Try our new research platform with insights from 80,000+ expert users

GitHub Advanced Security vs Snyk comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Mar 16, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

GitHub Advanced Security
Ranking in Application Security Tools
11th
Average Rating
8.6
Reviews Sentiment
7.6
Number of Reviews
9
Ranking in other categories
No ranking in other categories
Snyk
Ranking in Application Security Tools
4th
Average Rating
8.0
Reviews Sentiment
7.4
Number of Reviews
45
Ranking in other categories
Container Security (8th), Software Composition Analysis (SCA) (3rd), Software Development Analytics (2nd), DevSecOps (1st)
 

Mindshare comparison

As of April 2025, in the Application Security Tools category, the mindshare of GitHub Advanced Security is 8.6%, up from 2.8% compared to the previous year. The mindshare of Snyk is 8.0%, up from 8.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools
 

Featured Reviews

Sabna Sainudeen - PeerSpot reviewer
Seamlessly integrates into developer environment for streamlined code scanning
GitHub Advanced Security should look into API security issues, which they currently do not. Additionally, open-source security vulnerabilities are not getting updated in a timely manner. There are features in GitHub Advanced Security that cannot be used within Microsoft, which is strange since they are the same company. It should also focus on developing a software bill of materials (SBOM) to see all open software used in one place.
meetharoon - PeerSpot reviewer
Affordable tool boosts code scanning efficiency but faces integration hurdles
The most important feature of Snyk is its cost-effectiveness compared to other solutions such as Check Point. It is easy to consolidate Snyk across multiple entities within a large organization. Additionally, our integration of Snyk into GitHub allows us to automatically scan codebases and identify issues, which has improved efficiency.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Dependency scanning is a valuable feature."
"The most valuable is the developer experience and the extensibility of the overall ecosystem."
"GitHub Advanced Security is a very developer-friendly solution that is integrated within my development environment."
"GitHub provides advanced security, which is why the customers choose this tool; it allows them to rely solely on GitHub as one platform for everything they need."
"It is a stable solution...It is a scalable solution as it can handle new applications along with the analysis part."
"I have not experienced any performance or stability issues with GitHub Advanced Security."
"It ensures user passwords or sensitive information are not accidentally exposed in code or reports."
"The product's most valuable features are security scan, dependency scan, and cost-effectiveness."
"The product's most valuable features are an open-source platform, remote functionality, and good pricing."
"Its reports are nice and provide information about the issue as well as resolution. They also provide a proper fix. If there's an issue, they provide information in detail about how to remediate that issue."
"Static code analysis is one of the best features of the solution."
"The most valuable feature of Snyk is the SBOM."
"Snyk categorizes the level of vulnerability into high, medium, and low, which helps organizations prioritize which issues to tackle first."
"It has a nice dashboard where I can see all the vulnerabilities and risks that they provided. I can also see the category of any risk, such as medium, high, and low. They provide the input priority-wise. The team can target the highest one first, and then they can go to medium and low ones."
"The valuable aspect is its security capabilities."
"It is easy for developers to use. The documentation is clear as well as the APIs are good and easily readable. It's a good solution overall."
 

Cons

"For GitHub Advanced Security, I would like to see more support for various programming languages."
"Open-source security vulnerabilities are not getting updated in a timely manner."
"A more refined approach, categorizing and emphasizing specific vulnerabilities, would be beneficial."
"Maybe make it compatible with more programming languages. Have a customized ruleset where the end-user can create their own rules for scanning."
"The deployment part of the product is an area of concern that needs to be made easier from an improvement perspective."
"There could be a centralized dashboard to view reports of all the projects on one platform."
"The report limitations are the main issue."
"GitHub Advanced Security should look into API security issues, which they currently do not. Additionally, open-source security vulnerabilities are not getting updated in a timely manner."
"There are a lot of false positives that need to be identified and separated."
"They need to improve the Snyk plugins and make it easier to make your optimizations based on your own needs or features."
"The product is very expensive."
"The reporting mechanism of Snyk could improve. The reporting mechanism is available only on the higher level of license. Adjusting the policy of the current setup of recording this report is something that can improve. For instance, if you have a certain license, you receive a rating, and the rating of this license remains the same for any use case. No matter if you are using it internally or using it externally, you cannot make the adjustment to your use case. It will always alert as a risky license. The areas of licenses in the reporting and adjustments can be improve"
"Basically the licensing costs are a little bit expensive."
"We had some issues integrating into our pipeline, however, they were resolved."
"We were using Microsoft Docker images. It was reporting some vulnerabilities, but we were not able to figure out the fix for them. It was reporting some vulnerabilities in the Docker images given by Microsoft, which were out of our control. That was the only limitation. Otherwise, it was good."
"One area where Snyk could improve is in providing developers with the line where the error occurs."
 

Pricing and Cost Advice

"The solution is expensive."
"The current licensing model, which relies on active commitments, poses challenges, particularly in predicting and managing growth."
"We are using the open-source version for the scans."
"Snyk is a premium-priced product, so it's kind of expensive. The big con that I find frustrating is when a company charges extra for single sign-on (SSO) into their SaaS app. Snyk is one of the few that I'm willing to pay that add-on charge, but generally I disqualify products that charge an extra fee to do integrated authentication to our identity provider, like Okta or some other SSO. That is a big negative. We had to pay extra for that. That little annoyance aside, it is expensive. You get a lot out of it, but you're paying for that premium."
"Cost-wise, it's similar to Veracode, but I don't know the exact cost."
"It's inexpensive and easy to license. It comes in standard package sizing, which is straightforward. This information is publicly found on their website."
"On a scale of one to ten, where one is cheap and ten is expensive, I rate the pricing a three. It is a cheap solution."
"You can get a good deal with Snyk for pricing. It's a little expensive, but it is worth it."
"The pricing is acceptable, especially for enterprises. I don't think it's too much of a concern for our customers. Something like $99 per user is reasonable when the stakes are high."
"It is pretty expensive. It is not a cheap product."
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
849,190 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
14%
Computer Software Company
11%
Manufacturing Company
8%
Government
7%
Financial Services Firm
16%
Computer Software Company
15%
Manufacturing Company
10%
Insurance Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about GitHub Advanced Security?
It is a stable solution...It is a scalable solution as it can handle new applications along with the analysis part.
What needs improvement with GitHub Advanced Security?
For GitHub Advanced Security, I would like to see more support for various programming languages. Additionally, it would be beneficial to have more control at an organizational level rather than ha...
What is your primary use case for GitHub Advanced Security?
I use GitHub Advanced Security ( /products/github-advanced-security-reviews ) at my workplace to scan for code vulnerabilities and secrets in our software development workflow. It is used across mu...
How does Snyk compare with SonarQube?
Snyk does a great job identifying and reducing vulnerabilities. This solution is fully automated and monitors 24/7 to find any issues reported on the internet. It will store dependencies that you a...
What do you like most about Snyk?
The most effective feature in securing project dependencies stems from its ability to highlight security vulnerabilities.
What needs improvement with Snyk?
There are a lot of false positives that need to be identified and separated. The inclusion of AI to remove false positives would be beneficial. So far, I've not seen any AI features to enhance vuln...
 

Overview

 

Sample Customers

Information Not Available
StartApp, Segment, Skyscanner, DigitalOcean, Comic Relief
Find out what your peers are saying about GitHub Advanced Security vs. Snyk and other solutions. Updated: April 2025.
849,190 professionals have used our research since 2012.