should overhaul how it organizes and prioritizes requests. Trend Micro Cloud One was commended for its exceptional and easily accessible technical support. Users value the expertise and knowledge of the Trend Micro team.
Ease of Deployment: Most Snyk users found the setup process uncomplicated, but some needed professional guidance. Difficulties arose when collaborating with multiple developers and integrating Snyk with specific tools. Some found Trend Micro Cloud One easy to set up, while others found it complicated. It could pose challenges for individuals without a background in IT or information security. The deployment time varied depending on the complexity of the system.
Pricing: Snyk has a higher setup cost than other solutions, while Trend Micro Cloud One falls in the middle. Snyk offers a free open-source version, whereas additional services for Trend Micro Cloud One come at an added cost. The view of Trend Micro Cloud One's pricing is generally positive.
ROI: Snyk provides a budget-friendly option for detecting vulnerabilities in open-source software, which may offset yearly subscription costs. Trend Micro Cloud One offers a versatile return on investment and smooth integration without any reported issues.
Comparison Results: Snyk emerges as the favored choice compared to Trend Micro Cloud One. Users like Snyk's developer-oriented approach and valuable functionalities like automatic pull requests and software composition analysis. They also highlight its compatibility with containers and accurate identification of security vulnerabilities. Trend Micro Cloud One users want more automation and a more comprehensive feature set.
"The most valuable features include enriched information around the vulnerabilities for better triaging, in terms of the vulnerability layer origin and vulnerability tree."
"Snyk has given us really good results because it is fully automated. We don't have to scan projects every time to find vulnerabilities, as it already stores the dependencies that we are using. It monitors 24/7 to find out if there are any issues that have been reported out on the Internet."
"The solution's Open Source feature gives us notifications and suggestions regarding how to address vulnerabilities."
"We have integrated it into our software development environment. We have it in a couple different spots. Developers can use it at the point when they are developing. They can test it on their local machine. If the setup that they have is producing alerts or if they need to upgrade or patch, then at the testing phase when a product is being built for automated testing integrates with Snyk at that point and also produces some checks."
"It has a nice dashboard where I can see all the vulnerabilities and risks that they provided. I can also see the category of any risk, such as medium, high, and low. They provide the input priority-wise. The team can target the highest one first, and then they can go to medium and low ones."
"It has improved our vulnerability rating and reduced our vulnerabilities through the tool during the time that we've had it. It's definitely made us more aware, as we have removed scoping for existing vulnerabilities and platforms since we rolled it out up until now."
"Snyk categorizes the level of vulnerability into high, medium, and low, which helps organizations prioritize which issues to tackle first."
"The CLI feature is quite useful because it gives us a lot of flexibility in what we want to do. If you use the UI, all the information is there and you can see what Snyk is showing you, but there is nothing else that you can change. However, when you use the CLI, then you can use commands and can get the output or response back from Snyk. You can also take advantage of that output in a different way. For the same reason, we have been using the CLI for the hard gate in the pipeline: Obtain a particular CDSS score for vulnerability. Based on that information, we can then decide if we want to block or allow the build. We have more flexibility if we use the CLI."
"The stability is quite good."
"The product helps us understand our environment better."
"I really like Trend Vision One - Cloud Security's dashboard."
"The tech support is excellent. They really know their products. They also know a lot of about the integrations between different solutions."
"Vision One is versatile and can be integrated with many SIEMs. You're not limited to only one SIEM, such as Microsoft Sentinel. The API integrations are seamless, and we have all the documentation needed to integrate Vision One via API."
"The most valuable features are intrusion prevention and anti-malware capabilities."
"The the most valuable feature is the scanning engine. It does not impact server performance. It's very lightweight."
"Virtual patching is one of the key features, which is executed with their IPS."
"We were using Microsoft Docker images. It was reporting some vulnerabilities, but we were not able to figure out the fix for them. It was reporting some vulnerabilities in the Docker images given by Microsoft, which were out of our control. That was the only limitation. Otherwise, it was good."
"We have to integrate with their database, which means we need to send our entire code to them to scan, and they send us the report. A company working in the financial domain usually won't like to share its code or any information outside its network with any third-party provider."
"The way Snyk notifies if we have an issue, there are a few options: High vulnerability or medium vulnerability. The problem with that is high vulnerabilities are too broad, because there are too many. If you enable notifications, you get a lot of notifications, When you get many notifications, they become irrelevant because they're not specific. I would prefer to have control over the notifications and somehow decide if I want to get only exploitable vulnerabilities or get a specific score for a vulnerability. Right now, we receive too many high vulnerabilities. If we enable notifications, then we just get a lot of spam message. Therefore, we would like some type of filtering system to be built-in for the system to be more precise."
"DAST has shortcomings, and Snyk needs to improve and overcome such shortcomings."
"It would be great if they can include dynamic, interactive, and run-time scanning features. Checkmarx and Veracode provide dynamic, interactive, and run-time scanning, but Snyk doesn't do that. That's the reason there is more inclination towards Veracode, Checkmarx, or AppScan. These are a few tools available in the market that do all four types of scanning: static, dynamic, interactive, and run-time."
"A feature we would like to see is the ability to archive and store historical data, without actually deleting it. It's a problem because it throws my numbers off. When I'm looking at the dashboard's current vulnerabilities, it's not accurate."
"Scalability has some issues because we have a lot of code and its use is mandatory. Therefore, it can be slow at times, especially because there are a lot of projects and reporting. Some UI improvements could help with this."
"Basically the licensing costs are a little bit expensive."
"The dashboard should be a bit more intuitive."
"The initial setup can be complex for the inexperienced."
"Trend Vision One - Cloud Security could improve connections with different types of authentication and user groups concerning cloud services."
"The local agent should be able to show more logs. At present, the logs are only available from the web console and not from the local agent."
"The initial setup is easy for someone who operates container platforms on a daily basis. However, it could be difficult for those coming purely from informational security or another field of an IT."
"Securing S3 using Trend Vision One - Cloud Security can cost too much. Trend Vision One - Cloud Security has a tool that requires lots of privileges. From my understanding, it's only for static application testing, so they need to add dynamic application testing, and there should be more collaboration with the application testing tools on the market. We have not used this product, and I don't know if they plan to decommission it or something. They should focus on application security because this tool's unique feature is multi-cloud support. However, they should improve integration with tools for these kinds of use cases, especially application security and dynamic scanning. For example, I would like it to support Dell SecureOps. I'd also like to see some enhancements to API gateway security."
"They should provide a way for users to see violations for specific compliance."
"The workbook insights generate a massive list, making it inconvenient to review."
More Trend Vision One - Cloud Security Pricing and Cost Advice →
Snyk is ranked 4th in Application Security Tools with 41 reviews while Trend Vision One - Cloud Security is ranked 13th in Application Security Tools with 17 reviews. Snyk is rated 8.2, while Trend Vision One - Cloud Security is rated 8.6. The top reviewer of Snyk writes "Performs software composition analysis (SCA) similar to other expensive tools". On the other hand, the top reviewer of Trend Vision One - Cloud Security writes "We can quickly deploy cloud conformity, provides good visibility, and control". Snyk is most compared with SonarQube, Black Duck, GitHub Advanced Security, Fortify Static Code Analyzer and Veracode, whereas Trend Vision One - Cloud Security is most compared with Microsoft Defender for Cloud, AWS GuardDuty, Check Point Harmony Email & Collaboration, Prisma Cloud by Palo Alto Networks and AWS Security Hub. See our Snyk vs. Trend Vision One - Cloud Security report.
See our list of best Application Security Tools vendors and best Container Security vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
