No more typing reviews! Try our Samantha, our new voice AI agent.

Snyk vs Veza comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 11, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Snyk
Ranking in GRC
6th
Average Rating
8.2
Reviews Sentiment
7.3
Number of Reviews
51
Ranking in other categories
Application Performance Monitoring (APM) and Observability (21st), Application Security Tools (7th), Static Application Security Testing (SAST) (5th), Cloud Management (14th), Vulnerability Management (21st), Container Security (7th), Software Composition Analysis (SCA) (2nd), Software Development Analytics (2nd), Cloud Security Posture Management (CSPM) (17th), DevSecOps (3rd), Application Security Posture Management (ASPM) (2nd), AI Security (10th)
Veza
Ranking in GRC
24th
Average Rating
7.6
Reviews Sentiment
6.7
Number of Reviews
2
Ranking in other categories
Identity Management (IM) (23rd), Privileged Access Management (PAM) (25th), SaaS Security Posture Management (SSPM) (9th), Non-Human Identity Management (NHIM) (7th), Identity Security and Posture Management (ISPM) (3rd)
 

Mindshare comparison

As of July 2026, in the GRC category, the mindshare of Snyk is 1.6%, down from 1.7% compared to the previous year. The mindshare of Veza is 0.7%, up from 0.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
GRC Mindshare Distribution
ProductMindshare (%)
Snyk1.6%
Veza0.7%
Other97.7%
GRC
 

Featured Reviews

Abhishek-Goyal - PeerSpot reviewer
Software Engineer at a computer software company with 11-50 employees
Improves security posture by actively reducing critical vulnerabilities and guiding remediation
Snyk's main features include open-source vulnerability scanning, code security, container security, infrastructure as code security, risk-based prioritization, development-first integration, continuous monitoring and alerting, automation, and remediation. The best features I appreciate are the vulnerability checking, vulnerability scanning, and code security capabilities, as Snyk scans all open-source dependencies for known vulnerabilities and helps with license compliance for open-source components. Snyk integrates into IDEs, allowing issues to be caught as they appear in the code dynamically and prioritizes risk while providing remediation advice. Snyk provides actionable remediation advice on where vulnerabilities can exist and where code security is compromised, automatically scanning everything and providing timely alerts. Snyk has positively impacted my organization by improving the security posture across all software repositories, resulting in fewer critical vulnerabilities, more confidence in overall product security, and faster security compliance for project clients. Snyk has helped reduce vulnerabilities significantly. Initially, the repository had 17 to 31 critical and high vulnerabilities, but Snyk has helped manage them down to just five vulnerabilities, which are now lower and not high or critical.
HarshalJethwa - PeerSpot reviewer
Cloud Operations Engineer at a tech vendor with 51-200 employees
Centralized access control has strengthened least privilege and streamlined audit compliance
The best features Veza offers in my experience are access visibility to see who can access what and which parts, relationship mapping of a user to roles, policies and resources, and risk detection such as over-permission and unused permission privileges. I can perform audit compliance using those features and the platform supports multiple platforms. Out of those features, I find risk detection to be the most valuable in my day-to-day work because I can check who has over-permission or unused permissions and understand relationship mapping and access visibility. Veza has positively impacted my organization by improving access for our users, allowing us to check the user and perform auditing for our system or organization. We are now able to implement least privilege practices, which has made our organization and system more secure.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable features are their GitLab and JIRA integrations. The GitLab integration lets us pull projects in pretty easily, so that it's pretty minimal for developers to get it set up. Using the JIRA integration, it's also pretty easy to get the information that is generated, as a result of that GitLab integration, back to our teams in a non-intrusive way and in a workflow that we are already using."
"The solution's Open Source feature gives us notifications and suggestions regarding how to address vulnerabilities."
"Snyk's focus on security is a valuable feature. Also Snyk supports multiple programming languages, which has positively affected my security practices. I use only two or three languages, and when I change the language in a file, it detects it in the same suite. I find the AI-powered scanning overall beneficial.Using Snyk's AI-powered scanning, I can detect around ten or twenty errors in my project with about twenty thousand lines of code, so it helps improve my project by identifying a lot of potential vulnerabilities."
"The customization is excellent."
"The product's most valuable features are an open-source platform, remote functionality, and good pricing."
"The most effective feature in securing project dependencies stems from its ability to highlight security vulnerabilities."
"The most valuable feature of Snyk is the software composition analysis."
"We have integrated it into our software development environment. We have it in a couple different spots. Developers can use it at the point when they are developing. They can test it on their local machine. If the setup that they have is producing alerts or if they need to upgrade or patch, then at the testing phase when a product is being built for automated testing integrates with Snyk at that point and also produces some checks."
"It's the only current GRC vendor with licensing rights for HITRUST 11.3 framework, and I've avoided expensive HITRUST licensing costs through a custom control framework."
"Veza has positively impacted my organization by improving access for our users, allowing us to check the user and perform auditing for our system or organization, and we are now able to implement least privilege practices, which has made our organization and system more secure."
 

Cons

"Right now, we receive too many high vulnerabilities. If we enable notifications, then we just get a lot of spam message."
"The log export function could be easier when shipping logs to other platforms such as Splunk."
"There are a lot of false positives that need to be identified and separated."
"Snyk's API and UI features could work better in terms of speed."
"The reporting mechanism of Snyk could improve. The reporting mechanism is available only on the higher level of license."
"It would be helpful if we get a recommendation while doing the scan about the necessary things we need to implement after identifying the vulnerabilities."
"We were using Microsoft Docker images. It was reporting some vulnerabilities, but we were not able to figure out the fix for them. It was reporting some vulnerabilities in the Docker images given by Microsoft, which were out of our control. That was the only limitation. Otherwise, it was good."
"All such tools should definitely improve the signatures in their database. Snyk is pretty new to the industry."
"The support experience could be better."
"Veza can be improved as it is currently not suitable for small projects due to its high cost, complex setup, and requirement for more integration with multiple systems."
 

Pricing and Cost Advice

"The product has good pricing."
"The pricing is reasonable."
"I would rate the pricing of Snyk at two. I'm currently using the free version, which the company offers before buying the full version. So, the price is affordable, especially for an enterprise."
"Snyk is a premium-priced product, so it's kind of expensive. The big con that I find frustrating is when a company charges extra for single sign-on (SSO) into their SaaS app. Snyk is one of the few that I'm willing to pay that add-on charge, but generally I disqualify products that charge an extra fee to do integrated authentication to our identity provider, like Okta or some other SSO. That is a big negative. We had to pay extra for that. That little annoyance aside, it is expensive. You get a lot out of it, but you're paying for that premium."
"The price is good. Snyk had a good price compared to the competition, who had higher pricing than them. Also, their licensing and billing are clear."
"We are using the open-source version for the scans."
"The license model is based on the number of contributing developers. Snyk is expensive, for a startup company will most likely use the community edition, while larger companies will buy the licensed version. The price of Snyk is more than other SLA tools."
"We do have some missing licenses issues, especially with non-SPDX compliant one, but we expect this to be fixed soon"
Information not available
report
Use our free recommendation engine to learn which GRC solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
13%
Manufacturing Company
11%
Computer Software Company
9%
Comms Service Provider
6%
Financial Services Firm
14%
Manufacturing Company
9%
Healthcare Company
8%
Computer Software Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business20
Midsize Enterprise10
Large Enterprise23
No data available
 

Questions from the Community

How does Snyk compare with SonarQube?
Snyk does a great job identifying and reducing vulnerabilities. This solution is fully automated and monitors 24/7 to find any issues reported on the internet. It will store dependencies that you a...
What needs improvement with Snyk?
There are a lot of false positives that need to be identified and separated. The inclusion of AI to remove false positives would be beneficial. So far, I've not seen any AI features to enhance vuln...
What is your primary use case for Snyk?
I use Snyk ( /products/snyk-reviews ) in the DevOps pipeline to identify vulnerabilities before deploying the application. It integrates with Jenkins ( /products/jenkins-reviews ).
What is your experience regarding pricing and costs for Veza?
My experience with pricing, setup cost, and licensing is that the pricing is much higher and the setup is very complex.
What needs improvement with Veza?
Veza can be improved as it is currently not suitable for small projects due to its high cost, complex setup, and requirement for more integration with multiple systems. Additionally, there are no e...
What is your primary use case for Veza?
My main use case for Veza is to use it for authentication and to determine who can access what and what can be accessed by the system or organization users. We set permissions for cloud platforms a...
 

Comparisons

 

Also Known As

Fugue, Snyk AppRisk
No data available
 

Overview

 

Sample Customers

StartApp, Segment, Skyscanner, DigitalOcean, Comic Relief
Information Not Available
Find out what your peers are saying about Snyk vs. Veza and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.