No more typing reviews! Try our Samantha, our new voice AI agent.

SAS Enterprise GRC vs Snyk comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 11, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

SAS Enterprise GRC
Ranking in GRC
29th
Average Rating
10.0
Reviews Sentiment
5.9
Number of Reviews
1
Ranking in other categories
No ranking in other categories
Snyk
Ranking in GRC
6th
Average Rating
8.2
Reviews Sentiment
7.3
Number of Reviews
51
Ranking in other categories
Application Performance Monitoring (APM) and Observability (21st), Application Security Tools (7th), Static Application Security Testing (SAST) (5th), Cloud Management (14th), Vulnerability Management (21st), Container Security (7th), Software Composition Analysis (SCA) (2nd), Software Development Analytics (2nd), Cloud Security Posture Management (CSPM) (17th), DevSecOps (3rd), Application Security Posture Management (ASPM) (2nd), AI Security (10th)
 

Mindshare comparison

As of July 2026, in the GRC category, the mindshare of SAS Enterprise GRC is 1.1%, down from 1.4% compared to the previous year. The mindshare of Snyk is 1.6%, down from 1.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
GRC Mindshare Distribution
ProductMindshare (%)
Snyk1.6%
SAS Enterprise GRC1.1%
Other97.3%
GRC
 

Featured Reviews

it_user77958 - PeerSpot reviewer
Architect at a tech services company with 51-200 employees
We've improved our data management & human resource skills. Needs to work more on its presentation layer for users.
Follow the suggested implementation approach and it will be a smooth sailing. The core issue in any business analytics and business intelligence solutions is always data quality, deployment architecture and skilled human resource. Ensure that you have deliberated on these in detail and there will be no issues or hiccups during implementation
Abhishek-Goyal - PeerSpot reviewer
Software Engineer at a computer software company with 11-50 employees
Improves security posture by actively reducing critical vulnerabilities and guiding remediation
Snyk's main features include open-source vulnerability scanning, code security, container security, infrastructure as code security, risk-based prioritization, development-first integration, continuous monitoring and alerting, automation, and remediation. The best features I appreciate are the vulnerability checking, vulnerability scanning, and code security capabilities, as Snyk scans all open-source dependencies for known vulnerabilities and helps with license compliance for open-source components. Snyk integrates into IDEs, allowing issues to be caught as they appear in the code dynamically and prioritizes risk while providing remediation advice. Snyk provides actionable remediation advice on where vulnerabilities can exist and where code security is compromised, automatically scanning everything and providing timely alerts. Snyk has positively impacted my organization by improving the security posture across all software repositories, resulting in fewer critical vulnerabilities, more confidence in overall product security, and faster security compliance for project clients. Snyk has helped reduce vulnerabilities significantly. Initially, the repository had 17 to 31 critical and high vulnerabilities, but Snyk has helped manage them down to just five vulnerabilities, which are now lower and not high or critical.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We have been able to improve our data management, human resource skills and productivity, management reporting, and subsequently data mining for other business operations."
"Static code analysis is one of the best features of the solution."
"Snyk is a good tool that provides equivalent security standards compared to other expensive tools."
"Fugue provides core capabilities that enable visualization, discovery, and compliance automation."
"The customization is excellent."
"I think all the standard features are quite useful when it comes to software component scanning, but I also like the new features they're coming out with, such as container scanning, secrets scanning, and static analysis with SAST."
"The most valuable features of Snyk are vulnerability scanning and automation. The automation the solution brings around vulnerability scanning is useful."
"The most valuable feature of Snyk is the software composition analysis."
"We went from 15 vulnerabilities in it to four or five, and those four or five were un-upgradable and we were not affected by them."
 

Cons

"Customer Service: That is the only area where SAS needs to look into. It was just satisfactory."
"We tried to integrate it into our software development environment but it went really badly. It took a lot of time and prevented the developers from using the IDE. Eventually, we didn't use it in the development area... I would like to see better integrations to help the developers get along better with the tool. And the plugin for the IDE is not so good. This is something we would like to have..."
"Although Snyk is strong, sometimes it flags vulnerabilities that are not reachable, not exploitable, and not relevant to a project."
"Snyk is a premium-priced product, so it's kind of expensive. The big con that I find frustrating is when a company charges extra for single sign-on (SSO) into their SaaS app."
"You need to go to the tool, export it as a CSV, and then find it, which is ridiculous."
"There are some new features that we would like to see added, e.g., more visibility into library usage for the code. Something along the lines where it's doing the identification of where vulnerabilities are used, etc. This would cause them to stand out in the market as a much different platform."
"The log export function could be easier when shipping logs to other platforms such as Splunk."
"We were using Microsoft Docker images. It was reporting some vulnerabilities, but we were not able to figure out the fix for them. It was reporting some vulnerabilities in the Docker images given by Microsoft, which were out of our control. That was the only limitation. Otherwise, it was good."
"Because Snyk has so many integrations and so many things it can do, it's hard to really understand all of them and to get that information to each team that needs it... If there were more self-service, perhaps tutorials or overviews for new teams or developers, so that they could click through and see things themselves, that would help."
 

Pricing and Cost Advice

Information not available
"Their licensing model is fairly robust and scalable for our needs. I believe we have reached a reasonable agreement on the licensing to enable hundreds of developers to participate in this product offering. The solution is very tailored towards developers and its licensing model works well for us."
"The solution is less expensive than Black Duck."
"We are using the open-source version for the scans."
"The product's price is okay."
"Snyk is an expensive solution."
"On a scale of one to ten, where one is cheap and ten is expensive, I rate the pricing a three. It is a cheap solution."
"Cost-wise, it's similar to Veracode, but I don't know the exact cost."
"It is pretty expensive. It is not a cheap product."
report
Use our free recommendation engine to learn which GRC solutions are best for your needs.
903,147 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
No data available
Financial Services Firm
13%
Manufacturing Company
11%
Computer Software Company
10%
Comms Service Provider
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business20
Midsize Enterprise10
Large Enterprise23
 

Questions from the Community

Ask a question
Earn 20 points
How does Snyk compare with SonarQube?
Snyk does a great job identifying and reducing vulnerabilities. This solution is fully automated and monitors 24/7 to find any issues reported on the internet. It will store dependencies that you a...
What needs improvement with Snyk?
There are a lot of false positives that need to be identified and separated. The inclusion of AI to remove false positives would be beneficial. So far, I've not seen any AI features to enhance vuln...
What is your primary use case for Snyk?
I use Snyk ( /products/snyk-reviews ) in the DevOps pipeline to identify vulnerabilities before deploying the application. It integrates with Jenkins ( /products/jenkins-reviews ).
 

Comparisons

 

Also Known As

No data available
Fugue, Snyk AppRisk
 

Overview

 

Sample Customers

Belgium Special Tax, New Zealand Ministry of Health, New Zealand Ministry of Social Development North Carolina Marine Fisheries, Texas Parks and Wildlife Department, Town of Cary Western Australia Police
StartApp, Segment, Skyscanner, DigitalOcean, Comic Relief
Find out what your peers are saying about RSA, Diligent, MetricStream and others in GRC. Updated: June 2026.
903,147 professionals have used our research since 2012.