• Home
  • Snyk vs. Threat Stack Cloud Security Platform

Snyk vs Threat Stack Cloud Security Platform comparison

Cancel
You must select at least 2 products to compare!
Snyk Logo

Snyk

Read 41 Snyk reviews
9,115 views|6,489 comparisons
100% willing to recommend
Threat Stack Logo

Threat Stack Cloud Security Platform

Read 8 Threat Stack Cloud Security Platform reviews
738 views|500 comparisons
88% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Container Security
March 2024
Executive Summary

We performed a comparison between Snyk and Threat Stack Cloud Security Platform based on real PeerSpot user reviews.

Find out what your peers are saying about Palo Alto Networks, Wiz, Microsoft and others in Container Security.
To learn more, read our detailed Container Security Report (Updated: March 2024).
Download the complete report
767,995 professionals have used our research since 2012.
Featured Review
Anonymous User
A stable and affordable solution that offers exceptional technical support to its users
Snyk is a strong security solution that helps customers analyze static code and improve their security and code in their main application.
Skyler Cain
SecOps program for us, as a smaller company, is amazing; they know what to look for
One of the ways they've improved the way our organization functions is that when we first signed up with Threat Stack, we were just using password... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"It has an accurate database of vulnerabilities with a low amount of false positives.""Static code analysis is one of the best features of the solution.""The advantage of Snyk is that Snyk automatically creates a pull request for all the findings that match or are classified according to the policy that we create. So, once we review the PR within Snyk and we approve the PR, Snyk auto-fixes the issue, which is quite interesting and which isn't there in any other product out there. So, Snyk is a step ahead in this particular area.""The product's most valuable features are an open-source platform, remote functionality, and good pricing.""The dependency checks of the libraries are very valuable, but the licensing part is also very important because, with open source components, licensing can be all over the place. Our project is not an open source project, but we do use quite a lot of open source components and we want to make sure that we don't have surprises in there.""The most valuable features are their GitLab and JIRA integrations. The GitLab integration lets us pull projects in pretty easily, so that it's pretty minimal for developers to get it set up. Using the JIRA integration, it's also pretty easy to get the information that is generated, as a result of that GitLab integration, back to our teams in a non-intrusive way and in a workflow that we are already using.""The most valuable features of Snyk are vulnerability scanning and automation. The automation the solution brings around vulnerability scanning is useful.""Snyk categorizes the level of vulnerability into high, medium, and low, which helps organizations prioritize which issues to tackle first."

More Snyk Pros →

"It has been quite helpful to have the daily alerts coming to my email, as well as the Sev 1 Alerts... We just went through a SOX audit and those were pivotal.""There has been a measurable decrease in the meantime to remediation... because we have so many different tech verticals already collated in one place, our ability to respond is drastically different than it used to be.""With Threat Stack, we quickly identified some AWS accounts which had services that would potentially be exposed and were able to remediate them prior to release of products.""Threat Stack has connectivity.""The rules are really great. They give us more visibility and control over what's being triggered. There's a large set of rules that come out-of-the-box. We can customize them and we can create our own rules based on the traffic patterns that we see.""It is scalable. It deploys easily with curl and yum.""The number-one feature is the monitoring of interactive sessions on our Linux machines. We run an immutable environment, so that nothing is allowed to be changed in production... We're constantly monitoring to make sure that no one is violating that. Threat Stack is what allows us to do that.""The most valuable feature is the SecOps because they have our back and they help us with the reports... It's like having an extension of your team. And then, it grows with you."

More Threat Stack Cloud Security Platform Pros →

Cons
"It would be great if they can include dynamic, interactive, and run-time scanning features. Checkmarx and Veracode provide dynamic, interactive, and run-time scanning, but Snyk doesn't do that. That's the reason there is more inclination towards Veracode, Checkmarx, or AppScan. These are a few tools available in the market that do all four types of scanning: static, dynamic, interactive, and run-time.""We have seen cases where tools didn't find or recognize certain dependencies. These are known issues, to some extent, due to the complexity in the language or stack that you using. There are some certain circumstances where the tool isn't actually finding what it's supposed to be finding, then it could be misleading.""We've also had technical issues with blocking newly introduced vulnerabilities in PRs and that was creating a lot of extra work for developers in trying to close and reopen the PR to get rid of some areas. We ended up having to disable that feature altogether because it wasn't really working for us and it was actually slowing down developer velocity.""The feature for automatic fixing of security breaches could be improved.""We would like to have upfront knowledge on how easy it should be to just pull in an upgraded dependency, e.g., even introduce full automation for dependencies supposed to have no impact on the business side of things. Therefore, we would like some output when you get the report with the dependencies. We want to get additional information on the expected impact of the business code that is using the dependency with the newer version. This probably won't be easy to add, but it would be helpful.""It lists projects. So, if you have a number of microservices in an enterprise, then you could have pages of findings. Developers will then spend zero time going through the pages of reports to figure out, "Is there something I need to fix?" While it may make sense to list all the projects and issues in these very long lists for completeness, Snyk could do a better job of bubbling up and grouping items, e.g., a higher level dashboard that draws attention to things that are new, the highest priority things, or things trending in the wrong direction. That would make it a lot easier. They don't quite have that yet in container security.""They were a couple of issues which happened because Snyk lacked some documentation on the integration side. Snyk is lacking a lot of documentation, and I would like to see them improve this. This is where we struggle a bit. For example, if something breaks, we can't figure out how to fix that issue. It may be a very simple thing, but because we don't have the proper documentation around an issue, it takes us a bit longer.""Offering API access in the lower or free open-source tiers would be better. That would help our customers. If you don't have an enterprise plan, it becomes challenging to integrate with the rest of the systems. Our customers would like to have some open-source integrations in the next release."

More Snyk Cons →

"Some features do not work as expected.""The reports aren't very good. We've automated the report generation via the API and replaced almost all the reports that they generate for us using API calls instead.""They could give a few more insights into security groups and recommendations on how to be more effective. That's getting more into the AWS environment, specifically. I'm not sure if that's Threat Stack's plan or not, but I would like them to help us be efficient about how we're setting up security groups. They could recommend separation of VPCs and the like - really dig into our architecture. I haven't seen a whole lot of that and I think that's something that, right off the bat, could have made us smarter.""The compliance and governance need improvement.""The user interface can be a little bit clunky at times... There's a lot of information that needs to be waded through, and the UI just isn't great.""It shoots back a lot of alerts.""The one thing that we know they're working on, but we don't have through the tool, is the application layer. As we move to a serverless environment, with AWS Fargate or direct Lambda, that's where Threat Stack does not have the capacity to provide feed. Those are areas that it's blind to now...""I would like further support of Windows endpoint agents or the introduction of support for Windows endpoint agents."

More Threat Stack Cloud Security Platform Cons →

Pricing and Cost Advice
  • "It's inexpensive and easy to license. It comes in standard package sizing, which is straightforward. This information is publicly found on their website."
  • "We do have some missing licenses issues, especially with non-SPDX compliant one, but we expect this to be fixed soon"
  • "You can get a good deal with Snyk for pricing. It's a little expensive, but it is worth it."
  • "Their licensing model is fairly robust and scalable for our needs. I believe we have reached a reasonable agreement on the licensing to enable hundreds of developers to participate in this product offering. The solution is very tailored towards developers and its licensing model works well for us."
  • "The price is good. Snyk had a good price compared to the competition, who had higher pricing than them. Also, their licensing and billing are clear."
  • "It's good value. That's the primary thing. It's not cheap-cheap, but it's good value."
  • "With Snyk, you get what you pay for. It is not a cheap solution, but you get a comprehensiveness and level of coverage that is very good. The dollars in the security budget only go so far. If I can maximize my value and be able to have some funds left over for other initiatives, I want to do that. That is what drives me to continue to say, "What's out there in the market? Snyk's expensive, but it's good. Is there something as good, but more affordable?" Ultimately, I find we could go cheaper, but we would lose the completeness of vision or scope. I am not willing to do that because Snyk does provide a pretty important benefit for us."
  • "Snyk is a premium-priced product, so it's kind of expensive. The big con that I find frustrating is when a company charges extra for single sign-on (SSO) into their SaaS app. Snyk is one of the few that I'm willing to pay that add-on charge, but generally I disqualify products that charge an extra fee to do integrated authentication to our identity provider, like Okta or some other SSO. That is a big negative. We had to pay extra for that. That little annoyance aside, it is expensive. You get a lot out of it, but you're paying for that premium."

    • More Snyk Pricing and Cost Advice →

  • "It is a cost-effective choice versus other solutions on the market."
  • "Pricing seems to be in line with the market structure. It's fine."
  • "It is very expensive compared to some other products. The pricing is definitely high."
  • "I'm happy with the amount that we spend for the product that we get and the overall service that we get. It's not cheap, but I'm still happy with the spend."
  • "We find the licensing and pricing very easy to understand and a good value for the services provided."
  • "It came in cheaper than Trend Micro when we purchased it a few years ago."
  • "What we're paying now is somewhere around $15 to $20 per agent per month, if I recall correctly. The other cost we have is SecOps."

    • More Threat Stack Cloud Security Platform Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Container Security solutions are best for your needs.
    See Recommendations
    767,995 professionals have used our research since 2012.
    Questions from the Community
    How does Snyk compare with SonarQube?
    Top Answer:Snyk does a great job identifying and reducing vulnerabilities. This solution is fully automated and monitors 24/7 to find any issues reported on the internet. It will store dependencies that you are… more »
    What do you like most about Snyk?
    Top Answer:The most effective feature in securing project dependencies stems from its ability to highlight security vulnerabilities.
    Read all 39 answers   →
    What needs improvement with Snyk?
    Top Answer:I don't use Snyk anymore. The tool is just used in our company, but not by me anymore. It is important that the solution has the ability to match up with the OWASP Top 10 list, especially considering… more »
    Read all 39 answers   →
    Can we customize the dashboard in Threat Stack Cloud Security Platform? A...
    Top Answer:It is reported that an option exists to customize the dashboard in the Threat Stack Cloud Security Platform. You may be able to add, remove, and rearrange widgets and also create custom widgets… more »
    Ranking
    5th
    out of 59 in Container Security
    Views
    9,115
    Comparisons
    6,489
    Reviews
    19
    Average Words per Review
    549
    Rating
    7.8
    30th
    out of 59 in Container Security
    Views
    738
    Comparisons
    500
    Reviews
    0
    Average Words per Review
    0
    Rating
    N/A
    Comparisons
    Also Known As
    Threat Stack, CSP,
    Learn More
    Snyk
    Threat Stack
    Video Not Available
    Overview

    Snyk is a user-friendly security solution that enables users to safely develop and use open source code. Users can create automatic scans that allow them to keep a close eye on their code and prevent bad actors from exploiting vulnerabilities. This enables users to find and remove vulnerabilities soon after they appear.

    Benefits of Snyk

    Some of the benefits of using Snyk include:

    • Conserves resources: Snyk easily integrates with other security solutions and uses their security features to ensure that the work that users are doing is completely secure. These integrations allow them to protect themselves without pulling resources from their continued integration or continued delivery workflows. Resources can be conserved for areas of the greatest need.
    • Highly flexible: Snyk enables users to customize the system’s security automation features to meet their needs. Users can guarantee that the automation performs the functions that are most essential for their current project. Additionally, users are able to maintain platform governance consistency across their system.
    • Keeps users ahead of emerging threats. Snyk employs a database of threats that help it detect and keep track of potential issues. This database is constantly being updated to reflect the changes that take place in the realm of cybersecurity. It also uses machine learning. Users are prepared to deal with new issues as they arise.
    • Automatically scans projects for threats. Snyk’s command-line interface enables users to schedule the solution to run automatic scans of their projects. Time and manpower can be conserved for the areas of greatest need without sacrificing security.

    Reviews from Real Users

    Snyk is a security platform for developers that stands out among its competitors for a number of reasons. Two major ones are its ability to integrate with other security solutions and important insights that it can enable users to discover. Snyk enables users to combine its already existing security features with those of other solutions to create far more robust and flexible layers of security than what it can supply on its own. It gives users the ability to dig into the security issues that they may experience. Users are given a clear view of the root causes of these problems. This equips them to address the problem and prevent similar issues in the future.

    Cameron G., a security software engineer at a tech company, writes, “The most valuable features are their GitLab and JIRA integrations.The GitLab integration lets us pull projects in pretty easily, so that it's pretty minimal for developers to get it set up. Using the JIRA integration, it's also pretty easy to get the information that is generated, as a result of that GitLab integration, back to our teams in a non-intrusive way and in a workflow that we are already using. Snyk is something of a bridge that we use; we get our projects into it and then get the information out of it. Those two integrations are crucial for us to be able to do that pretty simply.”

    Sean M., the chief information security officer of a technology vendor, writes, "From the software composition analysis perspective, it first makes sure that we understand what is happening from a third-party perspective for the particular product that we use. This is very difficult when you are building software and incorporating dependencies from other libraries, because those dependencies have dependencies and that chain of dependencies can go pretty deep. There could be a vulnerability in something that is seven layers deep, and it would be very difficult to understand that is even affecting us. Therefore, Snyk provides fantastic visibility to know, "Yes, we have a problem. Here is where it ultimately comes from." It may not be with what we're incorporating, but something much deeper than that."

    Threat Stack Cloud Security Platform is a CWPP (Cloud Workload Protection Platform) that provides your organization with comprehensive security for modern applications and APIs. It is designed specifically for monitoring cloud environments, vulnerabilities, covering workloads, infrastructure, and compliance. The solution offers application infrastructure protection for all layers of your infrastructure stack and delivers the necessary observability for proactive and targeted remediation action. In addition, it is platform-independent and easily adapts to various environments. Threat Stack Cloud Security Platform works best for companies who want real-time protection against active external threats and need to reduce alert investigation time. It is ideal for small, medium, or large-sized organizations.

    Threat Stack Cloud Security Platform Features

    Threat Stack Cloud Security Platform has many valuable key features. Some of the most useful ones include:

    • High-efficacy threat detection
    • App deployment speed
    • Increased visibility
    • Remediation integration
    • Security and compliance telemetry
    • Built-in and configurable rules
    • ML and advanced analytics
    • Integrations with third-party SecOps tools
    • File integrity monitoring
    • Host-based intrusion detection
    • Vulnerability assessment
    • Fully integrated IDS functionality
    • Real-time alerts and threat response

    Threat Stack Cloud Security Platform Benefits

    There are many benefits to implementing Threat Stack Cloud Security Platform. Some of the biggest advantages the solution offers include:

    • All-in-one solution: Because Threat Stack Cloud Security Platform offers everything you need in one solution, you don’t need to integrate multiple security solutions in the cloud or spend time manually tweaking the desired functionality.
    • Continuous proactive monitoring: Threat Stack Cloud Security Platform provides continuous proactive monitoring across your full infrastructure stack. It monitors your web application, can track risky behavior from the point of deployment, can scan your operating system, detect any unusual patterns in file hosting, and analyze other server events in real time.
    • Real-time protection: The solution offers protection from active intrusion attempts and gives you visibility into ongoing events on the server so you can discover data breaches before it’s too late.
    • Flexibility: The Threat Stack Cloud Security Platform is tailored to your server’s specific operating system deployment and remains accessible to you no matter how your infrastructure changes or scales over time.
    • Quick threat detection: Because Threat Stack Cloud Security Platform can quickly isolate problems, issues are less likely to cause damage and can be remediated faster.
    • Monitoring for reactive, proactive, and interactive threats: The solution is designed to detect even the most evasive discrepancies in your server events.

    Reviews from Real Users

    Below are some reviews and helpful feedback written by PeerSpot users currently using the Threat Stack Cloud Security Platform solution.

    Skyler C., Software Development Manager at Rent Dynamics, says, “The most valuable feature is the SecOps because they have our back and they help us with the reports. We jump on calls monthly to set goals and roadmaps internally for how we can secure our platform more. Their SecOps program is absolutely amazing when you do not have a dedicated resource for security.”

    An IT Engineer at a consultancy mentions, “The platform has a good threat and vulnerability manager with very helpful technical support. The scalability is great.”

    Sample Customers
    StartApp, Segment, Skyscanner, DigitalOcean, Comic Relief
    StatusPage.io, Walkbase, Spanning, DNAnexus, Jobcase, Nextcapital, Smartling, Veracode, 6sense
    Top Industries
    REVIEWERS
    Computer Software Company39%
    Financial Services Firm22%
    Individual & Family Service6%
    Comms Service Provider6%
    VISITORS READING REVIEWS
    Computer Software Company15%
    Financial Services Firm14%
    Manufacturing Company8%
    Insurance Company6%
    VISITORS READING REVIEWS
    Computer Software Company22%
    Financial Services Firm13%
    University8%
    Manufacturing Company6%
    Company Size
    REVIEWERS
    Small Business44%
    Midsize Enterprise22%
    Large Enterprise34%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise14%
    Large Enterprise64%
    REVIEWERS
    Small Business22%
    Midsize Enterprise56%
    Large Enterprise22%
    VISITORS READING REVIEWS
    Small Business25%
    Midsize Enterprise12%
    Large Enterprise63%
    Buyer's Guide
    Container Security
    March 2024
    Download Free Report
    Find out what your peers are saying about Palo Alto Networks, Wiz, Microsoft and others in Container Security. Updated: March 2024.
    DOWNLOAD NOW
    767,995 professionals have used our research since 2012.

    Snyk is ranked 5th in Container Security with 41 reviews while Threat Stack Cloud Security Platform is ranked 30th in Container Security. Snyk is rated 8.2, while Threat Stack Cloud Security Platform is rated 8.2. The top reviewer of Snyk writes "Performs software composition analysis (SCA) similar to other expensive tools". On the other hand, the top reviewer of Threat Stack Cloud Security Platform writes "SecOps program for us, as a smaller company, is amazing; they know what to look for". Snyk is most compared with SonarQube, Black Duck, Fortify Static Code Analyzer, Veracode and GitHub Advanced Security, whereas Threat Stack Cloud Security Platform is most compared with AWS GuardDuty, Darktrace, Palo Alto Networks URL Filtering with PAN-DB and Prisma Cloud by Palo Alto Networks.

    See our list of best Container Security vendors.

    We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.