Try our new research platform with insights from 80,000+ expert users

Snyk vs Virsec Security Platform comparison

 

Comparison Buyer's Guide

Executive Summary
 

Categories and Ranking

Snyk
Ranking in Application Security Tools
4th
Average Rating
8.2
Reviews Sentiment
7.3
Number of Reviews
43
Ranking in other categories
Container Security (7th), Software Composition Analysis (SCA) (3rd), Software Development Analytics (2nd), DevSecOps (1st)
Virsec Security Platform
Ranking in Application Security Tools
36th
Average Rating
7.0
Number of Reviews
1
Ranking in other categories
Endpoint Detection and Response (EDR) (56th), Cloud Workload Protection Platforms (CWPP) (27th)
 

Mindshare comparison

As of November 2024, in the Application Security Tools category, the mindshare of Snyk is 7.6%, down from 8.5% compared to the previous year. The mindshare of Virsec Security Platform is 0.1%, up from 0.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools
 

Featured Reviews

Jayashree Acharyya - PeerSpot reviewer
Mar 4, 2024
Used for image scanning and identifying vulnerabilities, but its integration with other services could be improved
The solution has improved or streamlined our process a lot for securing container images. We wanted to make sure we are deploying the secure Docker images. Snyk allowed us to check whether it is following our standard of docker images or not. We use Azure DevOps as our platform, and Snyk's integration with Azure DevOps was okay. However, Snyk's integration with JFrog Artifactory didn't go well. We use JFrog Artifactory to store the artifacts we download. We wanted to integrate Snyk with JFrog Artifactory to scan the binary artifacts we downloaded, but that broke our JFrog Artifactory for some reason. Instead of using it there, we are calling it directly from the pipeline. Snyk's automation features significantly reduced remediation times a couple of times. Sometimes, our developers scan the code from the environment and find some Java vulnerabilities. We fixed those vulnerabilities in the lower environment itself. The solution does not require any maintenance. The accuracy of Snyk's vulnerability detection is pretty good compared to other tools. I rate the solution's vulnerability detection feature an eight out of ten. I would recommend Snyk to other users because it is easy to implement and integrate with Azure DevOps and GitHub. Overall, I rate the solution a seven out of ten.
KevinMcCarthy - PeerSpot reviewer
Jun 29, 2023
Helps with Zero-day protection
We use the solution for Zero-day protection.  The solution stops any kind of remote code execution.  The tool's dashboard needs to load since it is not responsive and takes time to load.  I have been using the product for a year.  I would rate the tool's stability a six out of ten.  I would…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Static code analysis is one of the best features of the solution."
"I find SCA to be valuable. It can read your libraries, your license and bring the best way to resolve your problem in the best scenario."
"Our customers find container scans most valuable. They are always talking about it."
"The most effective feature in securing project dependencies stems from its ability to highlight security vulnerabilities."
"The most valuable features include enriched information around the vulnerabilities for better triaging, in terms of the vulnerability layer origin and vulnerability tree."
"The most valuable feature of Snyk is the software composition analysis."
"Snyk is a good and scalable tool."
"A main feature of Snyk is that when you go with SCA, you do get properly done security composition, also from the licensing and open-source parameters perspective. A lot of companies often use open-source libraries or frameworks in their code, which is a big security concern. Snyk deals with all the things and provides you with a proper report about whether any open-source code or framework that you are using is vulnerable. In that way, Snyk is very good as compared to other tools."
"We use the solution for Zero-day protection."
 

Cons

"The way Snyk notifies if we have an issue, there are a few options: High vulnerability or medium vulnerability. The problem with that is high vulnerabilities are too broad, because there are too many. If you enable notifications, you get a lot of notifications, When you get many notifications, they become irrelevant because they're not specific. I would prefer to have control over the notifications and somehow decide if I want to get only exploitable vulnerabilities or get a specific score for a vulnerability. Right now, we receive too many high vulnerabilities. If we enable notifications, then we just get a lot of spam message. Therefore, we would like some type of filtering system to be built-in for the system to be more precise."
"For the areas that they're new in, it's very early stages for them. For example, their expertise is in looking at third-party components and packages, which is their bread-and-butter and what they've been doing for ages, but for newer features such as static analysis I don't think they've got compatibility for all the languages and frameworks yet."
"The reporting mechanism of Snyk could improve. The reporting mechanism is available only on the higher level of license. Adjusting the policy of the current setup of recording this report is something that can improve. For instance, if you have a certain license, you receive a rating, and the rating of this license remains the same for any use case. No matter if you are using it internally or using it externally, you cannot make the adjustment to your use case. It will always alert as a risky license. The areas of licenses in the reporting and adjustments can be improve"
"I use Snyk alongside Sonar, and Snyk tends to generate a lot of false positives. Improving the overall report quality and reducing false positives would be beneficial. I don't need additional features; just improving the existing ones would be enough."
"Generating reports and visibility through reports are definitely things they can do better."
"We tried to integrate it into our software development environment but it went really badly. It took a lot of time and prevented the developers from using the IDE. Eventually, we didn't use it in the development area... I would like to see better integrations to help the developers get along better with the tool. And the plugin for the IDE is not so good. This is something we would like to have..."
"We would like to have upfront knowledge on how easy it should be to just pull in an upgraded dependency, e.g., even introduce full automation for dependencies supposed to have no impact on the business side of things. Therefore, we would like some output when you get the report with the dependencies. We want to get additional information on the expected impact of the business code that is using the dependency with the newer version. This probably won't be easy to add, but it would be helpful."
"The feature for automatic fixing of security breaches could be improved."
"The tool's dashboard needs to load since it is not responsive and takes time to load."
 

Pricing and Cost Advice

"With Snyk, you get what you pay for. It is not a cheap solution, but you get a comprehensiveness and level of coverage that is very good. The dollars in the security budget only go so far. If I can maximize my value and be able to have some funds left over for other initiatives, I want to do that. That is what drives me to continue to say, "What's out there in the market? Snyk's expensive, but it's good. Is there something as good, but more affordable?" Ultimately, I find we could go cheaper, but we would lose the completeness of vision or scope. I am not willing to do that because Snyk does provide a pretty important benefit for us."
"Snyk is a premium-priced product, so it's kind of expensive. The big con that I find frustrating is when a company charges extra for single sign-on (SSO) into their SaaS app. Snyk is one of the few that I'm willing to pay that add-on charge, but generally I disqualify products that charge an extra fee to do integrated authentication to our identity provider, like Okta or some other SSO. That is a big negative. We had to pay extra for that. That little annoyance aside, it is expensive. You get a lot out of it, but you're paying for that premium."
"I would rate the pricing of Snyk at two. I'm currently using the free version, which the company offers before buying the full version. So, the price is affordable, especially for an enterprise."
"For what Snyk offers, it has the best cost-benefit I have ever seen because you're buying the license per user."
"The license model is based on the number of contributing developers. Snyk is expensive, for a startup company will most likely use the community edition, while larger companies will buy the licensed version. The price of Snyk is more than other SLA tools."
"The pricing is reasonable."
"It's inexpensive and easy to license. It comes in standard package sizing, which is straightforward. This information is publicly found on their website."
"Presently, my company uses an open-source version of the solution. The solution's pricing can be considered quite reasonable owing to the features they offer."
"I would rate the solution's pricing an eight out of ten."
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
814,572 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
15%
Computer Software Company
15%
Manufacturing Company
9%
Insurance Company
7%
Healthcare Company
33%
Financial Services Firm
12%
Manufacturing Company
10%
Retailer
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

How does Snyk compare with SonarQube?
Snyk does a great job identifying and reducing vulnerabilities. This solution is fully automated and monitors 24/7 to find any issues reported on the internet. It will store dependencies that you a...
What do you like most about Snyk?
The most effective feature in securing project dependencies stems from its ability to highlight security vulnerabilities.
What needs improvement with Snyk?
I'm not responsible for the tool. As far as I know, there are no major concerns or features that we lack. We had some issues integrating into our pipeline, however, they were resolved.
Contrast Security Assess vs Virsec Security Platform: What are the advantages and disadvantages of each?
Hi Julia - I've been with Virsec as the Sr. Director, Product Marketing for the last three quarters and I have never seen a competitive opportunity arise versus Contrast. Perhaps the confusion lies...
What do you like most about Virsec Security Platform?
We use the solution for Zero-day protection.
 

Also Known As

No data available
Virsec
 

Overview

 

Sample Customers

StartApp, Segment, Skyscanner, DigitalOcean, Comic Relief
Broadcom, Allstate, Department of Homeland Security
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools. Updated: October 2024.
814,572 professionals have used our research since 2012.