Try our new research platform with insights from 80,000+ expert users

Google Cloud Security Command Center vs Snyk comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Google Cloud Security Comma...
Ranking in Cloud Security Posture Management (CSPM)
26th
Average Rating
7.4
Reviews Sentiment
7.1
Number of Reviews
3
Ranking in other categories
Cloud-Native Application Protection Platforms (CNAPP) (18th)
Snyk
Ranking in Cloud Security Posture Management (CSPM)
15th
Average Rating
8.0
Reviews Sentiment
7.3
Number of Reviews
49
Ranking in other categories
Application Performance Monitoring (APM) and Observability (18th), Application Security Tools (6th), Static Application Security Testing (SAST) (8th), GRC (5th), Cloud Management (14th), Vulnerability Management (14th), Container Security (6th), Software Composition Analysis (SCA) (1st), Software Development Analytics (2nd), DevSecOps (2nd), Application Security Posture Management (ASPM) (2nd)
 

Mindshare comparison

As of October 2025, in the Cloud Security Posture Management (CSPM) category, the mindshare of Google Cloud Security Command Center is 2.4%, up from 0.8% compared to the previous year. The mindshare of Snyk is 3.2%, down from 3.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud Security Posture Management (CSPM) Market Share Distribution
ProductMarket Share (%)
Snyk3.2%
Google Cloud Security Command Center2.4%
Other94.4%
Cloud Security Posture Management (CSPM)
 

Featured Reviews

Nishant_Mishra - PeerSpot reviewer
Provides visibility, address cloud misconfiguration and prevent threats
In terms of identifying, the solution is pretty good. It takes care of all the layers. We have Cloud, Kubernetes cluster, instances running, and network. We have identities, permissions, and access. It provides pictures of everything in GCP. There's no such integration required. There are Google APIs that you need to enable. The compliance reporting feature helped us maintain a baseline of compliance within the information security policies. It's pretty stable and scalable. However, visibility can be improved along with automation. SCC to provide an option to fix those things, perhaps by clicking a button. For example, if a firewall rule allows an application to accept HTTP traffic, I should be able to address that specific issue directly within the interface. It's just a regular call to action button. There are no prerequisites for the solution. It's a requirement to have good security visibility into your Google Cloud Infrastructure. Cloud Security Command Center could be a good product to consider. There are other open-source solutions available. There are solutions from Aqua that are pretty decent. I would recommend that if somebody is opting for SCC, they should also explore open-source solutions. Open-source solutions can be very beneficial, especially if they are pursuing a multi-cloud strategy. You won't need additional security tools for platforms like AWS or others. Whenever a security issue pops up, a generative AI backend provides a summary of what happened. The information provided is quite detailed. Overall, I rate the solution an eight out of ten.
meetharoon - PeerSpot reviewer
Affordable tool boosts code scanning efficiency but faces integration hurdles
I lead a code security practice for our organization. We integrated Snyk into our GitHub, using CLI to automatically scan codebases and identify issues. We are a large organization with three independent entities, consolidating Snyk across all entities.  We also provide access through numerous…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The compliance reporting feature helped us maintain a baseline of compliance within the information security policies."
"Most people use the threat detection dashboard."
"It simplifies compliance efforts."
"There are many valuable features. For example, the way the scanning feature works. The integration is cool because I can integrate it and I don't need to wait until the CACD, I can plug it in to our local ID, and there I can do the scanning. That is the part I like best."
"Snyk has given us really good results because it is fully automated. We don't have to scan projects every time to find vulnerabilities, as it already stores the dependencies that we are using. It monitors 24/7 to find out if there are any issues that have been reported out on the Internet."
"The most valuable features of Snyk are vulnerability scanning and automation. The automation the solution brings around vulnerability scanning is useful."
"The solution's Open Source feature gives us notifications and suggestions regarding how to address vulnerabilities."
"It has an accurate database of vulnerabilities with a low amount of false positives."
"The product's most valuable features are an open-source platform, remote functionality, and good pricing."
"It has a nice dashboard where I can see all the vulnerabilities and risks that they provided. I can also see the category of any risk, such as medium, high, and low. They provide the input priority-wise. The team can target the highest one first, and then they can go to medium and low ones."
"We're loving some of the Kubernetes integration as well. That's really quite cool. It's still in the early days of our use of it, but it looks really exciting. In the Kubernetes world, it's very good at reporting on the areas around the configuration of your platform, rather than the things that you've pulled in. There's some good advice there that allows you to prioritize whether something is important or just worrying. That's very helpful."
 

Cons

"Visibility can be improved along with automation."
"The AI capabilities have been heavily promoted, but I haven't seen a significant impact."
"The tool should provide more flexibility and guidance to help us fix the top vulnerabilities before we go into production."
"The solution could improve the reports. They have been working on improving the reports but more work could be done."
"The solution's reporting and storage could be improved."
"Snyk should improve the scanning capabilities for other languages. For example, Veracode is strong with different languages such as Java, C#, and others."
"One area where Snyk could improve is in providing developers with the line where the error occurs."
"The feature for automatic fixing of security breaches could be improved."
"It lists projects. So, if you have a number of microservices in an enterprise, then you could have pages of findings. Developers will then spend zero time going through the pages of reports to figure out, "Is there something I need to fix?" While it may make sense to list all the projects and issues in these very long lists for completeness, Snyk could do a better job of bubbling up and grouping items, e.g., a higher level dashboard that draws attention to things that are new, the highest priority things, or things trending in the wrong direction. That would make it a lot easier. They don't quite have that yet in container security."
"Scalability has some issues because we have a lot of code and its use is mandatory. Therefore, it can be slow at times, especially because there are a lot of projects and reporting. Some UI improvements could help with this."
 

Pricing and Cost Advice

"Initially, it used to be relatively expensive, starting at around four or five hundred dollars."
"The pricing is acceptable, especially for enterprises. I don't think it's too much of a concern for our customers. Something like $99 per user is reasonable when the stakes are high."
"Pricing-wise, it is not expensive as compared to other tools. If you have a couple of licenses, you can scan a certain number of projects. It just needs to be attached to them."
"We are using the open-source version for the scans."
"The pricing is reasonable."
"The license model is based on the number of contributing developers. Snyk is expensive, for a startup company will most likely use the community edition, while larger companies will buy the licensed version. The price of Snyk is more than other SLA tools."
"Despite Snyk's coverage, scalability, reliability, and stability, it is available at a very competitive price."
"Cost-wise, it's similar to Veracode, but I don't know the exact cost."
"The product has good pricing."
report
Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.
869,566 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
15%
Comms Service Provider
8%
Retailer
7%
Financial Services Firm
15%
Computer Software Company
13%
Manufacturing Company
9%
Insurance Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business20
Midsize Enterprise9
Large Enterprise21
 

Questions from the Community

What do you like most about Google Cloud Security Command Center?
The compliance reporting feature helped us maintain a baseline of compliance within the information security policies.
What is your primary use case for Google Cloud Security Command Center?
The primary use case is to monitor the Google Cloud infrastructure across all projects for security-related alerts. The command center provides various features, including real-time alerting for ti...
How does Snyk compare with SonarQube?
Snyk does a great job identifying and reducing vulnerabilities. This solution is fully automated and monitors 24/7 to find any issues reported on the internet. It will store dependencies that you a...
What do you like most about Snyk?
The most effective feature in securing project dependencies stems from its ability to highlight security vulnerabilities.
What needs improvement with Snyk?
There are a lot of false positives that need to be identified and separated. The inclusion of AI to remove false positives would be beneficial. So far, I've not seen any AI features to enhance vuln...
 

Also Known As

No data available
Fugue, Snyk AppRisk
 

Overview

 

Sample Customers

Information Not Available
StartApp, Segment, Skyscanner, DigitalOcean, Comic Relief
Find out what your peers are saying about Google Cloud Security Command Center vs. Snyk and other solutions. Updated: September 2025.
869,566 professionals have used our research since 2012.