Try our new research platform with insights from 80,000+ expert users

GitHub vs Snyk comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 5, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

GitHub
Ranking in Application Security Tools
7th
Average Rating
8.8
Reviews Sentiment
7.5
Number of Reviews
92
Ranking in other categories
Version Control (3rd)
Snyk
Ranking in Application Security Tools
4th
Average Rating
8.2
Reviews Sentiment
7.4
Number of Reviews
44
Ranking in other categories
Container Security (7th), Software Composition Analysis (SCA) (3rd), Software Development Analytics (2nd), DevSecOps (1st)
 

Mindshare comparison

As of February 2025, in the Application Security Tools category, the mindshare of GitHub is 0.8%, down from 1.1% compared to the previous year. The mindshare of Snyk is 8.0%, down from 8.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools
 

Featured Reviews

Pervez Roy - PeerSpot reviewer
Very good for collaboration on software projects
We use GitHub for code repository alongside Bitbucket GitHub is very good for collaboration on software projects. We prefer Bitbucket for commercial use, while GitHub is used for open source. You can get the differences, history of changes, and version control for various pull requests. You can…
meetharoon - PeerSpot reviewer
Affordable tool boosts code scanning efficiency but faces integration hurdles
The most important feature of Snyk is its cost-effectiveness compared to other solutions such as Check Point. It is easy to consolidate Snyk across multiple entities within a large organization. Additionally, our integration of Snyk into GitHub allows us to automatically scan codebases and identify issues, which has improved efficiency.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable features are GitHub Actions for triggering workflows, GitHub Secrets for saving credentials without needing a third-party service, and the UI for identifying errors in the code when we commit."
"The features of GitHub are very nice and helpful for developers."
"The solution is scalable."
"I find GitHub's pull request strategies and GitHub Actions to be very valuable."
"GitHub is very straightforward. I really appreciate the versioning capabilities, ease of use, and the ability to host code."
"GitHub is the best tool for source repositories."
"We can make a private repository."
"GitHub provides good time reduction and this is what I value the most."
"The most valuable feature of Snyk is the SBOM."
"Our overall security has improved. We are running fewer severities and vulnerabilities in our packages. We fixed a lot of the vulnerabilities that we didn't know were there."
"We use Snyk to check vulnerabilities and rectify potential leaks in GitHub."
"The solution's Open Source feature gives us notifications and suggestions regarding how to address vulnerabilities."
"Our customers find container scans most valuable. They are always talking about it."
"Snyk's focus on security is a valuable feature. Also Snyk supports multiple programming languages, which has positively affected my security practices. I use only two or three languages, and when I change the language in a file, it detects it in the same suite. I find the AI-powered scanning overall beneficial.Using Snyk's AI-powered scanning, I can detect around ten or twenty errors in my project with about twenty thousand lines of code, so it helps improve my project by identifying a lot of potential vulnerabilities."
"Snyk has given us really good results because it is fully automated. We don't have to scan projects every time to find vulnerabilities, as it already stores the dependencies that we are using. It monitors 24/7 to find out if there are any issues that have been reported out on the Internet."
"Snyk categorizes the level of vulnerability into high, medium, and low, which helps organizations prioritize which issues to tackle first."
 

Cons

"While using the solution when merging two code branches the code becomes a bit messy. This should be improved in the future."
"The solution needs some more controls for deleting code."
"If it had all of the end-to-end integration, then we probably wouldn't have any doubts about what we have installed. However, at this point, we're still trying to figure out how to use it end-to-end."
"GitHub could add some more security features."
"We want to incorporate management comments within GitHub, making it more like a product management tool. We haven't done that yet. Another change we're considering is migrating from GitHub to Azure DevOps, especially now that Microsoft has introduced it."
"As of now, if I would like to learn about GitHub or its features, I would have to look on YouTube. It would be nice if they were able to send out a newsletter with explanations of new features that they are offering and what features are available."
"The descriptions within Github could be more user-friendly to show the trees of Gitflow."
"GitHub could improve by being more user-friendly."
"Because Snyk has so many integrations and so many things it can do, it's hard to really understand all of them and to get that information to each team that needs it... If there were more self-service, perhaps tutorials or overviews for new teams or developers, so that they could click through and see things themselves, that would help."
"Basically the licensing costs are a little bit expensive."
"They were a couple of issues which happened because Snyk lacked some documentation on the integration side. Snyk is lacking a lot of documentation, and I would like to see them improve this. This is where we struggle a bit. For example, if something breaks, we can't figure out how to fix that issue. It may be a very simple thing, but because we don't have the proper documentation around an issue, it takes us a bit longer."
"We tried to integrate it into our software development environment but it went really badly. It took a lot of time and prevented the developers from using the IDE. Eventually, we didn't use it in the development area... I would like to see better integrations to help the developers get along better with the tool. And the plugin for the IDE is not so good. This is something we would like to have..."
"Could include other types of security scanning and statistical analysis"
"I would like to give further ability to grouping code repositories, in such a way that you could group them by the teams that own them, then produce alerting to those teams. The way that we are seeing it right now, the alerting only goes to a couple of places. I wish we could configure the code to go to different places."
"A feature we would like to see is the ability to archive and store historical data, without actually deleting it. It's a problem because it throws my numbers off. When I'm looking at the dashboard's current vulnerabilities, it's not accurate."
"Snyk has several limitations, including issues with Gradle, NPM, and Xcode, and trouble with AutoPR."
 

Pricing and Cost Advice

"The licensing model for GitHub is user-based. Whenever the new developer joins we have to get a new license and register their ID. The overall price of the solution is reasonable."
"I haven't had to pay anything for GitHub, I use the free version."
"We pay a licensing fee for GitHub, which could be cheaper."
"GitHub is an open-source product, but when using the free-to-use version, anyone can see the code we're working on."
"You don't have to pay for a license if you are using the free version."
"We pay a subscription-based yearly licensing fee for the solution."
"The basic licensing model is free, and if you need to have technical support and such things, then it does cost something. You only need to pay extra if you need technical support."
"If I consider the market standards, the product's price is pocket-friendly."
"Snyk is an expensive solution."
"It's good value. That's the primary thing. It's not cheap-cheap, but it's good value."
"The price is good. Snyk had a good price compared to the competition, who had higher pricing than them. Also, their licensing and billing are clear."
"The pricing is reasonable."
"Cost-wise, it's similar to Veracode, but I don't know the exact cost."
"You can get a good deal with Snyk for pricing. It's a little expensive, but it is worth it."
"It is pretty expensive. It is not a cheap product."
"Snyk is a premium-priced product, so it's kind of expensive. The big con that I find frustrating is when a company charges extra for single sign-on (SSO) into their SaaS app. Snyk is one of the few that I'm willing to pay that add-on charge, but generally I disqualify products that charge an extra fee to do integrated authentication to our identity provider, like Okta or some other SSO. That is a big negative. We had to pay extra for that. That little annoyance aside, it is expensive. You get a lot out of it, but you're paying for that premium."
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
838,640 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
13%
Financial Services Firm
12%
Computer Software Company
12%
Government
7%
Financial Services Firm
16%
Computer Software Company
15%
Manufacturing Company
9%
Insurance Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about GitHub?
The control is the most valuable feature as developers can work on a single code.
What is your experience regarding pricing and costs for GitHub?
I'm not aware of the costs associated with GitHub. I simply appreciate its efficiency in managing code and collaborating with team members.
What needs improvement with GitHub?
I would like to see some AI functionality included in GitHub, similar to the features seen in GitLab, to enhance productivity. Additionally, offering limited free access to features like Copilot co...
How does Snyk compare with SonarQube?
Snyk does a great job identifying and reducing vulnerabilities. This solution is fully automated and monitors 24/7 to find any issues reported on the internet. It will store dependencies that you a...
What do you like most about Snyk?
The most effective feature in securing project dependencies stems from its ability to highlight security vulnerabilities.
What needs improvement with Snyk?
Snyk has several limitations, including issues with Gradle, NPM, and Xcode, and trouble with AutoPR. It lacks the ability to select branches on its Web UI, forcing users to rely on CLI or CI/CD for...
 

Comparisons

 

Overview

 

Sample Customers

Dominion Enterprises, NASA, Braintree, SAP, CyberAgent
StartApp, Segment, Skyscanner, DigitalOcean, Comic Relief
Find out what your peers are saying about GitHub vs. Snyk and other solutions. Updated: January 2025.
838,640 professionals have used our research since 2012.