Snyk vs Wiz comparison

Cancel
You must select at least 2 products to compare!
Snyk Logo

Snyk

Read 12 Snyk reviews
35,843 views|26,458 comparisons
Wiz Logo

Wiz

Read 6 Wiz reviews
9,229 views|6,885 comparisons
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Snyk vs. Wiz
March 2023
Executive Summary

We performed a comparison between Snyk and Wiz based on real PeerSpot user reviews.

Find out in this report how the two Container Security solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Snyk vs. Wiz Report (Updated: March 2023).
Download the complete report
687,256 professionals have used our research since 2012.
Featured Review
Use Snyk?
Anonymous User
Provides complete visibility, scans every layer of our cloud environment without agents, and has agentless...
It simplified our ability to respond to new issues that are happening in the environment. Previously, in a scenario where a vulnerability could be... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The most valuable feature of Snyk is the software composition analysis.""The most valuable features of Snyk are vulnerability scanning and automation. The automation the solution brings around vulnerability scanning is useful.""Snyk is a developer-friendly product.""Our customers find container scans most valuable. They are always talking about it.""I think all the standard features are quite useful when it comes to software component scanning, but I also like the new features they're coming out with, such as container scanning, secrets scanning, and static analysis with SAST.""The solution has great features and is quite stable.""The code scans on the source code itself were valuable.""A main feature of Snyk is that when you go with SCA, you do get properly done security composition, also from the licensing and open-source parameters perspective. A lot of companies often use open-source libraries or frameworks in their code, which is a big security concern. Snyk deals with all the things and provides you with a proper report about whether any open-source code or framework that you are using is vulnerable. In that way, Snyk is very good as compared to other tools."

More Snyk Pros →

"The CSPM module has been the most effective. It was easy to deploy and covered all our accounts through APIs, requiring no agents. Wiz provides instant visibility into high-level risks that we need to address.""The product supports out-of-the-box reporting with context about the asset and allows us to perform complex custom queries on UI.""The automation roles are essential because we ultimately want to do less work and automate more. The dashboards are easy to read and visually pleasing. You can understand things quickly, which makes it easy for our other teams. The network and infrastructure teams don't know as much about security as we do, so it helps to have a tool that's accessible and nice to look at.""The solution is very user-friendly.""The vulnerability management modules and the discovery and inventory are the most valuable features. Before using Wiz, it was a very manual process for both. After implementing it, we're able to get all of the analytics into a single platform that gives us visibility across all the systems in our cloud. We're able to correspond and understand what the vulnerability landscape looks like a lot faster.""Out of all the features, the one item that has been most valuable is the fact that Wiz puts into context all the pieces that create an issue, and applies a particular risk evaluation that helps us prioritize when we need to address a misconfiguration, vulnerability, or any issue that would put our environment into risk."

More Wiz Pros →

Cons
"The solution could improve the reports. They have been working on improving the reports but more work could be done.""All such tools should definitely improve the signatures in their database. Snyk is pretty new to the industry. They have a pretty good knowledge base, but Veracode is on top because Veracode has been in this business for a pretty long time. They do have a pretty large database of all the findings, and the way that the correlation engine works is superb. Snyk is also pretty good, but it is not as good as Veracode in terms of maintaining a large space of all the historical data of vulnerabilities.""Basically the licensing costs are a little bit expensive.""It would be great if they can include dynamic, interactive, and run-time scanning features. Checkmarx and Veracode provide dynamic, interactive, and run-time scanning, but Snyk doesn't do that. That's the reason there is more inclination towards Veracode, Checkmarx, or AppScan. These are a few tools available in the market that do all four types of scanning: static, dynamic, interactive, and run-time.""Offering API access in the lower or free open-source tiers would be better. That would help our customers. If you don't have an enterprise plan, it becomes challenging to integrate with the rest of the systems. Our customers would like to have some open-source integrations in the next release.""For the areas that they're new in, it's very early stages for them. For example, their expertise is in looking at third-party components and packages, which is their bread-and-butter and what they've been doing for ages, but for newer features such as static analysis I don't think they've got compatibility for all the languages and frameworks yet.""We were using Microsoft Docker images. It was reporting some vulnerabilities, but we were not able to figure out the fix for them. It was reporting some vulnerabilities in the Docker images given by Microsoft, which were out of our control. That was the only limitation. Otherwise, it was good.""The reporting mechanism of Snyk could improve. The reporting mechanism is available only on the higher level of license. Adjusting the policy of the current setup of recording this report is something that can improve. For instance, if you have a certain license, you receive a rating, and the rating of this license remains the same for any use case. No matter if you are using it internally or using it externally, you cannot make the adjustment to your use case. It will always alert as a risky license. The areas of licenses in the reporting and adjustments can be improve"

More Snyk Cons →

"The remediation workflow within the Wiz could be improved.""We wish there were a way, beyond providing visibility and automated remediation, to wait on a given remediation, due to a critical aspect, such as the cost associated with a particular upgrade... We would like to see preventive controls that can be applied through Wiz to protect against vulnerabilities that we're not going to be able to remediate immediately.""The reporting isn't that great. They have executive summaries, but it's only a compliance report that maps all current issues to specific controls. Whether you look at one subscription or project, regardless of the size, you will get a multipage report on how the issues in that account map to that control. Our CSO isn't going to read through that. He won't filter that out or show that to his leadership and say, "Here's what we're doing." It isn't a helpful report. They're working on it, but it's a poor executive summary.""The only small pain point has been around some of the logging integrations. Some of the complexities of the script integrations aren't supported with some of the more automated infrastructure components. So, it's not as universal. For example, they have great support for cloud formation and other services, but if you're using another type of management utility or governance language for your infrastructure-as-code automation components, it becomes a little bit trickier to navigate that.""Wiz's reporting capabilities could be refined a bit. They are making headway on that, but more executive-style dashboards would be nice. They just implemented a community aspect where you can share documents and feedback. This was something users had been requesting for a while. They are listening to customer feedback and making changes.""We would like to see improvements to executive-level reporting and data reporting in general, which we understand is being rolled out to the platform."

More Wiz Cons →

Pricing and Cost Advice
  • "Pricing-wise, it is not expensive as compared to other tools. If you have a couple of licenses, you can scan a certain number of projects. It just needs to be attached to them."
  • "It is pretty expensive. It is not a cheap product."
  • "The license model is based on the number of contributing developers. Snyk is expensive, for a startup company will most likely use the community edition, while larger companies will buy the licensed version. The price of Snyk is more than other SLA tools."
  • "I didn't think the price was that great, but it wasn't that bad, either. I'd rate their pricing as average in the market."
  • "We are using the open-source version for the scans."
  • "Cost-wise, it's similar to Veracode, but I don't know the exact cost."
  • "The pricing is acceptable, especially for enterprises. I don't think it's too much of a concern for our customers. Something like $99 per user is reasonable when the stakes are high."
  • "The price of the solution is expensive compared to other solutions."

    • More Snyk Pricing and Cost Advice →

  • "The pricing seems pretty simple. We don't have to do a lot of calculations to figure out what the components are. They do it by enabling specific features, either basics or advanced, which makes it easy to select."
  • "The pricing is fair. Some of the more advanced features and functionalities and how the tiers are split can be somewhat confusing."
  • "The pricing is fair and comparable to their competitors. The cost seems to be going up, which is a concern. There are potential savings from consolidating tools, but we're uncertain how Wiz's pricing will change over time."
  • "I wish the pricing was more transparent."

    • More Wiz Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Container Security solutions are best for your needs.
    See Recommendations
    687,256 professionals have used our research since 2012.
    Questions from the Community
    How does Snyk compare with SonarQube?
    Top Answer:Snyk does a great job identifying and reducing vulnerabilities. This solution is fully automated and monitors 24/7 to find any issues reported on the internet. It will store dependencies that you are… more »
    What do you like most about Snyk?
    Top Answer:It is easy for developers to use. The documentation is clear as well as the APIs are good and easily readable. It's a good solution overall.
    Read all 16 answers   →
    What needs improvement with Snyk?
    Top Answer:We would like to have upfront knowledge on how easy it should be to just pull in an upgraded dependency, e.g., even introduce full automation for dependencies supposed to have no impact on the… more »
    Read all 16 answers   →
    How would you compare Wiz vs Lacework?
    Top Answer:Wiz and Lacework sucks... Buy Orca. 
    What do you like most about Wiz?
    Top Answer:The CSPM module has been the most effective. It was easy to deploy and covered all our accounts through APIs, requiring no agents. Wiz provides instant visibility into high-level risks that we need to… more »
    Read all 3 answers   →
    What is your experience regarding pricing and costs for Wiz?
    Top Answer:The pricing is fair and comparable to their competitors. The cost seems to be going up, which is a concern. There are potential savings from consolidating tools, but we're uncertain how Wiz's pricing… more »
    Read all 3 answers   →
    Ranking
    2nd
    out of 31 in Container Security
    Views
    35,843
    Comparisons
    26,458
    Reviews
    10
    Average Words per Review
    562
    Rating
    7.9
    8th
    out of 31 in Container Security
    Views
    9,229
    Comparisons
    6,885
    Reviews
    2
    Average Words per Review
    1,601
    Rating
    8.5
    Comparisons
    SonarQube logo
    SonarQube vs. Snyk
    Compared 27% of the time.
    Black Duck logo
    Black Duck vs. Snyk
    Compared 11% of the time.
    Mend logo
    Mend vs. Snyk
    Compared 6% of the time.
    Checkmarx logo
    Checkmarx vs. Snyk
    Compared 5% of the time.
    More Snyk Competitors   →
    + Add more products to compare
    Orca Security logo
    Orca Security vs. Wiz
    Compared 30% of the time.
    Lacework logo
    Lacework vs. Wiz
    Compared 12% of the time.
    Microsoft Defender for Cloud logo
    Microsoft Defender for Cloud vs. Wiz
    Compared 6% of the time.
    Aqua Security logo
    Aqua Security vs. Wiz
    Compared 3% of the time.
    More Wiz Competitors   →
    + Add more products to compare
    Learn More
    Snyk
    Wiz
    Overview

    Snyk is a user-friendly security solution that enables users to safely develop and use open source code. Users can create automatic scans that allow them to keep a close eye on their code and prevent bad actors from exploiting vulnerabilities. This enables users to find and remove vulnerabilities soon after they appear.

    Benefits of Snyk

    Some of the benefits of using Snyk include:

    • Conserves resources: Snyk easily integrates with other security solutions and uses their security features to ensure that the work that users are doing is completely secure. These integrations allow them to protect themselves without pulling resources from their continued integration or continued delivery workflows. Resources can be conserved for areas of the greatest need.
    • Highly flexible: Snyk enables users to customize the system’s security automation features to meet their needs. Users can guarantee that the automation performs the functions that are most essential for their current project. Additionally, users are able to maintain platform governance consistency across their system.
    • Keeps users ahead of emerging threats. Snyk employs a database of threats that help it detect and keep track of potential issues. This database is constantly being updated to reflect the changes that take place in the realm of cybersecurity. It also uses machine learning. Users are prepared to deal with new issues as they arise.
    • Automatically scans projects for threats. Snyk’s command-line interface enables users to schedule the solution to run automatic scans of their projects. Time and manpower can be conserved for the areas of greatest need without sacrificing security.

    Reviews from Real Users

    Snyk is a security platform for developers that stands out among its competitors for a number of reasons. Two major ones are its ability to integrate with other security solutions and important insights that it can enable users to discover. Snyk enables users to combine its already existing security features with those of other solutions to create far more robust and flexible layers of security than what it can supply on its own. It gives users the ability to dig into the security issues that they may experience. Users are given a clear view of the root causes of these problems. This equips them to address the problem and prevent similar issues in the future.

    Cameron G., a security software engineer at a tech company, writes, “The most valuable features are their GitLab and JIRA integrations.The GitLab integration lets us pull projects in pretty easily, so that it's pretty minimal for developers to get it set up. Using the JIRA integration, it's also pretty easy to get the information that is generated, as a result of that GitLab integration, back to our teams in a non-intrusive way and in a workflow that we are already using. Snyk is something of a bridge that we use; we get our projects into it and then get the information out of it. Those two integrations are crucial for us to be able to do that pretty simply.”

    Sean M., the chief information security officer of a technology vendor, writes, "From the software composition analysis perspective, it first makes sure that we understand what is happening from a third-party perspective for the particular product that we use. This is very difficult when you are building software and incorporating dependencies from other libraries, because those dependencies have dependencies and that chain of dependencies can go pretty deep. There could be a vulnerability in something that is seven layers deep, and it would be very difficult to understand that is even affecting us. Therefore, Snyk provides fantastic visibility to know, "Yes, we have a problem. Here is where it ultimately comes from." It may not be with what we're incorporating, but something much deeper than that."

    Wiz is reinventing cloud security from the inside out.

    We’re on a mission to help organizations effectively reduce risks in their Cloud and Kubernetes environments. Purpose-built for the unique complexities of multi-environment, multi-workload, and multi-project cloud estates, Wiz automatically correlates the critical risk factors to deliver actionable insights that don't waste time.

    Wiz connects in minutes using a 100% API-based approach that scans both platform configurations and inside every workload. Our full security stack context surfaces the toxic combinations that show the attackers’ view to a breach. Security and development teams use Wiz workflows to proactively remove risks and prevent them from becoming breaches.

    Get a demo | Wiz

    Offer
    Learn more about Snyk
    Learn More
    Learn more about Wiz
    Learn More
    Sample Customers
    StartApp, Segment, Skyscanner, DigitalOcean, Comic Relief
    Wiz is the fastest growing software company ever - $100M ARR in 18 months: Wiz becomes the fastest-growing software company ever | Wiz Blog  Discover why companies, including Salesforce, Morgan Stanley, Fox, and Bridgewater choose Wiz as their cloud security partner. Read their success stories here: Customers | Wiz
    Top Industries
    REVIEWERS
    Financial Services Firm20%
    Computer Software Company20%
    Individual & Family Service10%
    Comms Service Provider10%
    VISITORS READING REVIEWS
    Computer Software Company19%
    Financial Services Firm12%
    Comms Service Provider7%
    Insurance Company6%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Financial Services Firm14%
    Manufacturing Company7%
    Government6%
    Company Size
    REVIEWERS
    Small Business39%
    Midsize Enterprise32%
    Large Enterprise29%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise14%
    Large Enterprise64%
    REVIEWERS
    Midsize Enterprise43%
    Large Enterprise57%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise16%
    Large Enterprise63%
    Buyer's Guide
    Snyk vs. Wiz
    March 2023
    Free Report: Snyk vs. Wiz
    Find out what your peers are saying about Snyk vs. Wiz and other solutions. Updated: March 2023.
    DOWNLOAD NOW
    687,256 professionals have used our research since 2012.

    Snyk is ranked 2nd in Container Security with 12 reviews while Wiz is ranked 8th in Container Security with 6 reviews. Snyk is rated 8.0, while Wiz is rated 9.2. The top reviewer of Snyk writes "Does a good analysis from the licensing and open-source perspective, but the UI, reporting, and scanning should be better". On the other hand, the top reviewer of Wiz writes "The dashboards are easy to read and visually pleasing, so you can understand everything quickly". Snyk is most compared with SonarQube, Black Duck, Mend, Checkmarx and Veracode Software Composition Analysis, whereas Wiz is most compared with Orca Security, Prisma Cloud by Palo Alto Networks, Lacework, Microsoft Defender for Cloud and Aqua Security. See our Snyk vs. Wiz report.

    See our list of best Container Security vendors.

    We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.