We performed a comparison between GitGuardian Public Monitoring and Snyk based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The Explore function is valuable for finding specific things I'm looking for."
"One thing I really like about it is the fact that we can add search words or specific payloads inside the tool, and GitGuardian will look into GitHub and alert us if any of these words is found in a repository... With this capability in the tool, we have good surveillance over our potential blind spots."
"Snyk is a developer-friendly product."
"Our overall security has improved. We are running fewer severities and vulnerabilities in our packages. We fixed a lot of the vulnerabilities that we didn't know were there."
"The most valuable features of Snyk are vulnerability scanning and automation. The automation the solution brings around vulnerability scanning is useful."
"The most valuable feature is that they add a lot of their own information to the vulnerabilities. They describe vulnerabilities and suggest their own mitigations or version upgrades. The information was the winning factor when we compared Snyk to others. This is what gave it more impact."
"The most valuable feature of Snyk is the software composition analysis."
"I think all the standard features are quite useful when it comes to software component scanning, but I also like the new features they're coming out with, such as container scanning, secrets scanning, and static analysis with SAST."
"It is one of the best product out there to help developers find and fix vulnerabilities quickly. When we talk about the third-party software vulnerability piece and potentially security issues, it takes the load off the user or developer. They even provide automitigation strategies and an auto-fix feature, which seem to have been adopted pretty well."
"The most valuable features are their GitLab and JIRA integrations. The GitLab integration lets us pull projects in pretty easily, so that it's pretty minimal for developers to get it set up. Using the JIRA integration, it's also pretty easy to get the information that is generated, as a result of that GitLab integration, back to our teams in a non-intrusive way and in a workflow that we are already using."
"I would like to see improvement in some of the user interface features... When one secret is leaked in multiple files or multiple repositories, it will appear on the dashboard. But when you click on that secret, all the occurrences will appear on the page. It would be better to have one secret per occurrence, directly, so that we don't have to click to get to the list of all the occurrences."
"I'm excited about the possibility of Public Postman scanning being integrated with GitGuardian in the future. Additionally, I'm interested in exploring the potential use of honeytokens, which seems like a compelling approach to lure and identify attackers."
"I would like to give further ability to grouping code repositories, in such a way that you could group them by the teams that own them, then produce alerting to those teams. The way that we are seeing it right now, the alerting only goes to a couple of places. I wish we could configure the code to go to different places."
"There is always more work to do around managing the volume of information when you've got thousands of vulnerabilities. Trying to get those down to zero is virtually impossible, either through ignoring them all or through fixing them. That filtering or information management is always going to be something that can be improved."
"The log export function could be easier when shipping logs to other platforms such as Splunk."
"The solution's integration with JFrog Artifactory could be improved."
"Generating reports and visibility through reports are definitely things they can do better."
"The way Snyk notifies if we have an issue, there are a few options: High vulnerability or medium vulnerability. The problem with that is high vulnerabilities are too broad, because there are too many. If you enable notifications, you get a lot of notifications, When you get many notifications, they become irrelevant because they're not specific. I would prefer to have control over the notifications and somehow decide if I want to get only exploitable vulnerabilities or get a specific score for a vulnerability. Right now, we receive too many high vulnerabilities. If we enable notifications, then we just get a lot of spam message. Therefore, we would like some type of filtering system to be built-in for the system to be more precise."
"It lists projects. So, if you have a number of microservices in an enterprise, then you could have pages of findings. Developers will then spend zero time going through the pages of reports to figure out, "Is there something I need to fix?" While it may make sense to list all the projects and issues in these very long lists for completeness, Snyk could do a better job of bubbling up and grouping items, e.g., a higher level dashboard that draws attention to things that are new, the highest priority things, or things trending in the wrong direction. That would make it a lot easier. They don't quite have that yet in container security."
"The documentation sometimes is not relevant. It does not cover the latest updates, scanning, and configurations. The documentation for some things is wrong and does not cover some configuration scannings for the multiple project settings."
More GitGuardian Public Monitoring Pricing and Cost Advice →
GitGuardian Public Monitoring is ranked 27th in Application Security Tools with 2 reviews while Snyk is ranked 4th in Application Security Tools with 41 reviews. GitGuardian Public Monitoring is rated 9.0, while Snyk is rated 8.2. The top reviewer of GitGuardian Public Monitoring writes "Helps us prioritize remediation tasks efficiently, improves our overall security visibility, and is effective in detecting and alerting us to security leaks quickly". On the other hand, the top reviewer of Snyk writes "Performs software composition analysis (SCA) similar to other expensive tools". GitGuardian Public Monitoring is most compared with , whereas Snyk is most compared with SonarQube, Black Duck, GitHub Advanced Security, Fortify Static Code Analyzer and Veracode. See our GitGuardian Public Monitoring vs. Snyk report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.