No more typing reviews! Try our Samantha, our new voice AI agent.

Cloudanix vs Snyk comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Cloud Security Posture Management (CSPM)
8th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Vulnerability Management (11th), Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
Cloudanix
Ranking in Cloud Security Posture Management (CSPM)
32nd
Average Rating
7.6
Reviews Sentiment
8.0
Number of Reviews
2
Ranking in other categories
GRC (25th), Identity and Access Management as a Service (IDaaS) (IAMaaS) (24th), Cloud-Native Application Protection Platforms (CNAPP) (23rd), AI Legal & Compliance (10th)
Snyk
Ranking in Cloud Security Posture Management (CSPM)
17th
Average Rating
8.2
Reviews Sentiment
7.3
Number of Reviews
51
Ranking in other categories
Application Performance Monitoring (APM) and Observability (21st), Application Security Tools (7th), Static Application Security Testing (SAST) (5th), GRC (6th), Cloud Management (14th), Vulnerability Management (21st), Container Security (7th), Software Composition Analysis (SCA) (2nd), Software Development Analytics (2nd), DevSecOps (3rd), Application Security Posture Management (ASPM) (2nd), AI Security (10th)
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
AM
Sr. Executive Engineer at a tech services company with 51-200 employees
Unified data access has boosted analytics speed but still needs better governance and cost control
The best feature that Cloudanix offers is the unified data access layer connecting multiple sources, allowing access to all data from one place. It ensures real-time sync data across systems on-demand, keeping data up to date without manual export. It has cross-platform compatibility across AWS, Azure, GCP databases, and SaaS applications, supports hybrid and multi-cloud environments, and simplifies data queries by letting users query multiple sources as if they are one instance, reducing the need for complex ETL pipelines. The best feature of Cloudanix is the ability to unify distributed data sources into a single, scalable, and easy-to-query layer for faster analytics and simple data management. I have seen specific outcomes and metrics such as reducing the time spent on stitching data sets from multiple systems, where queries now run directly across the connected layer. The analysis time drops from thirty to sixty minutes. Reporting cycles improve, with reports generated five times faster. I reduce engineering data team workload by thirty to fifty percent fewer ad hoc data extraction requests and achieve lower infrastructure and pipeline costs, reaching a ten to thirty percent cost saving in data pipelines and ETL maintenance. Moreover, improved decision speed leads to reduction in the decision cycle from days to hours, enhancing data consistency with fewer discrepancies between reports. For example, before Cloudanix, an analyst spent three hours pulling data from three systems and another two hours cleaning and joining it. After using Cloudanix, the same analysis can be done with one unified query that gets results in a minute, allowing focus to shift to interpretation instead of preparation. Consequently, Cloudanix typically delivers major gains in analyst productivity, achieving fifty to eighty percent faster data preparation and faster reporting cycles with reduced engineering workload and lower data pipeline costs by unifying access to distributed data sources.
Abhishek-Goyal - PeerSpot reviewer
Software Engineer at a computer software company with 11-50 employees
Improves security posture by actively reducing critical vulnerabilities and guiding remediation
Snyk's main features include open-source vulnerability scanning, code security, container security, infrastructure as code security, risk-based prioritization, development-first integration, continuous monitoring and alerting, automation, and remediation. The best features I appreciate are the vulnerability checking, vulnerability scanning, and code security capabilities, as Snyk scans all open-source dependencies for known vulnerabilities and helps with license compliance for open-source components. Snyk integrates into IDEs, allowing issues to be caught as they appear in the code dynamically and prioritizes risk while providing remediation advice. Snyk provides actionable remediation advice on where vulnerabilities can exist and where code security is compromised, automatically scanning everything and providing timely alerts. Snyk has positively impacted my organization by improving the security posture across all software repositories, resulting in fewer critical vulnerabilities, more confidence in overall product security, and faster security compliance for project clients. Snyk has helped reduce vulnerabilities significantly. Initially, the repository had 17 to 31 critical and high vulnerabilities, but Snyk has helped manage them down to just five vulnerabilities, which are now lower and not high or critical.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"If I had to say something positive about the product that brings me the biggest benefit, I would say it has accurate reports, gets new update CVEs, zero-day attack detection, and is easy to manage with its GUI."
"With TotalCloud, we can scan through the API. If we are not able to deploy cloud agents on the machine, we can use the API."
"TruRisk Insights is the most important innovation they've released this year."
"Qualys TotalCloud's most valuable features are its cloud security posture management, Kubernetes, and container security capabilities."
"TotalCloud's best feature is the integration of cloud accounts. It helps with the risk and security posture management of our cloud infrastructure."
"One of Qualys' best features is its categorization, which allows us to see the types of assets, their security postures, and the AI-powered version of the tool."
"The vulnerability management feature is the one I like the most because it provides a clear picture of all vulnerabilities."
"Qualys TotalCloud provides a single, prioritized view based on requirements such as identifying the most vulnerable assets and calculating the average time to remediate vulnerabilities."
"Choosing Cloudanix has proven very efficient and intuitive, and it remains easy to handle compared to other products available in the market."
"Consequently, Cloudanix typically delivers major gains in analyst productivity, achieving fifty to eighty percent faster data preparation and faster reporting cycles with reduced engineering workload and lower data pipeline costs by unifying access to distributed data sources."
"I am impressed with the product's security vulnerability detection. My peers in security are praising the tool for its accuracy to detect security vulnerabilities. The product is very easy to onboard. It doesn't require a lot of preparation or prerequisites. It's a bit of a plug-and-play as long as you're using a package manager or for example, you are using a GitHub repository. And that is an advantage for this tool because developers don't want to add more tools to what they're currently using."
"Snyk's ability to scan all of those every time we build, and keep a running status of them and recheck them daily, is extremely valuable for making us aware of what's going on."
"From the software composition analysis perspective, it first makes sure that we understand what is happening from a third-party perspective for the particular product that we use. This is very difficult when you are building software and incorporating dependencies from other libraries, because those dependencies have dependencies and that chain of dependencies can go pretty deep. There could be a vulnerability in something that is seven layers deep, and it would be very difficult to understand that is even affecting us. Therefore, Snyk provides fantastic visibility to know, "Yes, we have a problem. Here is where it ultimately comes from." It may not be with what we're incorporating, but something much deeper than that."
"Its reports are nice and provide information about the issue as well as resolution. They also provide a proper fix. If there's an issue, they provide information in detail about how to remediate that issue."
"Snyk's focus on security is a valuable feature. Also Snyk supports multiple programming languages, which has positively affected my security practices. I use only two or three languages, and when I change the language in a file, it detects it in the same suite. I find the AI-powered scanning overall beneficial.Using Snyk's AI-powered scanning, I can detect around ten or twenty errors in my project with about twenty thousand lines of code, so it helps improve my project by identifying a lot of potential vulnerabilities."
"It is one of the best product out there to help developers find and fix vulnerabilities quickly."
"Based on all our products, including Snyk, we have seen a 50 percent reduction in the amount of time it takes to fix problems."
"We're loving some of the Kubernetes integration as well. That's really quite cool. It's still in the early days of our use of it, but it looks really exciting. In the Kubernetes world, it's very good at reporting on the areas around the configuration of your platform, rather than the things that you've pulled in. There's some good advice there that allows you to prioritize whether something is important or just worrying. That's very helpful."
 

Cons

"The onboarding process is a bit difficult. In the initial phase, it is very difficult to understand the features, what the dashboard contains, and what criteria they are using."
"In TotalCloud, I would suggest improvements in policy checks to cater to various inventory types like VPCs, subnets, S3 buckets, or IAMs. There is a lack of data segregation according to criticality or inventory."
"There is room for improvement in vulnerability scanning, particularly for PaaS environments. Currently, Qualys does not have full access to these instances, which limits its effectiveness."
"An area for improvement would be to focus on risks related to AI, such as large language models and potential data leakage."
"Areas that need improvement in every solution include the remediation part. The remediation steps should be simple enough for everyone to understand."
"The cloud licensing unit system is unclear, especially since "units" aren't well-defined."
"Qualys' customer service provides quality answers, but the response time is long, even though it is within the SLA."
"Qualys's ticketing system can be confusing when assigning tasks to individuals, and support could be improved by offering instant call solutions with engineers in addition to ticket replies."
"Cloudanix could improve by addressing the limitations in terms of customization."
"Costs are flexible but can become unpredictable if query volume grows quickly."
"We use Bamboo for CI.CD, and we had problems integrating Snyk with it. Ultimately, we got the two solutions to work together, but it was difficult."
"The tool's initial use is complex."
"The reporting mechanism of Snyk could improve. The reporting mechanism is available only on the higher level of license."
"Snyk can be improved on the reporting aspect regarding the traceability of SCA."
"They need to improve the Snyk plugins and make it easier to make your optimizations based on your own needs or features."
"It would be helpful if we get a recommendation while doing the scan about the necessary things we need to implement after identifying the vulnerabilities."
"For the areas that they're new in, it's very early stages for them. For example, their expertise is in looking at third-party components and packages, which is their bread-and-butter and what they've been doing for ages, but for newer features such as static analysis I don't think they've got compatibility for all the languages and frameworks yet."
"The product is very expensive."
 

Pricing and Cost Advice

"Its price seems higher compared to other tools, but it is worth it. If they could adjust the pricing and make it comparable with other tools, that would be great."
"The cost is high, but it meets our organizational needs."
"Qualys TotalCloud offers cost-effective licensing flexibility."
"TotalCloud's price is about right where I would expect it to be."
"The pricing is comparable. It is built into our other product, so I cannot piecemeal it. It is a part of our subscription."
"Qualys TotalCloud is expensive, but it offers a premier solution with no headaches."
"Qualys TotalCloud is cost-efficient and was selected for its value compared to other products."
"Although Qualys TotalCloud is relatively expensive due to its unique automation features, its cost-effectiveness is rated an eight out of ten, with ten being the most costly."
Information not available
"Cost-wise, it's similar to Veracode, but I don't know the exact cost."
"Their licensing model is fairly robust and scalable for our needs. I believe we have reached a reasonable agreement on the licensing to enable hundreds of developers to participate in this product offering. The solution is very tailored towards developers and its licensing model works well for us."
"We do have some missing licenses issues, especially with non-SPDX compliant one, but we expect this to be fixed soon"
"The product's price is okay."
"The pricing is reasonable."
"The price of the solution is expensive compared to other solutions."
"It is pretty expensive. It is not a cheap product."
"The price is good. Snyk had a good price compared to the competition, who had higher pricing than them. Also, their licensing and billing are clear."
report
Use our free recommendation engine to learn which GRC solutions are best for your needs.
902,894 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
Construction Company
59%
Comms Service Provider
9%
Healthcare Company
8%
Outsourcing Company
6%
Financial Services Firm
13%
Manufacturing Company
11%
Computer Software Company
9%
Comms Service Provider
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise29
No data available
By reviewers
Company SizeCount
Small Business20
Midsize Enterprise10
Large Enterprise23
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
What is your experience regarding pricing and costs for Cloudanix?
My experience with pricing, setup costs, and licensing shows that pricing is more affordable compared to other vendor...
What needs improvement with Cloudanix?
Cloudanix can be improved by enhancing query performance optimization for very large multi-source data sets with smar...
What is your primary use case for Cloudanix?
My main use case for Cloudanix involves connecting, extending, and aggregating data across different clouds or system...
How does Snyk compare with SonarQube?
Snyk does a great job identifying and reducing vulnerabilities. This solution is fully automated and monitors 24/7 to...
What needs improvement with Snyk?
There are a lot of false positives that need to be identified and separated. The inclusion of AI to remove false posi...
What is your primary use case for Snyk?
I use Snyk ( /products/snyk-reviews ) in the DevOps pipeline to identify vulnerabilities before deploying the applica...
 

Also Known As

Qualys TotalCloud with FlexScan
No data available
Fugue, Snyk AppRisk
 

Overview

 

Sample Customers

Information Not Available
Information Not Available
StartApp, Segment, Skyscanner, DigitalOcean, Comic Relief
Find out what your peers are saying about Cloudanix vs. Snyk and other solutions. Updated: June 2026.
902,894 professionals have used our research since 2012.