We performed a comparison between NGINX App Protect and Snyk based on real PeerSpot user reviews.
Find out in this report how the two Container Security solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."NGINX App Protect has complete control over the HTTP session."
"It is a very good tool for load balancing."
"NGINX App Protect is stable."
"WAF is useful to track mitigation, inclusion, prevention, and the parametric firewall."
"It's very easy to deploy."
"I tested specific features and evaluated the solution against the Web Application Firewall. I conducted research to test different detection percentages. I did not use it directly for protection but for evaluation purposes."
"The most valuable feature is that I can establish different services from the firewall."
"The most valuable feature of NGINX App Protect is the reverse proxy."
"The solution's Open Source feature gives us notifications and suggestions regarding how to address vulnerabilities."
"The most valuable feature is that they add a lot of their own information to the vulnerabilities. They describe vulnerabilities and suggest their own mitigations or version upgrades. The information was the winning factor when we compared Snyk to others. This is what gave it more impact."
"The most valuable feature of Snyk is the software composition analysis."
"Snyk is a good and scalable tool."
"There are many valuable features. For example, the way the scanning feature works. The integration is cool because I can integrate it and I don't need to wait until the CACD, I can plug it in to our local ID, and there I can do the scanning. That is the part I like best."
"I am impressed with the product's security vulnerability detection. My peers in security are praising the tool for its accuracy to detect security vulnerabilities. The product is very easy to onboard. It doesn't require a lot of preparation or prerequisites. It's a bit of a plug-and-play as long as you're using a package manager or for example, you are using a GitHub repository. And that is an advantage for this tool because developers don't want to add more tools to what they're currently using."
"The most valuable features of Snyk are vulnerability scanning and automation. The automation the solution brings around vulnerability scanning is useful."
"It is easy for developers to use. The documentation is clear as well as the APIs are good and easily readable. It's a good solution overall."
"Right now, the tool doesn't provide an option revolving around update feeds, specifically the signature update option in the UI."
"The dashboard could provide a more comprehensive view of the status of the connections."
"The setup of NGINX App Protect is complex. The full process took one week to complete. Additionally, we had to change the network infrastructure platform which took one month."
"Areas for improvement would be if NGINX could scan for vulnerabilities and learn and update the signatures of DoS attacks."
"It's challenging if you need to go for a high throughput."
"The integration of NGINX App Protect could improve."
"Its technical support could be better."
"I encountered issues with NGINX App Protect while trying to upgrade custom rules."
"We tried to integrate it into our software development environment but it went really badly. It took a lot of time and prevented the developers from using the IDE. Eventually, we didn't use it in the development area... I would like to see better integrations to help the developers get along better with the tool. And the plugin for the IDE is not so good. This is something we would like to have..."
"We were using Microsoft Docker images. It was reporting some vulnerabilities, but we were not able to figure out the fix for them. It was reporting some vulnerabilities in the Docker images given by Microsoft, which were out of our control. That was the only limitation. Otherwise, it was good."
"The reporting mechanism of Snyk could improve. The reporting mechanism is available only on the higher level of license. Adjusting the policy of the current setup of recording this report is something that can improve. For instance, if you have a certain license, you receive a rating, and the rating of this license remains the same for any use case. No matter if you are using it internally or using it externally, you cannot make the adjustment to your use case. It will always alert as a risky license. The areas of licenses in the reporting and adjustments can be improve"
"It would be great if they can include dynamic, interactive, and run-time scanning features. Checkmarx and Veracode provide dynamic, interactive, and run-time scanning, but Snyk doesn't do that. That's the reason there is more inclination towards Veracode, Checkmarx, or AppScan. These are a few tools available in the market that do all four types of scanning: static, dynamic, interactive, and run-time."
"For the areas that they're new in, it's very early stages for them. For example, their expertise is in looking at third-party components and packages, which is their bread-and-butter and what they've been doing for ages, but for newer features such as static analysis I don't think they've got compatibility for all the languages and frameworks yet."
"I think Snyk should add more of a vulnerability protection feature in the tool since it is an area where it lacks."
"DAST has shortcomings, and Snyk needs to improve and overcome such shortcomings."
"They were a couple of issues which happened because Snyk lacked some documentation on the integration side. Snyk is lacking a lot of documentation, and I would like to see them improve this. This is where we struggle a bit. For example, if something breaks, we can't figure out how to fix that issue. It may be a very simple thing, but because we don't have the proper documentation around an issue, it takes us a bit longer."
NGINX App Protect is ranked 21st in Container Security with 19 reviews while Snyk is ranked 5th in Container Security with 41 reviews. NGINX App Protect is rated 8.2, while Snyk is rated 8.2. The top reviewer of NGINX App Protect writes "Capable of complete automation but is costly ". On the other hand, the top reviewer of Snyk writes "Performs software composition analysis (SCA) similar to other expensive tools". NGINX App Protect is most compared with AWS WAF, Microsoft Azure Application Gateway, F5 Advanced WAF, Fortinet FortiWeb and Noname Security, whereas Snyk is most compared with SonarQube, Black Duck, Fortify Static Code Analyzer, Veracode and GitHub Advanced Security. See our NGINX App Protect vs. Snyk report.
See our list of best Container Security vendors.
We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.