Try our new research platform with insights from 80,000+ expert users

GitHub Advanced Security vs Snyk comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 4, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

GitHub Advanced Security
Ranking in Application Security Tools
4th
Average Rating
8.8
Reviews Sentiment
7.2
Number of Reviews
10
Ranking in other categories
No ranking in other categories
Snyk
Ranking in Application Security Tools
5th
Average Rating
8.0
Reviews Sentiment
7.4
Number of Reviews
48
Ranking in other categories
Static Application Security Testing (SAST) (8th), Cloud Management (14th), Container Security (5th), Software Composition Analysis (SCA) (2nd), Software Development Analytics (2nd), Cloud Security Posture Management (CSPM) (16th), DevSecOps (2nd), Application Security Posture Management (ASPM) (1st)
 

Mindshare comparison

As of July 2025, in the Application Security Tools category, the mindshare of GitHub Advanced Security is 8.7%, up from 4.5% compared to the previous year. The mindshare of Snyk is 7.5%, down from 8.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools
 

Featured Reviews

Sabna Sainudeen - PeerSpot reviewer
Seamlessly integrates into developer environment for streamlined code scanning
GitHub Advanced Security should look into API security issues, which they currently do not. Additionally, open-source security vulnerabilities are not getting updated in a timely manner. There are features in GitHub Advanced Security that cannot be used within Microsoft, which is strange since they are the same company. It should also focus on developing a software bill of materials (SBOM) to see all open software used in one place.
meetharoon - PeerSpot reviewer
Affordable tool boosts code scanning efficiency but faces integration hurdles
The most important feature of Snyk is its cost-effectiveness compared to other solutions such as Check Point. It is easy to consolidate Snyk across multiple entities within a large organization. Additionally, our integration of Snyk into GitHub allows us to automatically scan codebases and identify issues, which has improved efficiency.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"GitHub Advanced Security is ten out of ten scalable."
"Dependency scanning is a valuable feature."
"GitHub Advanced Security uses artificial intelligence in the backend, specifically CodeQL, to analyze code and provide fewer but more reliable findings, so there are less false positives."
"The product's most valuable features are security scan, dependency scan, and cost-effectiveness."
"GitHub provides advanced security, which is why the customers choose this tool; it allows them to rely solely on GitHub as one platform for everything they need."
"The initial setup was straightforward and completed in a matter of minutes."
"It ensures user passwords or sensitive information are not accidentally exposed in code or reports."
"GitHub Advanced Security is a very developer-friendly solution that is integrated within my development environment."
"Snyk is a developer-friendly product."
"The most valuable features of Snyk are vulnerability scanning and automation. The automation the solution brings around vulnerability scanning is useful."
"The most valuable features are their GitLab and JIRA integrations. The GitLab integration lets us pull projects in pretty easily, so that it's pretty minimal for developers to get it set up. Using the JIRA integration, it's also pretty easy to get the information that is generated, as a result of that GitLab integration, back to our teams in a non-intrusive way and in a workflow that we are already using."
"I find SCA to be valuable. It can read your libraries, your license and bring the best way to resolve your problem in the best scenario."
"We have integrated it into our software development environment. We have it in a couple different spots. Developers can use it at the point when they are developing. They can test it on their local machine. If the setup that they have is producing alerts or if they need to upgrade or patch, then at the testing phase when a product is being built for automated testing integrates with Snyk at that point and also produces some checks."
"The most effective feature in securing project dependencies stems from its ability to highlight security vulnerabilities."
"The most valuable feature of Snyk is the software composition analysis."
"The dependency checks of the libraries are very valuable, but the licensing part is also very important because, with open source components, licensing can be all over the place. Our project is not an open source project, but we do use quite a lot of open source components and we want to make sure that we don't have surprises in there."
 

Cons

"The report limitations are the main issue."
"For GitHub Advanced Security, I would like to see more support for various programming languages."
"Open-source security vulnerabilities are not getting updated in a timely manner."
"There could be DST features included in the product."
"The deployment part of the product is an area of concern that needs to be made easier from an improvement perspective."
"There could be a centralized dashboard to view reports of all the projects on one platform."
"The reporting feature might need improvement. While it integrates seamlessly with my workflow, it doesn't provide management with oversight, such as statistics and the number of vulnerabilities."
"The customizations are a little bit difficult."
"Snyk has several limitations, including issues with Gradle, NPM, and Xcode, and trouble with AutoPR."
"The tool should provide more flexibility and guidance to help us fix the top vulnerabilities before we go into production."
"There are some new features that we would like to see added, e.g., more visibility into library usage for the code. Something along the lines where it's doing the identification of where vulnerabilities are used, etc. This would cause them to stand out in the market as a much different platform."
"I think Snyk should add more of a vulnerability protection feature in the tool since it is an area where it lacks."
"We have to integrate with their database, which means we need to send our entire code to them to scan, and they send us the report. A company working in the financial domain usually won't like to share its code or any information outside its network with any third-party provider."
"DAST has shortcomings, and Snyk needs to improve and overcome such shortcomings."
"The tool's initial use is complex."
"The feature for automatic fixing of security breaches could be improved."
 

Pricing and Cost Advice

"The current licensing model, which relies on active commitments, poses challenges, particularly in predicting and managing growth."
"The solution is expensive."
"The pricing is acceptable, especially for enterprises. I don't think it's too much of a concern for our customers. Something like $99 per user is reasonable when the stakes are high."
"The price of the solution is expensive compared to other solutions."
"It's inexpensive and easy to license. It comes in standard package sizing, which is straightforward. This information is publicly found on their website."
"I didn't think the price was that great, but it wasn't that bad, either. I'd rate their pricing as average in the market."
"Cost-wise, it's similar to Veracode, but I don't know the exact cost."
"The price is good. Snyk had a good price compared to the competition, who had higher pricing than them. Also, their licensing and billing are clear."
"We do have some missing licenses issues, especially with non-SPDX compliant one, but we expect this to be fixed soon"
"The product's price is okay."
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
863,776 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
14%
Computer Software Company
12%
Manufacturing Company
8%
Government
7%
Financial Services Firm
15%
Computer Software Company
13%
Manufacturing Company
9%
Insurance Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about GitHub Advanced Security?
It is a stable solution...It is a scalable solution as it can handle new applications along with the analysis part.
What needs improvement with GitHub Advanced Security?
The reporting feature might need improvement. While it integrates seamlessly with my workflow, it doesn't provide management with oversight, such as statistics and the number of vulnerabilities. Ma...
What is your primary use case for GitHub Advanced Security?
I use GitHub Advanced Security for conducting source code security scanning for the software that I develop.
How does Snyk compare with SonarQube?
Snyk does a great job identifying and reducing vulnerabilities. This solution is fully automated and monitors 24/7 to find any issues reported on the internet. It will store dependencies that you a...
What do you like most about Snyk?
The most effective feature in securing project dependencies stems from its ability to highlight security vulnerabilities.
What needs improvement with Snyk?
There are a lot of false positives that need to be identified and separated. The inclusion of AI to remove false positives would be beneficial. So far, I've not seen any AI features to enhance vuln...
 

Also Known As

No data available
Fugue
 

Overview

 

Sample Customers

Information Not Available
StartApp, Segment, Skyscanner, DigitalOcean, Comic Relief
Find out what your peers are saying about GitHub Advanced Security vs. Snyk and other solutions. Updated: July 2025.
863,776 professionals have used our research since 2012.