Snyk vs Tenable Vulnerability Management comparison

The compared Snyk and Tenable solutions aren't in the same category. Snyk is ranked #4 in AS , with an average rating of 7.9, and holds a 7.6% mindshare in the category. Tenable is ranked #5 in VM , with an average rating of 8.2, and holds a 8.5% mindshare. Additionally, 100% of Snyk users are willing to recommend the solution, compared to 94% of Tenable users who would recommend it.

Snyk

Read 44 Snyk reviews

13,724 Views
10,048 Comparison Views

100% willing to recommend

Tenable Vulnerability Manag...

Read 40 Tenable Vulnerability Management reviews

9,851 Views
7,588 Comparison Views

94% willing to recommend

Snyk

Tenable Vulnerability Manag...

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Snyk and Tenable Vulnerability Management based on real PeerSpot user reviews.

Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools.

To learn more, read our detailed Application Security Tools Report (Updated: December 2024).

Buyer's Guide

Application Security Tools

December 2024

Download the complete report

Helped 824,053 peers since 2012

Categories and Ranking

Snyk

Average Rating

8.2

Reviews Sentiment

7.3

Number of Reviews

Ranking in other categories

Application Security Tools (4th), Container Security (7th), Software Composition Analysis (SCA) (3rd), Software Development Analytics (2nd), DevSecOps (1st)

Tenable Vulnerability Manag...

Average Rating

8.2

Reviews Sentiment

7.0

Number of Reviews

Ranking in other categories

Vulnerability Management (5th), Risk-Based Vulnerability Management (2nd)

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Snyk is designed for Application Security Tools and holds a mindshare of 7.6%, down 8.2% compared to last year.
Tenable Vulnerability Management, on the other hand, focuses on Vulnerability Management, holds 8.5% mindshare, down 10.9% since last year.

Application Security Tools

Vulnerability Management

Featured Reviews

Jayashree Acharyya

Director at PepsiCo

Used for image scanning and identifying vulnerabilities, but its integration with other services could be improved

The solution has improved or streamlined our process a lot for securing container images. We wanted to make sure we are deploying the secure Docker images. Snyk allowed us to check whether it is following our standard of docker images or not. We use Azure DevOps as our platform, and Snyk's integration with Azure DevOps was okay. However, Snyk's integration with JFrog Artifactory didn't go well. We use JFrog Artifactory to store the artifacts we download. We wanted to integrate Snyk with JFrog Artifactory to scan the binary artifacts we downloaded, but that broke our JFrog Artifactory for some reason. Instead of using it there, we are calling it directly from the pipeline. Snyk's automation features significantly reduced remediation times a couple of times. Sometimes, our developers scan the code from the environment and find some Java vulnerabilities. We fixed those vulnerabilities in the lower environment itself. The solution does not require any maintenance. The accuracy of Snyk's vulnerability detection is pretty good compared to other tools. I rate the solution's vulnerability detection feature an eight out of ten. I would recommend Snyk to other users because it is easy to implement and integrate with Azure DevOps and GitHub. Overall, I rate the solution a seven out of ten.

Read full review

Yogeswaran Neelagandan

Key Account Manager at Uniware

Offers risk prioritization , notification system but support should be bundled with the product cost

It's a fantastic product, but there are some things to consider. One is the price. Compared to on-prem solutions, the SaaS model can be expensive. Price is definitely a concern and needs improvement, especially for the Indian market. While it's a fantastic product, it should be more accessible to small and medium-sized businesses (SMBs). Currently, only larger enterprises seem to be able to afford and evaluate it thoroughly. So, pricing can be improved and be more affordable for the Indian market, specifically for SMBs. Another area of improvement is customer service and support. Tenable needs to include support in the pricing/license. Currently, they push clients to get support from partners or channel distributors, who often charge a lot. Even for a simple one-time setup, they may charge three to four lakhs, and then additional annual charges for ongoing support. We have the technical skills to handle basic tasks, but relying on Tenable itself often results in just receiving emails or being redirected back to channel partners. So, support should be bundled with the product cost.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The most valuable feature of Snyk is the SBOM."

"Our overall security has improved. We are running fewer severities and vulnerabilities in our packages. We fixed a lot of the vulnerabilities that we didn't know were there."

"Snyk performs software composition analysis (SCA) similar to other expensive tools."

"I am impressed with the product's security vulnerability detection. My peers in security are praising the tool for its accuracy to detect security vulnerabilities. The product is very easy to onboard. It doesn't require a lot of preparation or prerequisites. It's a bit of a plug-and-play as long as you're using a package manager or for example, you are using a GitHub repository. And that is an advantage for this tool because developers don't want to add more tools to what they're currently using."

"There are many valuable features. For example, the way the scanning feature works. The integration is cool because I can integrate it and I don't need to wait until the CACD, I can plug it in to our local ID, and there I can do the scanning. That is the part I like best."

"Snyk's focus on security is a valuable feature. Also Snyk supports multiple programming languages, which has positively affected my security practices. I use only two or three languages, and when I change the language in a file, it detects it in the same suite. I find the AI-powered scanning overall beneficial.Using Snyk's AI-powered scanning, I can detect around ten or twenty errors in my project with about twenty thousand lines of code, so it helps improve my project by identifying a lot of potential vulnerabilities."

"The CLI feature is quite useful because it gives us a lot of flexibility in what we want to do. If you use the UI, all the information is there and you can see what Snyk is showing you, but there is nothing else that you can change. However, when you use the CLI, then you can use commands and can get the output or response back from Snyk. You can also take advantage of that output in a different way. For the same reason, we have been using the CLI for the hard gate in the pipeline: Obtain a particular CDSS score for vulnerability. Based on that information, we can then decide if we want to block or allow the build. We have more flexibility if we use the CLI."

"The solution's vulnerability database, in terms of comprehensiveness and accuracy, is very high-level. As far as I know, it's the best among their competitors."

More Snyk pros

"The solution creates vulnerability tickets within the VM profile but should also include them under the Remediation tab so the fixes can be viewed in the ticketing queue."

"The initial setup is very straightforward."

"The solution can integrate with third parties and meets standard compliance."

"The initial setup is straightforward so long as your infrastructure, components, and networks are in place."

"The tool has an easy-to-use interface."

"It is quite straightforward to set up."

"You can customize each point in new scans."

"The ease of use in terms of scanning assets is valuable."

More Tenable Vulnerability Management pros

Cons

"A feature we would like to see is the ability to archive and store historical data, without actually deleting it. It's a problem because it throws my numbers off. When I'm looking at the dashboard's current vulnerabilities, it's not accurate."

"I think Snyk should add more of a vulnerability protection feature in the tool since it is an area where it lacks."

"Offering API access in the lower or free open-source tiers would be better. That would help our customers. If you don't have an enterprise plan, it becomes challenging to integrate with the rest of the systems. Our customers would like to have some open-source integrations in the next release."

"Snyk's API and UI features could work better in terms of speed."

"I use Snyk alongside Sonar, and Snyk tends to generate a lot of false positives. Improving the overall report quality and reducing false positives would be beneficial. I don't need additional features; just improving the existing ones would be enough."

"There is always more work to do around managing the volume of information when you've got thousands of vulnerabilities. Trying to get those down to zero is virtually impossible, either through ignoring them all or through fixing them. That filtering or information management is always going to be something that can be improved."

"Generating reports and visibility through reports are definitely things they can do better."

"Snyk has several limitations, including issues with Gradle, NPM, and Xcode, and trouble with AutoPR."

More Snyk cons

"The price could be lower."

"The solution’s pricing could be improved."

"The product is a bit expensive."

"t needs additional reporting and intelligence features, as well as enhancements in AI-driven detection, which is still in its early stages."

"The only drawback of the solution is that it is expensive."

"I would like the solution to cover the whole cycle of mitigation since it's an area where the solution currently lacks."

"It's not a user-friendly tool since it has a complicated interface."

"The reporting was never great in Tenable Vulnerability Management, so, in my company, we imported all the data into Ivanti RiskSense to start using it for reporting."

More Tenable Vulnerability Management cons

Pricing and Cost Advice

"We are using the open-source version for the scans."

"For what Snyk offers, it has the best cost-benefit I have ever seen because you're buying the license per user."

"The solution is less expensive than Black Duck."

"With Snyk, you get what you pay for. It is not a cheap solution, but you get a comprehensiveness and level of coverage that is very good. The dollars in the security budget only go so far. If I can maximize my value and be able to have some funds left over for other initiatives, I want to do that. That is what drives me to continue to say, "What's out there in the market? Snyk's expensive, but it's good. Is there something as good, but more affordable?" Ultimately, I find we could go cheaper, but we would lose the completeness of vision or scope. I am not willing to do that because Snyk does provide a pretty important benefit for us."

"Snyk is an expensive solution."

"Despite Snyk's coverage, scalability, reliability, and stability, it is available at a very competitive price."

"I didn't think the price was that great, but it wasn't that bad, either. I'd rate their pricing as average in the market."

"You can get a good deal with Snyk for pricing. It's a little expensive, but it is worth it."

More Snyk pricing and cost advice

"Compared to other VM solutions, Tenable.io Vulnerability Management is expensive."

"The product costs us around $137,000 annually for 4000 to 5000 assets."

"The cost is determined by the number of endpoints, which is approximately one dollar per endpoint."

"On a scale of one to ten, where one is low, and ten is high price, I rate the pricing an eight. So, it is a pretty expensive solution."

"Tenable.io Vulnerability Management's pricing solution model isn't great."

"A yearly payment has to be made toward the solution's licensing costs."

"The solution is not too expensive."

"Yearly payments are to be made toward the licensing cost of the product. It is neither a cheap nor an expensive product."

More Tenable Vulnerability Management pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.

See recommendations

824,053 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

16%

Computer Software Company

15%

Manufacturing Company

Insurance Company

Educational Organization

31%

Computer Software Company

11%

Financial Services Firm

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

How does Snyk compare with SonarQube?

Snyk does a great job identifying and reducing vulnerabilities. This solution is fully automated and monitors 24/7 to find any issues reported on the internet. It will store dependencies that you a...

See all answers

What do you like most about Snyk?

The most effective feature in securing project dependencies stems from its ability to highlight security vulnerabilities.

See all answers

What needs improvement with Snyk?

Snyk has several limitations, including issues with Gradle, NPM, and Xcode, and trouble with AutoPR. It lacks the ability to select branches on its Web UI, forcing users to rely on CLI or CI/CD for...

See all answers

What's the difference between Tenable Nessus and Tenable.io Vulnerability Management?

Tenable Nessus is a vulnerability assessment solution that is both easy to deploy and easy to manage. The design of the program is such that if a company should desire to handle the installation t...

See all answers

What do you like most about Tenable.io Vulnerability Management?

The tool has an easy-to-use interface.

See all answers

What needs improvement with Tenable.io Vulnerability Management?

It needs additional reporting and intelligence features, as well as enhancements in AI-driven detection, which is still in its early stages.

See all answers

Comparisons

GitHub Advanced Security vs Snyk

Compared 13% of the time

SonarQube Server (formerly SonarQube) vs Snyk

Compared 11% of the time

Black Duck vs Snyk

Compared 10% of the time

Wiz vs Snyk

Compared 7% of the time

Fortify Static Code Analyzer vs Snyk

Compared 6% of the time

More Snyk Competitors

Tenable Security Center vs Tenable Vulnerability Management

Compared 27% of the time

Tenable Nessus vs Tenable Vulnerability Management

Compared 22% of the time

Amazon Inspector vs Tenable Vulnerability Management

Compared 9% of the time

Qualys VMDR vs Tenable Vulnerability Management

Compared 8% of the time

Rapid7 InsightVM vs Tenable Vulnerability Management

Compared 4% of the time

More Tenable Vulnerability Management Competitors

Product Reports

Buyer's Guide

Snyk

November 2024

Download Snyk product report

Buyer's Guide

Tenable Vulnerability Management

November 2024

Download Tenable Vulnerability Management product report

Also Known As

No data available

Tenable.io

Learn More

Snyk

Tenable

Overview

Snyk is a user-friendly security solution that enables users to safely develop and use open source code. Users can create automatic scans that allow them to keep a close eye on their code and prevent bad actors from exploiting vulnerabilities. This enables users to find and remove vulnerabilities soon after they appear.

Benefits of Snyk

Some of the benefits of using Snyk include:

Conserves resources: Snyk easily integrates with other security solutions and uses their security features to ensure that the work that users are doing is completely secure. These integrations allow them to protect themselves without pulling resources from their continued integration or continued delivery workflows. Resources can be conserved for areas of the greatest need.

Highly flexible: Snyk enables users to customize the system’s security automation features to meet their needs. Users can guarantee that the automation performs the functions that are most essential for their current project. Additionally, users are able to maintain platform governance consistency across their system.

Keeps users ahead of emerging threats. Snyk employs a database of threats that help it detect and keep track of potential issues. This database is constantly being updated to reflect the changes that take place in the realm of cybersecurity. It also uses machine learning. Users are prepared to deal with new issues as they arise.

Automatically scans projects for threats. Snyk’s command-line interface enables users to schedule the solution to run automatic scans of their projects. Time and manpower can be conserved for the areas of greatest need without sacrificing security.

Reviews from Real Users

Snyk is a security platform for developers that stands out among its competitors for a number of reasons. Two major ones are its ability to integrate with other security solutions and important insights that it can enable users to discover. Snyk enables users to combine its already existing security features with those of other solutions to create far more robust and flexible layers of security than what it can supply on its own. It gives users the ability to dig into the security issues that they may experience. Users are given a clear view of the root causes of these problems. This equips them to address the problem and prevent similar issues in the future.

Cameron G., a security software engineer at a tech company, writes, “The most valuable features are their GitLab and JIRA integrations.The GitLab integration lets us pull projects in pretty easily, so that it's pretty minimal for developers to get it set up. Using the JIRA integration, it's also pretty easy to get the information that is generated, as a result of that GitLab integration, back to our teams in a non-intrusive way and in a workflow that we are already using. Snyk is something of a bridge that we use; we get our projects into it and then get the information out of it. Those two integrations are crucial for us to be able to do that pretty simply.”

Sean M., the chief information security officer of a technology vendor, writes, "From the software composition analysis perspective, it first makes sure that we understand what is happening from a third-party perspective for the particular product that we use. This is very difficult when you are building software and incorporating dependencies from other libraries, because those dependencies have dependencies and that chain of dependencies can go pretty deep. There could be a vulnerability in something that is seven layers deep, and it would be very difficult to understand that is even affecting us. Therefore, Snyk provides fantastic visibility to know, "Yes, we have a problem. Here is where it ultimately comes from." It may not be with what we're incorporating, but something much deeper than that."

Managed in the cloud and powered by Tenable Nessus, Tenable Vulnerability Management (formerly Tenable.io) provides the industry's most comprehensive vulnerability coverage with real-time continuous assessment of your organization. Built-in prioritization, threat intelligence and real-time insight help you understand your exposures and proactively prioritize remediations.

Sample Customers

StartApp, Segment, Skyscanner, DigitalOcean, Comic Relief

Global Payments AU/NZ

Buyer's Guide

Application Security Tools

December 2024

Download Free Report

Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools. Updated: December 2024.

DOWNLOAD NOW

824,053 professionals have used our research since 2012.

We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.