Try our new research platform with insights from 80,000+ expert users

Contrast Security Protect vs Snyk comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 8, 2024
 

Categories and Ranking

Contrast Security Protect
Ranking in Application Security Tools
32nd
Average Rating
8.4
Number of Reviews
3
Ranking in other categories
No ranking in other categories
Snyk
Ranking in Application Security Tools
4th
Average Rating
8.2
Reviews Sentiment
7.3
Number of Reviews
43
Ranking in other categories
Container Security (7th), Software Composition Analysis (SCA) (3rd), Software Development Analytics (2nd), DevSecOps (1st)
 

Mindshare comparison

As of November 2024, in the Application Security Tools category, the mindshare of Contrast Security Protect is 0.5%, up from 0.4% compared to the previous year. The mindshare of Snyk is 7.6%, down from 8.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools
 

Featured Reviews

ToddMcAlister - PeerSpot reviewer
Aug 1, 2022
It provides us with more in-depth visibility into ongoing attacks.
Our use case is normal support on top of the WAF for protecting our environment. We have it on the development side and the production side. We're not using it much anymore because we had some performance issues Protect provides us with more in-depth visibility into ongoing attacks.  Protect's…
Jayashree Acharyya - PeerSpot reviewer
Mar 4, 2024
Used for image scanning and identifying vulnerabilities, but its integration with other services could be improved
The solution has improved or streamlined our process a lot for securing container images. We wanted to make sure we are deploying the secure Docker images. Snyk allowed us to check whether it is following our standard of docker images or not. We use Azure DevOps as our platform, and Snyk's integration with Azure DevOps was okay. However, Snyk's integration with JFrog Artifactory didn't go well. We use JFrog Artifactory to store the artifacts we download. We wanted to integrate Snyk with JFrog Artifactory to scan the binary artifacts we downloaded, but that broke our JFrog Artifactory for some reason. Instead of using it there, we are calling it directly from the pipeline. Snyk's automation features significantly reduced remediation times a couple of times. Sometimes, our developers scan the code from the environment and find some Java vulnerabilities. We fixed those vulnerabilities in the lower environment itself. The solution does not require any maintenance. The accuracy of Snyk's vulnerability detection is pretty good compared to other tools. I rate the solution's vulnerability detection feature an eight out of ten. I would recommend Snyk to other users because it is easy to implement and integrate with Azure DevOps and GitHub. Overall, I rate the solution a seven out of ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution has excellent real-time capabilities."
"The product gives a few false positives. We get 99 percent true positives."
"Protect provides us with more in-depth visibility into ongoing attacks."
"The most valuable features of Snyk are vulnerability scanning and automation. The automation the solution brings around vulnerability scanning is useful."
"We have integrated it into our software development environment. We have it in a couple different spots. Developers can use it at the point when they are developing. They can test it on their local machine. If the setup that they have is producing alerts or if they need to upgrade or patch, then at the testing phase when a product is being built for automated testing integrates with Snyk at that point and also produces some checks."
"It's very easy for developers to use. Onboarding was an easy process for all of the developers within the company. After a quick, half-an-hour to an hour session, they were fully using it on their own. It's very straightforward. Usability is definitely a 10 out of 10."
"The most valuable feature of Snyk is the SBOM."
"The product's most valuable features are an open-source platform, remote functionality, and good pricing."
"The most valuable feature of Snyk is the software composition analysis."
"The most valuable features include enriched information around the vulnerabilities for better triaging, in terms of the vulnerability layer origin and vulnerability tree."
"Static code analysis is one of the best features of the solution."
 

Cons

"Protect's reporting GUI is very basic. To get all statuses from the APIs, we needed to write our own KPI dashboard to provide reports."
"There's room for improvement in the initial setup."
"Contrast Security Protect needs to improve integration."
"It lists projects. So, if you have a number of microservices in an enterprise, then you could have pages of findings. Developers will then spend zero time going through the pages of reports to figure out, "Is there something I need to fix?" While it may make sense to list all the projects and issues in these very long lists for completeness, Snyk could do a better job of bubbling up and grouping items, e.g., a higher level dashboard that draws attention to things that are new, the highest priority things, or things trending in the wrong direction. That would make it a lot easier. They don't quite have that yet in container security."
"It would be great if they can include dynamic, interactive, and run-time scanning features. Checkmarx and Veracode provide dynamic, interactive, and run-time scanning, but Snyk doesn't do that. That's the reason there is more inclination towards Veracode, Checkmarx, or AppScan. These are a few tools available in the market that do all four types of scanning: static, dynamic, interactive, and run-time."
"They need to improve the Snyk plugins and make it easier to make your optimizations based on your own needs or features."
"The feature for automatic fixing of security breaches could be improved."
"Could include other types of security scanning and statistical analysis"
"The solution's integration with JFrog Artifactory could be improved."
"The tool's initial use is complex."
"For the areas that they're new in, it's very early stages for them. For example, their expertise is in looking at third-party components and packages, which is their bread-and-butter and what they've been doing for ages, but for newer features such as static analysis I don't think they've got compatibility for all the languages and frameworks yet."
 

Pricing and Cost Advice

Information not available
"The pricing is acceptable, especially for enterprises. I don't think it's too much of a concern for our customers. Something like $99 per user is reasonable when the stakes are high."
"Despite Snyk's coverage, scalability, reliability, and stability, it is available at a very competitive price."
"For what Snyk offers, it has the best cost-benefit I have ever seen because you're buying the license per user."
"The solution is less expensive than Black Duck."
"The product has good pricing."
"The pricing is reasonable."
"It is pretty expensive. It is not a cheap product."
"Their licensing model is fairly robust and scalable for our needs. I believe we have reached a reasonable agreement on the licensing to enable hundreds of developers to participate in this product offering. The solution is very tailored towards developers and its licensing model works well for us."
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
815,690 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
25%
Computer Software Company
19%
Manufacturing Company
13%
Insurance Company
8%
Financial Services Firm
15%
Computer Software Company
15%
Manufacturing Company
9%
Insurance Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Contrast Security Protect?
The product gives a few false positives. We get 99 percent true positives.
What needs improvement with Contrast Security Protect?
Contrast Security Protect needs to improve integration.
How does Snyk compare with SonarQube?
Snyk does a great job identifying and reducing vulnerabilities. This solution is fully automated and monitors 24/7 to find any issues reported on the internet. It will store dependencies that you a...
What do you like most about Snyk?
The most effective feature in securing project dependencies stems from its ability to highlight security vulnerabilities.
What needs improvement with Snyk?
I'm not responsible for the tool. As far as I know, there are no major concerns or features that we lack. We had some issues integrating into our pipeline, however, they were resolved.
 

Also Known As

Contrast Protect
No data available
 

Overview

 

Sample Customers

Williams-Sonoma, Autodesk, HUAWEI, Chromeriver, RingCentral, Demandware.
StartApp, Segment, Skyscanner, DigitalOcean, Comic Relief
Find out what your peers are saying about Contrast Security Protect vs. Snyk and other solutions. Updated: October 2024.
815,690 professionals have used our research since 2012.