HCL AppScan and Snyk compete in the cybersecurity software category, offering solutions for vulnerability detection and security analysis. Snyk appears to have the upper hand due to its ease of integration, comprehensive vulnerability database, and flexibility in deployment options, which are highly valued by developers looking for rapid and efficient solutions.
Features: HCL AppScan provides effective detection of XSS vulnerabilities, has templates for regulatory compliance, and offers user-friendly functionality with multilingual support. Snyk excels in its simplicity, ease of integration into development workflows, and provides real-time notifications and a comprehensive vulnerability database for efficient software composition analysis.
Room for Improvement: HCL AppScan could improve mobile integration, faster scanning speeds, and reduce false positives. Enhancements in support resources and CI/CD integration would also be beneficial. Snyk could expand scanning types to include SAST/DAST, better address licensing compliance, and further minimize false positives. Improving IDE plugin support and expanding language compatibility would help developers.
Ease of Deployment and Customer Service: HCL AppScan allows for on-premises, public, and hybrid cloud deployments, though customer service receives mixed reviews post-IBM transition. Snyk offers public cloud deployment options with agile customer support, praised for rapid deployment and responsiveness.
Pricing and ROI: HCL AppScan, while perceived as costly, uses a one-time purchase model ideal for extensive code analyses, offering significant ROI in vulnerability reduction. Snyk provides flexible pricing reflecting its integration capabilities, regarded as delivering excellent value despite costs, with users noting strong investment returns compared to competitors.
Veracode provides excellent assistance and regularly scheduled calls to address customer concerns and updates.
Our long-standing association has ensured smooth communication, resulting in favorable support experiences and satisfactory issue resolution.
Their response time aligns with their SLA commitments.
Snyk allows for scaling across large organizations, accommodating tens of thousands of applications and over 60,000 repositories.
One key feature we are currently examining with Veracode is AIVSS (Artificial Intelligence VSS), which is an extension of CVSS to cover use cases or top 10 LLM findings during code scanning.
It lacks the ability to select branches on its Web UI, forcing users to rely on CLI or CI/CD for that functionality.
The inclusion of AI to remove false positives would be beneficial.
Companies often choose based on budget constraints, with Veracode being on the higher end cost-wise.
After negotiations, we received a special package with a good price point.
Snyk is recognized as the cheapest option we have evaluated.
AppScan's most valuable features include its ability to identify vulnerabilities accurately, provide detailed remediation steps, and the newly introduced AI-powered features that enhance its functionality further.
Snyk helps detect vulnerabilities before code moves to production, allowing for integration with DevOps and providing a shift-left advantage by identifying and fixing bugs before deployment.
Our integration of Snyk into GitHub allows us to automatically scan codebases and identify issues, which has improved efficiency.
The best feature of Snyk is the integration with our ticketing system, which is Jira.
| Product | Market Share (%) |
|---|---|
| Snyk | 6.5% |
| HCL AppScan | 2.5% |
| Other | 91.0% |
| Company Size | Count |
|---|---|
| Small Business | 13 |
| Midsize Enterprise | 6 |
| Large Enterprise | 31 |
| Company Size | Count |
|---|---|
| Small Business | 20 |
| Midsize Enterprise | 8 |
| Large Enterprise | 21 |
IBM Security AppScan enhances web application security and mobile application security, improves application security program management and strengthens regulatory compliance. By scanning your web and mobile applications prior to deployment, AppScan enables you to identify security vulnerabilities and generate reports and fix recommendations.
Snyk's AI Trust Platform empowers developers to innovate securely in AI-driven environments, ensuring rapid and secure software development with enhanced policy governance.
Snyk’s platform integrates AI-ready engines across the software development lifecycle, offering broad coverage with high speed and accuracy essential for fast-paced coding environments. AI-driven features include visibility, prioritization, and tailored security policies that enable proactive threat prevention and quick remediation. By focusing on LLM engineering and AI code analysis, Snyk supports secure and productive development processes. The platform's partnerships, including GenAI code assistants, enhance AI application security by addressing new threats and code velocity challenges.
What are the key features of Snyk?Snyk is implemented across industries focusing on agile development and DevSecOps, enhancing software delivery speed and security. It is widely used for continuous monitoring and adherence to security and licensing standards, especially in environments relying on Docker image security and CI/CD pipeline integration.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
