Try our new research platform with insights from 80,000+ expert users

GitHub vs Snyk comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 5, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

GitHub
Ranking in Application Security Tools
6th
Average Rating
8.8
Reviews Sentiment
7.5
Number of Reviews
93
Ranking in other categories
Version Control (3rd)
Snyk
Ranking in Application Security Tools
4th
Average Rating
8.0
Reviews Sentiment
7.4
Number of Reviews
45
Ranking in other categories
Container Security (8th), Software Composition Analysis (SCA) (3rd), Software Development Analytics (2nd), DevSecOps (1st)
 

Mindshare comparison

As of April 2025, in the Application Security Tools category, the mindshare of GitHub is 0.8%, down from 1.1% compared to the previous year. The mindshare of Snyk is 8.0%, up from 8.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools
 

Featured Reviews

Pervez Roy - PeerSpot reviewer
Very good for collaboration on software projects
We use GitHub for code repository alongside Bitbucket GitHub is very good for collaboration on software projects. We prefer Bitbucket for commercial use, while GitHub is used for open source. You can get the differences, history of changes, and version control for various pull requests. You can…
meetharoon - PeerSpot reviewer
Affordable tool boosts code scanning efficiency but faces integration hurdles
The most important feature of Snyk is its cost-effectiveness compared to other solutions such as Check Point. It is easy to consolidate Snyk across multiple entities within a large organization. Additionally, our integration of Snyk into GitHub allows us to automatically scan codebases and identify issues, which has improved efficiency.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"With GitHub, we can manage our development progress, CID, and continuous integration. It helps streamline our development processes effectively."
"The versioning of the code and the tracking of changes are definitely some of my top features."
"The most important feature of GitHub is the maintainability of the versions of the code."
"GitHub's version control is valuable."
"GitHub has improved the productivity of my team by simplifying code merging and enabling effective branching strategies."
"The ease of use is valuable."
"The ease of the planning board feature in GitHub is very valuable."
"You can write the code with AI. But when it comes to implementation, you must upgrade the bits of code that will support this and generate solutions based on that architecture. Then, you need comparable code bits. Therefore, AI can propose how much a specific function can be better optimized. So, AI can help stakeholders reach tasks quicker."
"What is valuable about Snyk is its simplicity."
"It's very easy for developers to use. Onboarding was an easy process for all of the developers within the company. After a quick, half-an-hour to an hour session, they were fully using it on their own. It's very straightforward. Usability is definitely a 10 out of 10."
"It is one of the best product out there to help developers find and fix vulnerabilities quickly. When we talk about the third-party software vulnerability piece and potentially security issues, it takes the load off the user or developer. They even provide automitigation strategies and an auto-fix feature, which seem to have been adopted pretty well."
"Snyk categorizes the level of vulnerability into high, medium, and low, which helps organizations prioritize which issues to tackle first."
"Our customers find container scans most valuable. They are always talking about it."
"The most valuable feature of Snyk is the SBOM."
"The most important feature of Snyk is its cost-effectiveness compared to other solutions such as Check Point."
"Static code analysis is one of the best features of the solution."
 

Cons

"The ticketing system is not working."
"There is room for improvement in terms of interface."
"GitHub should provide more integration in their next release, including integrating with Jenkins, CI/CD and Jira."
"The documentation needs to be more concise and easier for developers to understand."
"I would want to see some form of code security scanning implemented."
"GitHub uses basic configuration, but messaging is not clear."
"Our firewall was blocking cloning and downloading with SSH."
"We face issues with synchronization while working with teams."
"One area where Snyk could improve is in providing developers with the line where the error occurs."
"They were a couple of issues which happened because Snyk lacked some documentation on the integration side. Snyk is lacking a lot of documentation, and I would like to see them improve this. This is where we struggle a bit. For example, if something breaks, we can't figure out how to fix that issue. It may be a very simple thing, but because we don't have the proper documentation around an issue, it takes us a bit longer."
"The reporting mechanism of Snyk could improve. The reporting mechanism is available only on the higher level of license. Adjusting the policy of the current setup of recording this report is something that can improve. For instance, if you have a certain license, you receive a rating, and the rating of this license remains the same for any use case. No matter if you are using it internally or using it externally, you cannot make the adjustment to your use case. It will always alert as a risky license. The areas of licenses in the reporting and adjustments can be improve"
"We've also had technical issues with blocking newly introduced vulnerabilities in PRs and that was creating a lot of extra work for developers in trying to close and reopen the PR to get rid of some areas. We ended up having to disable that feature altogether because it wasn't really working for us and it was actually slowing down developer velocity."
"There is always more work to do around managing the volume of information when you've got thousands of vulnerabilities. Trying to get those down to zero is virtually impossible, either through ignoring them all or through fixing them. That filtering or information management is always going to be something that can be improved."
"Could include other types of security scanning and statistical analysis"
"It lists projects. So, if you have a number of microservices in an enterprise, then you could have pages of findings. Developers will then spend zero time going through the pages of reports to figure out, "Is there something I need to fix?" While it may make sense to list all the projects and issues in these very long lists for completeness, Snyk could do a better job of bubbling up and grouping items, e.g., a higher level dashboard that draws attention to things that are new, the highest priority things, or things trending in the wrong direction. That would make it a lot easier. They don't quite have that yet in container security."
"The tool needs improvement in license compliance. I would like to see the integration of better policy management in the product's future release. When it comes to the organization that I work for, there are a lot of business units since we are a group of companies. Each of these companies has its specific requirements and its own appetite for risk. This should be able to reflect in flexible policies. We need to be able to configure policies that can be adjusted later or overridden by the business unit that is using the product."
 

Pricing and Cost Advice

"My company purchased it. Before, we used to receive the free version, but then they purchased some of the features."
"It's cheaper than Bitbucket."
"The product is reasonably priced."
"I think, in terms of price, GitHub is okay compared to other tools."
"Regarding pricing, I'd rate it eight out of ten. It's decent and not too expensive, and small businesses can also afford it. With AWS taking CodeCommit out of the market, I don't see many competitors for small companies in terms of GitHub."
"I use the free version of GitHub."
"If there are only 10 people using a particular repository, then GitHub is free. But if we increase the number of users, we need to pay the normal charge for GitHub."
"I use the free version of the tool."
"The product has good pricing."
"Snyk is a premium-priced product, so it's kind of expensive. The big con that I find frustrating is when a company charges extra for single sign-on (SSO) into their SaaS app. Snyk is one of the few that I'm willing to pay that add-on charge, but generally I disqualify products that charge an extra fee to do integrated authentication to our identity provider, like Okta or some other SSO. That is a big negative. We had to pay extra for that. That little annoyance aside, it is expensive. You get a lot out of it, but you're paying for that premium."
"The price is good. Snyk had a good price compared to the competition, who had higher pricing than them. Also, their licensing and billing are clear."
"The license model is based on the number of contributing developers. Snyk is expensive, for a startup company will most likely use the community edition, while larger companies will buy the licensed version. The price of Snyk is more than other SLA tools."
"It's inexpensive and easy to license. It comes in standard package sizing, which is straightforward. This information is publicly found on their website."
"The price of the solution is expensive compared to other solutions."
"We do have some missing licenses issues, especially with non-SPDX compliant one, but we expect this to be fixed soon"
"The pricing is reasonable."
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
842,767 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
13%
Manufacturing Company
12%
Computer Software Company
11%
University
6%
Financial Services Firm
16%
Computer Software Company
15%
Manufacturing Company
10%
Insurance Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about GitHub?
The control is the most valuable feature as developers can work on a single code.
What is your experience regarding pricing and costs for GitHub?
The pricing of GitHub depends on the choice of solutions, such as building one's own GitHub Runners to save money or using GitHub's Runners with extra costs. The pricing is considered reasonable an...
What needs improvement with GitHub?
There are still areas for improvement with GitHub Actions and their deployment workflows, as they have made significant progress but are not yet polished. Occasionally, stability can be an issue, t...
How does Snyk compare with SonarQube?
Snyk does a great job identifying and reducing vulnerabilities. This solution is fully automated and monitors 24/7 to find any issues reported on the internet. It will store dependencies that you a...
What do you like most about Snyk?
The most effective feature in securing project dependencies stems from its ability to highlight security vulnerabilities.
What needs improvement with Snyk?
Snyk has several limitations, including issues with Gradle, NPM, and Xcode, and trouble with AutoPR. It lacks the ability to select branches on its Web UI, forcing users to rely on CLI or CI/CD for...
 

Comparisons

 

Overview

 

Sample Customers

Dominion Enterprises, NASA, Braintree, SAP, CyberAgent
StartApp, Segment, Skyscanner, DigitalOcean, Comic Relief
Find out what your peers are saying about GitHub vs. Snyk and other solutions. Updated: March 2025.
842,767 professionals have used our research since 2012.