No more typing reviews! Try our Samantha, our new voice AI agent.

ArmorCode vs Snyk comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 11, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex Cloud by Palo Alto N...
Sponsored
Ranking in Application Security Posture Management (ASPM)
7th
Average Rating
8.6
Reviews Sentiment
5.7
Number of Reviews
11
Ranking in other categories
Vulnerability Management (30th), Cloud Workload Protection Platforms (CWPP) (13th), Cloud Security Posture Management (CSPM) (16th), Cloud-Native Application Protection Platforms (CNAPP) (12th), Data Security Posture Management (DSPM) (11th), Software Supply Chain Security (8th), Cloud Infrastructure Entitlement Management (CIEM) (7th), Cloud Detection and Response (CDR) (5th)
ArmorCode
Ranking in Application Security Posture Management (ASPM)
12th
Average Rating
8.0
Reviews Sentiment
2.2
Number of Reviews
1
Ranking in other categories
Application Security Tools (29th), DevSecOps (15th), Risk-Based Vulnerability Management (18th)
Snyk
Ranking in Application Security Posture Management (ASPM)
2nd
Average Rating
8.2
Reviews Sentiment
7.3
Number of Reviews
51
Ranking in other categories
Application Performance Monitoring (APM) and Observability (21st), Application Security Tools (7th), Static Application Security Testing (SAST) (5th), GRC (6th), Cloud Management (14th), Vulnerability Management (21st), Container Security (7th), Software Composition Analysis (SCA) (2nd), Software Development Analytics (2nd), Cloud Security Posture Management (CSPM) (17th), DevSecOps (3rd), AI Security (10th)
 

Featured Reviews

SJ
Technical Solutions Architect at IBM
Cloud security has improved as AI-driven runtime protection detects threats and reduces incidents
In my opinion, Cortex Cloud by Palo Alto Networks could be improved or enhanced in various ways. I don't have an idea about that yet because for that you actually need to use two or three different other tools to make a basic comparison. If you ask me how good the tool is, I would fairly rate it quite high. The tool is very popular, and customers can already see that it is one of the cloud leaders in the security space. The platform had a very good feature which provides documentation links about how to use a specific feature on the UI. It takes you to the proper documentation page where it suggests what to do and tells you about the steps that need to be done for a resource deployment. My thoughts about improving the product which I believe could greatly aid vendors is that it used to be a very user-friendly tool, but now they have incorporated everything under one umbrella. It has XDR, XSOAR, and Cortex Cloud by Palo Alto Networks. Before, we used to have separate modules and separate environments for each of these capabilities or features. Right now, it is a little complex and users would take their own time to know the tool better. This is something that would have been way better, but I would say there would be different opinions on this. Talking about user-friendliness, it has decreased now.
AmandeepSingh4 - PeerSpot reviewer
Engineer Technology at Iris Software Inc.
Centralized risk-based workflows have reduced alert fatigue and improve on-time secure delivery
ArmorCode is a strong ASPM platform that provides centralized visibility and risk-based prioritization, and there are several areas where it could be enhanced to improve the user experience and increase adoption across development teams. Improvements could include more AI-powered remediation guidance, improved developer experience, enhanced predictive risk analysis, strong cloud-native visibility such as Kubernetes, custom reporting, and dashboards including custom risk scorecards, team-specific dashboards, and faster onboarding and setup of new security tools. Improvements could also include pre-built integration, automation, automated connector setup, guided onboarding, and better risk connection that assesses criticality, business impact, data sensitivity, and internet exposure. The most important improvements needed are strong cloud-native visibility, enhanced predictive risk analysis, adding AI-powered remediation guidance, and an improved developer experience. Predictive risk analysis is one area that needs enhancement. While ArmorCode is already excellent at centralizing security findings and prioritizing risk, these improvements could further reduce remediation time and make the platform even more valuable for both security and development teams. Enhancing AI-powered remediation guidance would improve developer experience. For AI-powered remediation guidance, instead of only identifying vulnerabilities, ArmorCode could provide detailed fix recommendations, secure code examples, root cause analysis, and automated remediation suggestions.
Abhishek-Goyal - PeerSpot reviewer
Software Engineer at a computer software company with 11-50 employees
Improves security posture by actively reducing critical vulnerabilities and guiding remediation
Snyk's main features include open-source vulnerability scanning, code security, container security, infrastructure as code security, risk-based prioritization, development-first integration, continuous monitoring and alerting, automation, and remediation. The best features I appreciate are the vulnerability checking, vulnerability scanning, and code security capabilities, as Snyk scans all open-source dependencies for known vulnerabilities and helps with license compliance for open-source components. Snyk integrates into IDEs, allowing issues to be caught as they appear in the code dynamically and prioritizes risk while providing remediation advice. Snyk provides actionable remediation advice on where vulnerabilities can exist and where code security is compromised, automatically scanning everything and providing timely alerts. Snyk has positively impacted my organization by improving the security posture across all software repositories, resulting in fewer critical vulnerabilities, more confidence in overall product security, and faster security compliance for project clients. Snyk has helped reduce vulnerabilities significantly. Initially, the repository had 17 to 31 critical and high vulnerabilities, but Snyk has helped manage them down to just five vulnerabilities, which are now lower and not high or critical.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Cortex Cloud by Palo Alto Networks has impacted our organization positively by keeping our machines secure and our team using the dashboard to find issues quickly."
"Previously with Cortex Cloud by Palo Alto Networks, I deployed this product for one of my customers, and after three to four months, they said that previously they had around four hours of MTTR, and now it has reduced to just 15 to 20 minutes."
"Cortex Cloud by Palo Alto Networks' cloud runtime security in terms of stopping attacks in real time is impressive."
"Overall, Cortex Cloud by Palo Alto Networks is a technically strong product, and I rate it ten out of ten."
"The most valuable features I have found in Cortex Cloud by Palo Alto Networks are those that we provided to customers in a stock environment, as we have done some POCs and tried to check how it can help different organizations, and this same solution has been positioned for multiple customers."
"From a technical standpoint or pricing, Cortex Cloud by Palo Alto Networks is a stronger solution in the market at the moment compared to other products from ConnectWise or Symantec."
"The AI and automation features in detecting and responding to high-risk threats are impressive; it's one of the best tools regarding AI technology and unifies security in one platform in real-time, improving vulnerability analysis, incident response, and compliance reporting."
"I have absolutely seen improvements in our incident close rates, with mean time to detect and respond reduced significantly, sometimes by at least forty to fifty percent."
"ArmorCode is very effective software that reduces human effort and saves time, has a huge impact on the company's revenue and profit, and we deliver everything on time to the client because of ArmorCode."
"We have integrated it into our software development environment. We have it in a couple different spots. Developers can use it at the point when they are developing. They can test it on their local machine. If the setup that they have is producing alerts or if they need to upgrade or patch, then at the testing phase when a product is being built for automated testing integrates with Snyk at that point and also produces some checks."
"Our customers find container scans most valuable. They are always talking about it."
"The advantage of Snyk is that Snyk automatically creates a pull request for all the findings that match or are classified according to the policy that we create. So, once we review the PR within Snyk and we approve the PR, Snyk auto-fixes the issue, which is quite interesting and which isn't there in any other product out there. So, Snyk is a step ahead in this particular area."
"I find SCA to be valuable. It can read your libraries, your license and bring the best way to resolve your problem in the best scenario."
"Snyk has given us really good results because it is fully automated. We don't have to scan projects every time to find vulnerabilities, as it already stores the dependencies that we are using. It monitors 24/7 to find out if there are any issues that have been reported out on the Internet."
"It's very easy for developers to use. Onboarding was an easy process for all of the developers within the company. After a quick, half-an-hour to an hour session, they were fully using it on their own. It's very straightforward. Usability is definitely a 10 out of 10."
"Fugue provides core capabilities that enable visualization, discovery, and compliance automation."
"Snyk performs software composition analysis (SCA) similar to other expensive tools."
 

Cons

"The negative aspects or areas for improvement in the product include the fact that the cost might be a bit high, which challenges commercials, but not technically."
"My thoughts about improving the product which I believe could greatly aid vendors is that it used to be a very user-friendly tool, but now they have incorporated everything under one umbrella."
"Cortex Cloud by Palo Alto Networks is not the cheapest solution in the market, but I know that is the best solution for SOC and Cloud once have all tools to connect cloud issues with SOC procedures, because we are partners with T-Systems."
"Cortex Cloud by Palo Alto Networks is creating some confusion in terms of names because this is recent."
"From the commercial perspective, we have some limitations because Palo Alto has a minimum number of users of endpoints set at 200, which is quite high for the Italian market."
"Some aspects of the GUI can be confusing and make it difficult for me to find certain options or navigate where needed."
"In my opinion, Cortex Cloud by Palo Alto Networks can be improved by addressing forensic information collection and storage, although I cannot suggest specific things right now, based on what customers might need."
"The pricing is high, making ROI challenging to justify, especially during transitions between solutions."
"Improvements could include more AI-powered remediation guidance, improved developer experience, enhanced predictive risk analysis, strong cloud-native visibility such as Kubernetes, custom reporting, and dashboards including custom risk scorecards, team-specific dashboards, and faster onboarding and setup of new security tools."
"It would be great if they can include dynamic, interactive, and run-time scanning features. Checkmarx and Veracode provide dynamic, interactive, and run-time scanning, but Snyk doesn't do that. That's the reason there is more inclination towards Veracode, Checkmarx, or AppScan. These are a few tools available in the market that do all four types of scanning: static, dynamic, interactive, and run-time."
"Could include other types of security scanning and statistical analysis"
"Compatibility with other products would be great."
"Although Snyk is strong, sometimes it flags vulnerabilities that are not reachable, not exploitable, and not relevant to a project."
"Then there's the issue of their support. It's not very good, to be honest, and it hasn't been the best experience to deal with them."
"DAST has shortcomings, and Snyk needs to improve and overcome such shortcomings."
"The log export function could be easier when shipping logs to other platforms such as Splunk."
"Right now, we receive too many high vulnerabilities. If we enable notifications, then we just get a lot of spam message."
 

Pricing and Cost Advice

Information not available
Information not available
"It's inexpensive and easy to license. It comes in standard package sizing, which is straightforward. This information is publicly found on their website."
"The product's price is okay."
"It is pretty expensive. It is not a cheap product."
"The license model is based on the number of contributing developers. Snyk is expensive, for a startup company will most likely use the community edition, while larger companies will buy the licensed version. The price of Snyk is more than other SLA tools."
"Cost-wise, it's similar to Veracode, but I don't know the exact cost."
"The solution is less expensive than Black Duck."
"On a scale of one to ten, where one is cheap and ten is expensive, I rate the pricing a three. It is a cheap solution."
"Snyk is an expensive solution."
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
904,146 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Construction Company
11%
Financial Services Firm
8%
Outsourcing Company
7%
Outsourcing Company
14%
Financial Services Firm
13%
Construction Company
8%
Computer Software Company
7%
Financial Services Firm
14%
Manufacturing Company
11%
Computer Software Company
9%
Comms Service Provider
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business7
Midsize Enterprise1
Large Enterprise4
No data available
By reviewers
Company SizeCount
Small Business20
Midsize Enterprise10
Large Enterprise23
 

Questions from the Community

What is your experience regarding pricing and costs for Cortex Cloud by Palo Alto Networks?
I am not fully aware of the pricing and licensing of Cortex Cloud by Palo Alto Networks. The pricing is also based on...
What needs improvement with Cortex Cloud by Palo Alto Networks?
In my opinion, Cortex Cloud by Palo Alto Networks could be improved or enhanced in various ways. I don't have an idea...
What is your primary use case for Cortex Cloud by Palo Alto Networks?
The usual use cases for Cortex Cloud by Palo Alto Networks that I have been working with mostly are as simple as dete...
What needs improvement with ArmorCode?
ArmorCode is a strong ASPM platform that provides centralized visibility and risk-based prioritization, and there are...
What is your primary use case for ArmorCode?
ArmorCode is used for eliminating duplicate vulnerabilities and consolidating findings from multiple tools, prioritiz...
What advice do you have for others considering ArmorCode?
ArmorCode supports tracking and reporting for PCI DSS, SOC 2, ISO 27001, and HIPAA for compliance and governance purp...
How does Snyk compare with SonarQube?
Snyk does a great job identifying and reducing vulnerabilities. This solution is fully automated and monitors 24/7 to...
What needs improvement with Snyk?
There are a lot of false positives that need to be identified and separated. The inclusion of AI to remove false posi...
What is your primary use case for Snyk?
I use Snyk ( /products/snyk-reviews ) in the DevOps pipeline to identify vulnerabilities before deploying the applica...
 

Also Known As

No data available
ArmorCode AppSecOps Platform
Fugue, Snyk AppRisk
 

Overview

 

Sample Customers

Information Not Available
Shutterfly, S&P Global, Snap Finance, Snapdocs, and The Access Group
StartApp, Segment, Skyscanner, DigitalOcean, Comic Relief
Find out what your peers are saying about SonarSource Sàrl, Checkmarx, Veracode and others in Application Security Tools. Updated: June 2026.
904,146 professionals have used our research since 2012.