We performed a comparison between Snyk and SUSE NeuVector based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Snyk is highly regarded for its developer-friendly approach, broad feature set, and seamless integration with other tools. SUSE NeuVector is praised for its wide range of features, informative user interface, ISO certification checks, and automation capabilities. Reviewers say Snyk should improve its vulnerability database and reporting mechanism. SUSE NeuVector needs to expand scanning support and work on monitoring, reporting, and integration.
Service and Support: Snyk customers say support could improve the way they organize and prioritize assistance. SUSE NeuVector's support is praised for being supportive, prompt, and well-informed, although a few reviewers consider the process to be complex.
Ease of Deployment: Snyk's setup is generally considered to be simple, with good support from the vendor team. SUSE NeuVector can be either easy or difficult, depending on the user. Some users find it straightforward, while others find it complex and challenging. Integrating SUSE NeuVector with pipelines is particularly difficult, often requiring the use of custom scripts.
Pricing: Snyk is regarded as pricey, but users believe the cost is justified because of the features it offers. The pricing and licensing experiences of SUSE NeuVector users vary, with some considering it affordable and others indicating a need for improvement.
ROI: Snyk offers a cost-effective way to detect vulnerabilities, and customers can realize a solid ROI by resolving bugs earlier. SUSE NeuVector provides the largest ROI for high-risk sectors such as financial services, although its benefits may be limited for some sectors, such as retail.
Comparison Results: Snyk is preferred over SUSE NeuVector. Snyk is oriented toward developers, and users appreciate the scanning feature, automatic pull request creation, and software composition analysis tools. The setup is regarded as straightforward, with the Snyk team providing exceptional support. SUSE NeuVector's setup is more intricate and demanding, often requiring custom scripts for integration with pipelines.
"The solution's Open Source feature gives us notifications and suggestions regarding how to address vulnerabilities."
"The most valuable feature of Snyk is the SBOM."
"It has an accurate database of vulnerabilities with a low amount of false positives."
"Snyk categorizes the level of vulnerability into high, medium, and low, which helps organizations prioritize which issues to tackle first."
"The dependency checks of the libraries are very valuable, but the licensing part is also very important because, with open source components, licensing can be all over the place. Our project is not an open source project, but we do use quite a lot of open source components and we want to make sure that we don't have surprises in there."
"The most valuable feature is that they add a lot of their own information to the vulnerabilities. They describe vulnerabilities and suggest their own mitigations or version upgrades. The information was the winning factor when we compared Snyk to others. This is what gave it more impact."
"The CLI feature is quite useful because it gives us a lot of flexibility in what we want to do. If you use the UI, all the information is there and you can see what Snyk is showing you, but there is nothing else that you can change. However, when you use the CLI, then you can use commands and can get the output or response back from Snyk. You can also take advantage of that output in a different way. For the same reason, we have been using the CLI for the hard gate in the pipeline: Obtain a particular CDSS score for vulnerability. Based on that information, we can then decide if we want to block or allow the build. We have more flexibility if we use the CLI."
"The most valuable features include enriched information around the vulnerabilities for better triaging, in terms of the vulnerability layer origin and vulnerability tree."
"The most valuable feature of SUSE NeuVector is the performance, deployment, and cost."
"The initial setup is quite good, it's straightforward."
"The UI has a lot of features."
"The tool's deployment is simple. Also, I am impressed with its risk capabilities."
"When it comes to the price, we got a really good deal from the vendor instantly."
"The features of image scanning and anti-malware are really valuable."
"The most valuable feature of SUSE NeuVector is its run-time security."
"Offering API access in the lower or free open-source tiers would be better. That would help our customers. If you don't have an enterprise plan, it becomes challenging to integrate with the rest of the systems. Our customers would like to have some open-source integrations in the next release."
"The tool's initial use is complex."
"The tool needs improvement in license compliance. I would like to see the integration of better policy management in the product's future release. When it comes to the organization that I work for, there are a lot of business units since we are a group of companies. Each of these companies has its specific requirements and its own appetite for risk. This should be able to reflect in flexible policies. We need to be able to configure policies that can be adjusted later or overridden by the business unit that is using the product."
"The solution's reporting and storage could be improved."
"Because Snyk has so many integrations and so many things it can do, it's hard to really understand all of them and to get that information to each team that needs it... If there were more self-service, perhaps tutorials or overviews for new teams or developers, so that they could click through and see things themselves, that would help."
"It can be improved from the reporting perspective and scanning perspective. They can also improve it on the UI front."
"We've also had technical issues with blocking newly introduced vulnerabilities in PRs and that was creating a lot of extra work for developers in trying to close and reopen the PR to get rid of some areas. We ended up having to disable that feature altogether because it wasn't really working for us and it was actually slowing down developer velocity."
"The product is very expensive."
"The image-scanning features need improvement."
"The documentation needs to improve a bit."
"SUSE NeuVector could improve by increasing its visibility into other elements of the DevSecOps pipeline. Additionally, scanning around infrastructure would be helpful."
"We are also working with IaaS VMS, but NeuVector doesn't support virtual machines."
"SUSE NeuVector should provide more security protection rules and better container image scanning."
"The tool should offer seamless integration of other security tools while in a hybrid environment."
"I would say that this solution should improve monitoring and reporting. I would also like to see more integrations so that we could essentially make it a part of a developing pipeline."
Snyk is ranked 5th in Container Security with 41 reviews while SUSE NeuVector is ranked 19th in Container Security with 7 reviews. Snyk is rated 8.2, while SUSE NeuVector is rated 7.8. The top reviewer of Snyk writes "Performs software composition analysis (SCA) similar to other expensive tools". On the other hand, the top reviewer of SUSE NeuVector writes "Good value for money; great for policy management". Snyk is most compared with SonarQube, Black Duck, Fortify Static Code Analyzer, Veracode and GitHub Advanced Security, whereas SUSE NeuVector is most compared with Prisma Cloud by Palo Alto Networks, Red Hat Advanced Cluster Security for Kubernetes, Aqua Cloud Security Platform, Sysdig Falco and CrowdStrike Falcon Cloud Security. See our SUSE NeuVector vs. Snyk report.
See our list of best Container Security vendors.
We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.