Try our new research platform with insights from 80,000+ expert users
Snyk Logo

Snyk Reviews

Vendor: Snyk
4.1 out of 5
Badge Ranked 1
486 followers
Start review

What is Snyk?

Snyk is a user-friendly security solution that enables users to safely develop and use open source code. Users can create automatic scans that allow them to keep a close eye on their code and prevent bad actors from exploiting vulnerabilities. This enables users to find and remove vulnerabilities soon after they appear.

Get the Snyk Buyer's Guide and find out what your peers are saying about Snyk, SonarQube Server (formerly SonarQube), GitLab and more!
Snyk is the #1 ranked solution in top DevSecOps solutions, #2 ranked solution in top Software Development Analytics solutions, #3 ranked solution in top Software Composition Analysis (SCA) solutions, #4 ranked solution in application security solutions, and #5 ranked solution in Container Security Solutions. PeerSpot users give Snyk an average rating of 8.2 out of 10. Snyk is most commonly compared to SonarQube Server (formerly SonarQube): Snyk vs SonarQube Server (formerly SonarQube). Snyk is popular among the large enterprise segment, accounting for 65% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a financial services firm, accounting for 16% of all views.
Buyer's Guide
Snyk
February 2025
Get the report
Helped 841,605 peers since 2012

Featured Snyk reviews

Read more reviews

Snyk mindshare

Product category:
Application Security Tools
As of March 2025, the mindshare of Snyk in the Application Security Tools category stands at 8.0%, down from 8.1% compared to the previous year, according to calculations based on PeerSpot user engagement data.
Application Security Tools

PeerAnalyst reports based on Snyk reviews

TypeTitleDate
CategoryApplication Security ToolsMar 14, 2025Download
ProductReviews, tips, and advice from real usersMar 14, 2025Download
ComparisonSnyk vs SonarQube Server (formerly SonarQube)Mar 14, 2025Download
ComparisonSnyk vs VeracodeMar 14, 2025Download
ComparisonSnyk vs Checkmarx OneMar 14, 2025Download
Suggested products
TitleRatingMindshareRecommending
SonarQube Server (formerly SonarQube)4.025.5%81%114 interviewsAdd to research
GitLab4.33.0%97%82 interviewsAdd to research
 
 
Key learnings from peers

Valuable Features

Snyk offers ease of use, seamless integration, and a comprehensive vulnerability database. It excels in self-service, with integrations in IDEs, CI/CD pipelines, and tools like Slack and JIRA. Its container security feature empowers developers, while its automation and detailed reporting streamline issue management and prioritization. Users appreciate its Docker partnership, accurate dependency checks, and actionable advice. Snyk’s affordability and modular API further enhance its appeal.
  • "Snyk allows for scaling across large organizations, accommodating tens of thousands of applications and over 60,000 repositories, making it suitable for wide-scale deployment."
  • "The most important feature of Snyk is its cost-effectiveness compared to other solutions such as Check Point."
  • "The valuable aspect is its security capabilities."

Room for Improvement

Snyk needs improvement in several areas, including support for more languages and better integration with various tools and IDEs. Users experience difficulties with the UI's speed and reporting features. They also indicate a need for enhanced static and dynamic analysis capabilities. Notifications require customization options to avoid irrelevance due to high volumes. API functionality is limited in some tiers, and documentation sometimes lacks clarity. Real-time feedback and automatic fixing features could enhance its utility for developers.
  • "Snyk has several limitations, including issues with Gradle, NPM, and Xcode, and trouble with AutoPR."
  • "Snyk has several limitations, including issues with Gradle, NPM, and Xcode, and trouble with AutoPR."
  • "We had some issues integrating into our pipeline, however, they were resolved."

ROI

Snyk users experience a notable reduction in time spent identifying and fixing problems, enhancing developer productivity significantly. They discover previously unnoticed vulnerabilities and benefit from the tool's explanatory resources. Immediate value is often seen; however, quantifying financial savings is complex. Snyk acts as a preventive measure similar to insurance, essential for avoiding compliance issues. It helps in early bug detection, facilitating reduced costs during development stages, leading to high ROI potential for engaged teams.

Pricing

Enterprise users find Snyk's pricing to be reasonable and competitive compared to other solutions, though some consider it expensive for startups. The licensing model is straightforward, based on the number of committers, which may cause confusion with non-developers. Snyk offers value with its comprehensive coverage. Additional costs may arise for features like single sign-on. Despite varied perceptions, Snyk is considered a good value, offering flexibility and scalability without hidden costs. Pricing rates around $39 to $74 per user.
  • "I would rate the pricing of Snyk at two.I'm currently using the free version, which the company offers before buying the full version. So, the price is affordable, especially for an enterprise."
  • "The product's price is okay."
  • "Snyk is an expensive solution."

Popular Use Cases

Organizations utilize Snyk for vulnerability scanning of code dependencies and open-source libraries, ensuring security compliance and efficient management of licensing issues. They integrate Snyk into CI/CD pipelines for continuous monitoring, leveraging its capabilities for Docker image scanning, Kubernetes deployments, and infrastructure assessments. Snyk's integration with platforms like GitHub allows teams to promptly address vulnerabilities, enhancing overall security posture and enabling safe code development practices across diverse environments.

Service and Support

Snyk's customer service receives positive remarks. Users highlight quick, reliable, and responsive technical support. Communication channels like Slack and Zoom offer prompt assistance, often rating highly. Personalized support through customer success managers and direct communication with engineers boosts satisfaction. Though some mention room for improvements in response speed, particularly for urgent issues, overall feedback indicates strong customer relationship management, active engagement, and valuable resources aiding in resolving issues efficiently. Companies appreciate transparency and proactive outreach.

Deployment

Snyk's initial setup is often described as straightforward and easy to integrate with various systems, such as cloud platforms and code repositories. Many organizations experience quick and efficient deployment, typically taking hours to days, with robust documentation assisting the process. Some companies report minor challenges, particularly when customizing for specific environments. Developer adoption varies, often reliant on organization mandates. Generally, users appreciate the flexibility and simplicity of setup, helping early vulnerability detection in development cycles.

Scalability

Snyk efficiently scales for numerous users and applications, offering a fast scan process. Customers appreciate its ease of integration and widespread deployment. However, some note occasional slowness with extensive vulnerability requests. Minor user interface improvements could enhance scalability further. Many organizations successfully expand its use without issues, although certain users report a lag in adopting its full capabilities. Its SaaS platform supports enterprise-level scalability, making it versatile for both developers and security teams.

Stability

Snyk is largely considered stable, with most users reporting minimal instability. Occasional issues include insufficient documentation and minor version upgrade challenges. Bugs and reporting lags are rare, and customer support is responsive. The platform's flexibility in deployment and maintenance suits various teams, though a few users mention memory issues with large projects. Rated around 8-9 out of 10, it meets expectations in terms of reliability.
These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.
Download our Snyk Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
By visitors reading reviews

Top industries

By visitors reading reviews
Financial Services Firm
16%
Computer Software Company
15%
Manufacturing Company
10%
Insurance Company
7%
Retailer
5%
Government
5%
Healthcare Company
4%
University
4%
Comms Service Provider
4%
Media Company
3%
Real Estate/Law Firm
3%
Energy/Utilities Company
3%
Educational Organization
3%
Construction Company
2%
Non Profit
2%
Recreational Facilities/Services Company
1%
Wholesaler/Distributor
1%
Legal Firm
1%
Outsourcing Company
1%
Performing Arts
1%
Hospitality Company
1%
Pharma/Biotech Company
1%
Transportation Company
1%
Logistics Company
1%
Consumer Goods Company
1%
Marketing Services Firm
1%
Aerospace/Defense Firm
1%

Compare Snyk with alternative products

Go!

Learn more about Snyk

Benefits of Snyk

Some of the benefits of using Snyk include:

  • Conserves resources: Snyk easily integrates with other security solutions and uses their security features to ensure that the work that users are doing is completely secure. These integrations allow them to protect themselves without pulling resources from their continued integration or continued delivery workflows. Resources can be conserved for areas of the greatest need.
  • Highly flexible: Snyk enables users to customize the system’s security automation features to meet their needs. Users can guarantee that the automation performs the functions that are most essential for their current project. Additionally, users are able to maintain platform governance consistency across their system.
  • Keeps users ahead of emerging threats. Snyk employs a database of threats that help it detect and keep track of potential issues. This database is constantly being updated to reflect the changes that take place in the realm of cybersecurity. It also uses machine learning. Users are prepared to deal with new issues as they arise.
  • Automatically scans projects for threats. Snyk’s command-line interface enables users to schedule the solution to run automatic scans of their projects. Time and manpower can be conserved for the areas of greatest need without sacrificing security.

Reviews from Real Users

Snyk is a security platform for developers that stands out among its competitors for a number of reasons. Two major ones are its ability to integrate with other security solutions and important insights that it can enable users to discover. Snyk enables users to combine its already existing security features with those of other solutions to create far more robust and flexible layers of security than what it can supply on its own. It gives users the ability to dig into the security issues that they may experience. Users are given a clear view of the root causes of these problems. This equips them to address the problem and prevent similar issues in the future.

Cameron G., a security software engineer at a tech company, writes, “The most valuable features are their GitLab and JIRA integrations.The GitLab integration lets us pull projects in pretty easily, so that it's pretty minimal for developers to get it set up. Using the JIRA integration, it's also pretty easy to get the information that is generated, as a result of that GitLab integration, back to our teams in a non-intrusive way and in a workflow that we are already using. Snyk is something of a bridge that we use; we get our projects into it and then get the information out of it. Those two integrations are crucial for us to be able to do that pretty simply.”

Sean M., the chief information security officer of a technology vendor, writes, "From the software composition analysis perspective, it first makes sure that we understand what is happening from a third-party perspective for the particular product that we use. This is very difficult when you are building software and incorporating dependencies from other libraries, because those dependencies have dependencies and that chain of dependencies can go pretty deep. There could be a vulnerability in something that is seven layers deep, and it would be very difficult to understand that is even affecting us. Therefore, Snyk provides fantastic visibility to know, "Yes, we have a problem. Here is where it ultimately comes from." It may not be with what we're incorporating, but something much deeper than that."

Snyk customers

StartApp, Segment, Skyscanner, DigitalOcean, Comic Relief

Related questions

  • 252
Which software is ideal for code quality and security?
  • 387
How does Snyk compare with SonarQube?
  • 14
How do you use Snyk for running SAST?
  • 11
What do I scan when changing code in Snyk?
  • 753
If you had to both encrypt and compress data during transmission, which would you do first and why?
  • 59
When evaluating Application Security, what aspect do you think is the most important to look for?
  • 135
What are the Top 5 cybersecurity trends in 2022?
  • 150
What are the threats associated with using ‘bogus’ cybersecurity tools?
  • 50
We're evaluating Tripwire, what else should we consider?
  • 15
Which application security solutions include both vulnerability scans and quality checks?

Product Categories

Product Categories
Application Security Tools
Container Security
Software Composition Analysis (SCA)
Software Development Analytics
DevSecOps

Popular Comparisons

Popular Comparisons
SonarQube Server (formerly SonarQube) vs Snyk Logo
SonarQube Server (formerly SonarQube) vs Snyk
GitLab vs Snyk Logo
GitLab vs Snyk
Checkmarx One vs Snyk Logo
Checkmarx One vs Snyk
Veracode vs Snyk Logo
Veracode vs Snyk
Mend.io vs Snyk Logo
Mend.io vs Snyk
Fortify on Demand vs Snyk Logo
Fortify on Demand vs Snyk
CrowdStrike Falcon Cloud Security vs Snyk Logo
CrowdStrike Falcon Cloud Security vs Snyk
Sonatype Lifecycle vs Snyk Logo
Sonatype Lifecycle vs Snyk
Acunetix vs Snyk Logo
Acunetix vs Snyk
GitHub Advanced Security vs Snyk Logo
GitHub Advanced Security vs Snyk
PortSwigger Burp Suite Professional vs Snyk Logo
PortSwigger Burp Suite Professional vs Snyk
HCL AppScan vs Snyk Logo
HCL AppScan vs Snyk
Qualys Web Application Scanning vs Snyk Logo
Qualys Web Application Scanning vs Snyk
GitHub vs Snyk Logo
GitHub vs Snyk
Klocwork vs Snyk Logo
Klocwork vs Snyk
See all alternatives
 

Snyk reviews

Sort by:
meetharoon - PeerSpot user
CEO at a computer software company with 10,001+ employees
Verified user of Snyk
Nov 28, 2024
Affordable tool boosts code scanning efficiency but faces integration hurdles

Pros

"The most important feature of Snyk is its cost-effectiveness compared to other solutions such as Check Point."

Cons

"Snyk has several limitations, including issues with Gradle, NPM, and Xcode, and trouble with AutoPR. "

What is our primary use case?

I lead a code security practice for our organization. We integrated Snyk into our GitHub, using CLI to automatically scan codebases and identify issues. We are a large organization with three independent entities, consolidating Snyk across all entities. 

We also provide access through numerous CI/CD tools. Our default implementation mechanism is CLI, but we also use the Web UI for a comprehensive view and recommendations.

How has it helped my organization?

For large organizations like ours, cost is a major factor. Snyk is the most cost-effective solution compared to others like Check Point. 

We consolidated Snyk across three entities that used different tools. As a result, our organization became one of the largest in implementing Snyk.

*Disclosure: I am a real user, and this review is based on my own experience and opinions.
Read full review (615 words)
Eryk Lawyd - PeerSpot user
Tech Lead DevSecOps at Letsbank
Verified user of Snyk
Aug 10, 2023
A cost-effective solution that makes scanning your repositories a cinch

Pros

"I find SCA to be valuable. It can read your libraries, your license and bring the best way to resolve your problem in the best scenario."

Cons

"They need to improve the Snyk plugins and make it easier to make your optimizations based on your own needs or features."

What is our primary use case?

We use some legacy and some new languages as we are aiming for serverless solutions. We're using serverless as is and with Python. We import it to Snyk to do SAST scanning for every one of our repositories on the Bitbucket pipeline. At least 350 repositories, including libraries and some automation such as robots or scripts. We have a huge background in using this tool.

How has it helped my organization?

We have seen an improvement this month. My security team told me, "We need to break your pipeline if the tools present critical and high-end security issues on the code, so this code cannot go to a staging or homologation environment." I then made improvements to the tools, which were not cheap. But it's a standard feature and a customer need, so I do this, then we apply. Using Snyk, we get the results and the reports and deploy the applications with high-end critical issues of security such as DoS or Cross-Site scripting, any kind of present, on the Snyk IO solution.

*Disclosure: I am a real user, and this review is based on my own experience and opinions.
Read full review (1981 words)
Buyer's Guide
Snyk
Download free report
Find out what your peers are saying about Snyk. Updated February 2025
841,605 professionals have used our research since 2012.
SM
CISO at a tech vendor with 51-200 employees
Verified user of Snyk
Oct 27, 2020
Product version discussed: SaaS
Provides fantastic visibility into vulnerabilities and where they come from

Pros

"From the software composition analysis perspective, it first makes sure that we understand what is happening from a third-party perspective for the particular product that we use. This is very difficult when you are building software and incorporating dependencies from other libraries, because those dependencies have dependencies and that chain of dependencies can go pretty deep. There could be a vulnerability in something that is seven layers deep, and it would be very difficult to understand that is even affecting us. Therefore, Snyk provides fantastic visibility to know, "Yes, we have a problem. Here is where it ultimately comes from." It may not be with what we're incorporating, but something much deeper than that."

Cons

"It lists projects. So, if you have a number of microservices in an enterprise, then you could have pages of findings. Developers will then spend zero time going through the pages of reports to figure out, "Is there something I need to fix?" While it may make sense to list all the projects and issues in these very long lists for completeness, Snyk could do a better job of bubbling up and grouping items, e.g., a higher level dashboard that draws attention to things that are new, the highest priority things, or things trending in the wrong direction. That would make it a lot easier. They don't quite have that yet in container security."

What is our primary use case?

We use it to do software composition analysis. It analyzes the third-party libraries that we bring into our own code. It keeps up if there is a vulnerability in something that we've incorporated, then tells us if that has happened. We can then track that and take appropriate action, like updating that library or putting a patch in place to mitigate it. 

They have also added some additional products that we use: One of which is container security. That product is one that analyzes our microservices containers and provides them with a security assessment, so we are essentially following best practices.

How has it helped my organization?

From the software composition analysis perspective, it first makes sure that we understand what is happening from a third-party perspective for the particular product that we use. This is very difficult when you are building software and incorporating dependencies from other libraries, because those dependencies have dependencies and that chain of dependencies can go pretty deep. There could be a vulnerability in something that is seven layers deep, and it would be very difficult to understand that is even affecting us. Therefore, Snyk provides fantastic visibility to know, "Yes, we have a problem. Here is where it ultimately comes from." It may not be with what we're incorporating, but something much deeper than that.

The second thing that is critical in some cases, and Snyk provides as a value, is their guidance. Somewhere along the chain it figures the vulnerabilities out, then Snyk provides an update. So, what you need to do is go update to the latest version of that library, which is easy. However, sometimes it's not that easy, then Snyk has great guidance where you could go to manually patch it yourself, and they've made that a pretty seamless process. You can run a command with this new tooling, and it will go fix the underlying vulnerability for you. That is unusual. I have not seen that in other products.

It has improved the overall security of our applications by removing vulnerabilities and things that we are incorporating into our product. It ultimately identifies vulnerabilities in our product as well. It helps us when we do other types of testing of our applications, as we're not finding issues by something we had incorporated. Therefore, it reduces the vulnerabilities in our application.

*Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Read full review (2642 words)
PeerSpot user
VP of Engineering at a tech vendor with 11-50 employees
Verified user of Snyk
Sep 17, 2020
Scans our thousands of dependencies every time we build and rechecks them daily, making us aware of what's going on

Pros

"We're loving some of the Kubernetes integration as well. That's really quite cool. It's still in the early days of our use of it, but it looks really exciting. In the Kubernetes world, it's very good at reporting on the areas around the configuration of your platform, rather than the things that you've pulled in. There's some good advice there that allows you to prioritize whether something is important or just worrying. That's very helpful."

Cons

"There is always more work to do around managing the volume of information when you've got thousands of vulnerabilities. Trying to get those down to zero is virtually impossible, either through ignoring them all or through fixing them. That filtering or information management is always going to be something that can be improved."

What is our primary use case?

Our use case is basically what Snyk sells itself as, which is for becoming aware of and then managing any vulnerabilities in third-party, open-source software that we pull into our product. We have a lot of dependencies across both the tools and the product services that we build, and Snyk allows us to be alerted to any vulnerabilities in those open-source libraries, to prioritize them, and then manage things.

We also use it to manage and get visibility into any vulnerabilities in our Docker containers and Kubernetes deployments. We have very good visibility of things that aren't ours that might be at risk and put our services at risk.

Snyk's service is cloud-based and we talk to that from our infrastructure in the cloud as well.

How has it helped my organization?

We are a business that sells services to other businesses. One of the things that we have to sell is trust. As a small company, we've had to go quite a long way to mature our development and security processes. We've been ISO 27001-certified for a while and we got that very early, compared to the life cycle of most businesses. But that's because when we're talking contracts with customers, when we're talking information security reviews with customers, it's really powerful to be able to say, "We have Snyk, we use it in this way." A lot of the questions just go away because people understand that that means we've got a powerful and comprehensive tool.

Certainly, from a finding-of-vulnerabilities perspective, it's extremely good. Our problem is scale. We have something like 7,000 dependencies in our code and we could go and check those ourselves, but that would be a huge waste of time. Snyk's ability to scan all of those every time we build, and keep a running status of them and recheck them daily, is extremely valuable for making us aware of what's going on. We've wired Snyk up into Slack and other things so that we get notifications of status, and that's useful.

It has reduced the amount of time it takes to find problems by orders of magnitude because it's scanning everything. Without the tool it would be horrific; we just couldn't do it. It takes seconds for a scan to run on each of our libraries and so that's an amazing performance improvement. Compared to having nothing, it's amazing.

In terms of developer productivity, because of the way that our development community works, they're pulling in third-party libraries. So they worry less about the choice of the third-party library, but it could inform them that there's a risk, and then they then have to take action. We probably spend more time securing our product, but get a more secure product, which is actually what we want.

Overall, knowing what the risks are, and being able to make considered judgments about those risks, means that we are much more comfortable that our product is secure. And when there are high-risk issues, we're able to take action very quickly. The time to resolution for anything serious that is discovered in downstream libraries is dramatically reduced, and that's really useful.

*Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Read full review (2958 words)
CG
Security Software Engineer at a tech company with 10,001+ employees
Verified user of Snyk
Sep 2, 2020
Product version discussed: 0.44.3
Gives us a uniform way to access vulnerability information across a wide range of projects, teams, and structures

Pros

"The most valuable features are their GitLab and JIRA integrations. The GitLab integration lets us pull projects in pretty easily, so that it's pretty minimal for developers to get it set up. Using the JIRA integration, it's also pretty easy to get the information that is generated, as a result of that GitLab integration, back to our teams in a non-intrusive way and in a workflow that we are already using."

Cons

"Because Snyk has so many integrations and so many things it can do, it's hard to really understand all of them and to get that information to each team that needs it... If there were more self-service, perhaps tutorials or overviews for new teams or developers, so that they could click through and see things themselves, that would help."

What is our primary use case?

We use it as a pretty wide ranging tool to scan vulnerabilities, from our Docker images to Ruby, JavaScript, iOS, Android, and eventually even Kubernetes. We use those findings with the various integrations to integrate with our teams' workflows to better remediate the discoveries from Snyk.

How has it helped my organization?

It gives us a uniform way to access the vulnerability information across a wide range of projects, teams, and structures. Once there were teams in Snyk, I was able to move people around if they wanted to see other projects or had questions about how other teams were doing things. Instead of having to tell a team, "Oh, you're using this language so you have to use this tool," or, "You're using this language so you have to do it this way or that way," all the reports are uniform, which makes viewing everything a lot easier than piecing things together.

Snyk reduces the amount of time it takes our guys to find problems. It's tough to estimate how much it has reduced the time because we didn't really have a process before to aggregate as much information on as wide a range of projects as we do now. We don't really have a great basis for comparison. But judging from the fact that we didn't do any of this before and teams were pretty blind about the health of their dependencies and versions, this has not only been a time saver, but the biggest win is enlightenment and ease of use to actually be able to get this information in the first place.

As far as the amount of time it takes to triage vulnerabilities and go through the upgrade process, it's definitely more streamlined, overall.

An example of the way it has affected the overall security of our applications is from during one of the first weeks that we rolled it out with one of our projects. We went from 15 vulnerabilities in it to four or five, and those four or five were un-upgradable and we were not affected by them. That means we were able to knock out any vulnerabilities in that project right away, which was a few quick wins for us, compared to who knows how long all of those had been in the project. We hadn't really known that until we turned Snyk onto the project and then we solved those within a week.

*Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Read full review (3152 words)
PeerSpot user
Manager, Information Security Architecture at a consultancy with 5,001-10,000 employees
Verified user of Snyk
Jun 1, 2020
Reduced the amount of active vulnerabilities in our applications

Pros

"It has improved our vulnerability rating and reduced our vulnerabilities through the tool during the time that we've had it. It's definitely made us more aware, as we have removed scoping for existing vulnerabilities and platforms since we rolled it out up until now."

Cons

"There are some new features that we would like to see added, e.g., more visibility into library usage for the code. Something along the lines where it's doing the identification of where vulnerabilities are used, etc. This would cause them to stand out in the market as a much different platform."

What is our primary use case?

It is a source composition analysis tool that we use to perform vulnerability scanning for those vulnerabilities within open source libraries.

This is a SaaS solution.

How has it helped my organization?

It has improved our vulnerability rating and reduced our vulnerabilities through the tool during the time that we've had it. It's definitely made us more aware, as we have removed scoping for existing vulnerabilities and platforms since we rolled it out up until now.

We were aware of problems that were there, but we weren't looking for them until we had Snyk. It is definitely showing us things that we should have been concerned about, and we have found a lot of value in resolving those things since we've discovered them.

It's reduced the amount of active vulnerabilities in our applications, providing both a more stable and secure environment for us in the libraries that we develop. It has highlighted a number of things we weren't aware of in our applications and the reduction of those is definitely a benefit and value-add to our applications.

*Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Read full review (1062 words)
Jayashree Acharyya - PeerSpot user
Director at PepsiCo
Verified user of Snyk
Mar 7, 2024
Used for image scanning and identifying vulnerabilities, but its integration with other services could be improved

Pros

"The solution's Open Source feature gives us notifications and suggestions regarding how to address vulnerabilities."

Cons

"The solution's integration with JFrog Artifactory could be improved."

What is our primary use case?

We are using an enterprise version of Snyk for image scanning. We use Snyk to identify and address vulnerabilities in our open-source dependencies and to scan the Docker images.

What is most valuable?

The solution's Open Source feature gives us notifications and suggestions regarding how to address vulnerabilities.

*Disclosure: I am a real user, and this review is based on my own experience and opinions.
Read full review (567 words)
VinothKumar5 - PeerSpot user
Senior Consultant at Hexaware Technologies Limited
Verified user of Snyk
Apr 27, 2023
Performs software composition analysis (SCA) similar to other expensive tools

Pros

"Snyk performs software composition analysis (SCA) similar to other expensive tools."

Cons

"The solution's reporting and storage could be improved."

What is our primary use case?

The use cases for Snyk are quite progressive. I'm pretty much happy with the solution's performance with SaaS products.

What is most valuable?

Snyk performs software composition analysis (SCA) similar to other expensive tools.

*Disclosure: My company has a business relationship with this vendor other than being a customer: reseller
Read full review (769 words)