We performed a comparison between Aqua Security Platform and Snyk based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Aqua Security Platform is highly appreciated for its ability to secure container images, identify vulnerabilities, and detect malware. Snyk is acclaimed for being developer-friendly, offering automatic pull request creation and software composition analysis. Aqua Security Platform could improve by automating reporting and log forwarding. Users also complain that it is too resource-heavy. Snyk could focus on improving compatibility and reporting capabilities. Reviewers said that Snyk could automate remediation and simplify functions.
Service and Support: Aqua Security Platform's customer service is generally considered prompt and supportive, but some users reported that they had to fix some issues themselves. Some users said Snyk's customer service should improve the way it organizes and prioritizes support tickets.
Ease of Deployment: Users reported varying levels of difficulty with Aqua's setup process, with some saying the solution required specialized knowledge. Snyk's setup was generally considered straightforward, with some variations depending on specific circumstances.
Pricing: Aqua Security Platform is moderately priced. Snyk is considered expensive, particularly for smaller companies. However, some users said the pricing was manageable for larger enterprises.
ROI: Snyk offers a budget-friendly solution that has the potential to offset annual subscription costs by addressing bugs faster. Users offered limited feedback on the ROI for Aqua Security Platform.
Comparison Results: Our users prefer Snyk over Aqua Security Platform. Users appreciate Snyk's straightforward setup and developer-friendly approach. Snyk offers valuable features like scanning, automatic pull requests, and software composition analysis.
"The solution was very user-friendly."
"The CSPM product is great at securing our cloud accounts and I really like the runtime protection for containers and functions too."
"The most valuable feature is the security."
"From what I understand, the initial setup is simple."
"Aqua Security allowed us to gain visibility into the vulnerabilities that were present in the container images, that were being rolled out, the amount of risk that we were introducing to the platform, and provided us a look into the container environment by introducing access control mechanisms. In addition, when it came to runtime-level policies, we could restrict container access to resources in our environment, such as network-level or other application-level access."
"The most valuable features are that it's easy to use and manage."
"We use Aqua Security for the container security features."
"The container security element of this product has been very valuable to our organization."
"The solution's vulnerability database, in terms of comprehensiveness and accuracy, is very high-level. As far as I know, it's the best among their competitors."
"What is valuable about Snyk is its simplicity."
"The most valuable features are their GitLab and JIRA integrations. The GitLab integration lets us pull projects in pretty easily, so that it's pretty minimal for developers to get it set up. Using the JIRA integration, it's also pretty easy to get the information that is generated, as a result of that GitLab integration, back to our teams in a non-intrusive way and in a workflow that we are already using."
"The CLI feature is quite useful because it gives us a lot of flexibility in what we want to do. If you use the UI, all the information is there and you can see what Snyk is showing you, but there is nothing else that you can change. However, when you use the CLI, then you can use commands and can get the output or response back from Snyk. You can also take advantage of that output in a different way. For the same reason, we have been using the CLI for the hard gate in the pipeline: Obtain a particular CDSS score for vulnerability. Based on that information, we can then decide if we want to block or allow the build. We have more flexibility if we use the CLI."
"Its reports are nice and provide information about the issue as well as resolution. They also provide a proper fix. If there's an issue, they provide information in detail about how to remediate that issue."
"The most valuable features include enriched information around the vulnerabilities for better triaging, in terms of the vulnerability layer origin and vulnerability tree."
"Snyk is a good and scalable tool."
"I find SCA to be valuable. It can read your libraries, your license and bring the best way to resolve your problem in the best scenario."
"The solution could improve user-friendliness."
"It's a bit hard to use the user roles. That was a bit confusing."
"Aqua Security lacks a lot in reporting."
"In the next release, Aqua Security should add the ability to automatically send reports to customers."
"The integrations on CICD could be improved. If Aqua had more plugins or container images to integrate and automate more easily on CICD, it would be better."
"I would like Aqua Security to look into is the development of a web security portal."
"There's room for improvement, particularly in management capabilities as it may not be comprehensive enough for all customers, and it has been lacking in the realm of cloud security posture management."
"Since we are working from home, we would like to have the proper training for Aqua."
"We have to integrate with their database, which means we need to send our entire code to them to scan, and they send us the report. A company working in the financial domain usually won't like to share its code or any information outside its network with any third-party provider."
"We were using Microsoft Docker images. It was reporting some vulnerabilities, but we were not able to figure out the fix for them. It was reporting some vulnerabilities in the Docker images given by Microsoft, which were out of our control. That was the only limitation. Otherwise, it was good."
"The tool should provide more flexibility and guidance to help us fix the top vulnerabilities before we go into production."
"It would be great if they can include dynamic, interactive, and run-time scanning features. Checkmarx and Veracode provide dynamic, interactive, and run-time scanning, but Snyk doesn't do that. That's the reason there is more inclination towards Veracode, Checkmarx, or AppScan. These are a few tools available in the market that do all four types of scanning: static, dynamic, interactive, and run-time."
"I think Snyk should add more of a vulnerability protection feature in the tool since it is an area where it lacks."
"It would be helpful if we get a recommendation while doing the scan about the necessary things we need to implement after identifying the vulnerabilities."
"Because Snyk has so many integrations and so many things it can do, it's hard to really understand all of them and to get that information to each team that needs it... If there were more self-service, perhaps tutorials or overviews for new teams or developers, so that they could click through and see things themselves, that would help."
"One area where Snyk could improve is in providing developers with the line where the error occurs."
Aqua Cloud Security Platform is ranked 7th in Container Security with 16 reviews while Snyk is ranked 5th in Container Security with 41 reviews. Aqua Cloud Security Platform is rated 8.0, while Snyk is rated 8.2. The top reviewer of Aqua Cloud Security Platform writes "Reliable with good container scanning and a straightforward setup". On the other hand, the top reviewer of Snyk writes "Performs software composition analysis (SCA) similar to other expensive tools". Aqua Cloud Security Platform is most compared with Prisma Cloud by Palo Alto Networks, Wiz, Red Hat Advanced Cluster Security for Kubernetes, SUSE NeuVector and Sysdig Secure, whereas Snyk is most compared with SonarQube, Black Duck, GitHub Advanced Security, Fortify Static Code Analyzer and GitLab. See our Aqua Cloud Security Platform vs. Snyk report.
See our list of best Container Security vendors and best DevSecOps vendors.
We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.