No more typing reviews! Try our Samantha, our new voice AI agent.

SAS Enterprise GRC vs Snyk comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 11, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

SAS Enterprise GRC
Ranking in GRC
29th
Average Rating
10.0
Reviews Sentiment
5.9
Number of Reviews
1
Ranking in other categories
No ranking in other categories
Snyk
Ranking in GRC
6th
Average Rating
8.2
Reviews Sentiment
7.3
Number of Reviews
51
Ranking in other categories
Application Performance Monitoring (APM) and Observability (21st), Application Security Tools (7th), Static Application Security Testing (SAST) (5th), Cloud Management (14th), Vulnerability Management (21st), Container Security (7th), Software Composition Analysis (SCA) (2nd), Software Development Analytics (2nd), Cloud Security Posture Management (CSPM) (17th), DevSecOps (3rd), Application Security Posture Management (ASPM) (2nd), AI Security (11th)
 

Mindshare comparison

As of July 2026, in the GRC category, the mindshare of SAS Enterprise GRC is 1.1%, down from 1.4% compared to the previous year. The mindshare of Snyk is 1.6%, down from 1.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
GRC Mindshare Distribution
ProductMindshare (%)
Snyk1.6%
SAS Enterprise GRC1.1%
Other97.3%
GRC
 

Featured Reviews

it_user77958 - PeerSpot reviewer
Architect at a tech services company with 51-200 employees
We've improved our data management & human resource skills. Needs to work more on its presentation layer for users.
Follow the suggested implementation approach and it will be a smooth sailing. The core issue in any business analytics and business intelligence solutions is always data quality, deployment architecture and skilled human resource. Ensure that you have deliberated on these in detail and there will be no issues or hiccups during implementation
Abhishek-Goyal - PeerSpot reviewer
Software Engineer at a computer software company with 11-50 employees
Improves security posture by actively reducing critical vulnerabilities and guiding remediation
Snyk's main features include open-source vulnerability scanning, code security, container security, infrastructure as code security, risk-based prioritization, development-first integration, continuous monitoring and alerting, automation, and remediation. The best features I appreciate are the vulnerability checking, vulnerability scanning, and code security capabilities, as Snyk scans all open-source dependencies for known vulnerabilities and helps with license compliance for open-source components. Snyk integrates into IDEs, allowing issues to be caught as they appear in the code dynamically and prioritizes risk while providing remediation advice. Snyk provides actionable remediation advice on where vulnerabilities can exist and where code security is compromised, automatically scanning everything and providing timely alerts. Snyk has positively impacted my organization by improving the security posture across all software repositories, resulting in fewer critical vulnerabilities, more confidence in overall product security, and faster security compliance for project clients. Snyk has helped reduce vulnerabilities significantly. Initially, the repository had 17 to 31 critical and high vulnerabilities, but Snyk has helped manage them down to just five vulnerabilities, which are now lower and not high or critical.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We have been able to improve our data management, human resource skills and productivity, management reporting, and subsequently data mining for other business operations."
"Snyk has given us really good results because it is fully automated. We don't have to scan projects every time to find vulnerabilities, as it already stores the dependencies that we are using. It monitors 24/7 to find out if there are any issues that have been reported out on the Internet."
"From the software composition analysis perspective, it first makes sure that we understand what is happening from a third-party perspective for the particular product that we use. This is very difficult when you are building software and incorporating dependencies from other libraries, because those dependencies have dependencies and that chain of dependencies can go pretty deep. There could be a vulnerability in something that is seven layers deep, and it would be very difficult to understand that is even affecting us. Therefore, Snyk provides fantastic visibility to know, "Yes, we have a problem. Here is where it ultimately comes from." It may not be with what we're incorporating, but something much deeper than that."
"Snyk has allowed our developers to spend less time securing applications, increasing their productivity."
"The product's most valuable features are an open-source platform, remote functionality, and good pricing."
"They evolved their maturity because they could find the vulnerabilities before the pipeline runs."
"From this perspective, Snyk looks like the most promising solution."
"Fugue provides core capabilities that enable visualization, discovery, and compliance automation."
"It's very easy for developers to use. Onboarding was an easy process for all of the developers within the company. After a quick, half-an-hour to an hour session, they were fully using it on their own. It's very straightforward. Usability is definitely a 10 out of 10."
 

Cons

"Customer Service: That is the only area where SAS needs to look into. It was just satisfactory."
"The product could be improved by including other types of security scanning (e.g. SAST or DAST), which is important."
"We were using Microsoft Docker images. It was reporting some vulnerabilities, but we were not able to figure out the fix for them. It was reporting some vulnerabilities in the Docker images given by Microsoft, which were out of our control. That was the only limitation. Otherwise, it was good."
"I use Snyk alongside Sonar, and Snyk tends to generate a lot of false positives. Improving the overall report quality and reducing false positives would be beneficial. I don't need additional features; just improving the existing ones would be enough."
"It would be great if they can include dynamic, interactive, and run-time scanning features."
"The reporting mechanism of Snyk could improve. The reporting mechanism is available only on the higher level of license."
"All such tools should definitely improve the signatures in their database. Snyk is pretty new to the industry."
"Could include other types of security scanning and statistical analysis"
"The tool needs improvement in license compliance. I would like to see the integration of better policy management in the product's future release. When it comes to the organization that I work for, there are a lot of business units since we are a group of companies. Each of these companies has its specific requirements and its own appetite for risk. This should be able to reflect in flexible policies. We need to be able to configure policies that can be adjusted later or overridden by the business unit that is using the product."
 

Pricing and Cost Advice

Information not available
"We are using the open-source version for the scans."
"You can get a good deal with Snyk for pricing. It's a little expensive, but it is worth it."
"On a scale of one to ten, where one is cheap and ten is expensive, I rate the pricing a three. It is a cheap solution."
"For what Snyk offers, it has the best cost-benefit I have ever seen because you're buying the license per user."
"We do have some missing licenses issues, especially with non-SPDX compliant one, but we expect this to be fixed soon"
"Despite Snyk's coverage, scalability, reliability, and stability, it is available at a very competitive price."
"The solution is less expensive than Black Duck."
"The license model is based on the number of contributing developers. Snyk is expensive, for a startup company will most likely use the community edition, while larger companies will buy the licensed version. The price of Snyk is more than other SLA tools."
report
Use our free recommendation engine to learn which GRC solutions are best for your needs.
904,899 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
No data available
Financial Services Firm
14%
Manufacturing Company
11%
Computer Software Company
9%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business20
Midsize Enterprise10
Large Enterprise23
 

Questions from the Community

Ask a question
Earn 20 points
How does Snyk compare with SonarQube?
Snyk does a great job identifying and reducing vulnerabilities. This solution is fully automated and monitors 24/7 to find any issues reported on the internet. It will store dependencies that you a...
What needs improvement with Snyk?
There are a lot of false positives that need to be identified and separated. The inclusion of AI to remove false positives would be beneficial. So far, I've not seen any AI features to enhance vuln...
What is your primary use case for Snyk?
I use Snyk ( /products/snyk-reviews ) in the DevOps pipeline to identify vulnerabilities before deploying the application. It integrates with Jenkins ( /products/jenkins-reviews ).
 

Comparisons

 

Also Known As

No data available
Fugue, Snyk AppRisk
 

Overview

 

Sample Customers

Belgium Special Tax, New Zealand Ministry of Health, New Zealand Ministry of Social Development North Carolina Marine Fisheries, Texas Parks and Wildlife Department, Town of Cary Western Australia Police
StartApp, Segment, Skyscanner, DigitalOcean, Comic Relief
Find out what your peers are saying about RSA, Diligent, MetricStream and others in GRC. Updated: June 2026.
904,899 professionals have used our research since 2012.