Snyk Reviews

I am using Snyk for DevOps and security.

The most valuable features of Snyk are vulnerability scanning and automation. The automation the solution brings around vulnerability scanning is useful.

The solution could improve the reports. They have been working on improving the reports but more work could be done.

I have been using Snyk for a few months.

The stability of Snyk is good.

We have not had any challenges with the scalability of Snyk.

There are good resources to answer questions when we have issues.

I have not used a testing solution prior to Snyk.

The initial setup of Snyk was easy.

The price of the solution is expensive compared to other solutions.

I would recommend people use the free tier first before they purchase.

I rate Snyk a ten out of ten.

The solution is set up in a test lab for proof of concept on the ACIA component. Our client is proposing the solution in an RFP response that will include 3,000 users when awarded. 

The solution has great features and is quite stable. 

The log export function could be easier when shipping logs to other platforms such as Splunk. 

I have been using the solution for months.

The stability is quite good. 

The solution is scalable with no issues. 

I have not needed technical support. 

The initial setup is quite straightforward and took fifteen minutes. 

We implemented the solution in-house. 

In our lab environment, the deployment strategy is to install and run with no complex operations. 

I rate the solution a nine out of ten. 

I am a reseller. We provide solutions for our customers.

It's a good product. I haven't seen any weakness.

Snyk is a developer-friendly product.

Compatibility with other products would be great.

I have not contacted technical support.

Previously, I was working with Micro Focus Fortify.

The initial setup is easy.

We have also evaluated Prisma Cloud by Palo Alto.

We tried to partner up with Snyk, but we were not successful in gaining a partnership. We are not authorized Snyk resellers.

I would rate Snyk an eight out of ten.

We use the product to scan our code for any vulnerable dependencies we might have. We depend on open source libraries and need to make sure they're secure. If not, we need to highlight the areas and replace them, update them quickly. A secondary, minor use case is to also look at licensing and make sure that we're not using open source licenses we should not be using. Those are our two use cases.

What is valuable about Snyk is its simplicity, and that's the main selling point. It's understandably also very cheap because you don't need as much account management resources to manage the relationship with the customer and that's a benefit. I also like that it's self-service, with extremely easy integration. You don't need to speak to anybody to get you off and running and they have loads of integrations with source control and cloud CI systems. They are a relatively new product so they might not have a bigger library than competitors, but it's a good product overall.

They do however have the option to install Snyk on-prem, but it is much more expensive.

The product could be improved by including other types of security scanning (e.g. SAST or DAST), which is important. It would also help to include the static analysis specifically to the open-source scanning so we could get an idea of whether a particular library is vulnerable and recognise if we're actually using the vulnerable part of it or not, they do have runtime analysis, but it is a hassle to set up.

It would be the same issue in terms of the inclusion of additional features. I think static analysis is really important. A second additional feature would be to add tags to projects, identifying an important project or assigning a project to a particular team. Custom tags would be helpful.

I've been using the product for less than a year. It's an SaaS solution, online, so we're always using the latest version. 

It's a very stable product, they are clear when a specific feature is in beta.

We have hundreds of source code repositories, and Snyk scans them in minutes (it just looks at package management files to identify the dependency tree), Snyk uses the same infrastructure to scan for all customers on the cloud which gives it lots of scalability opportunities compared to some other vendors where the software is installed on-prem or on a dedicated instance which makes the software pricy and limited (this dedicated instance will be idle most of the time, and the customer needs to pay for it).

The technical support is very good. 

Some of our products are deployed on the private cloud behind firewalls, Snyk has tools to carry out security scanning from our private repositories. 

For anyone thinking of using the product, I would suggest using cloud and SaaS providers. Generally, they are easy to work with and there's no hassle of having to talk to salespeople and arrange demos, etc. Self-service SaaS products are a good way to go when it's appropriate.

I would rate this product a nine out of 10.

The product's most valuable features are an open-source platform, remote functionality, and good pricing.

Snyk's API and UI features could work better in terms of speed. Additionally, they could optimize and provide better reports, including reports for security, technical, and developer level.

We have been using Snyk for two and a half years.

I rate the platform's stability an eight or nine out of ten. Sometimes, we encounter downtime issues, but it has quick recovery. It impacts our system and needs improvement for better outcomes during the development phase.

We have 20 to 50 Snyk users in the development team of our organization. It is a scalable product.

The technical support services are available quickly for developers. However, they should improve their speed of response for customers.

Neutral

I have used Checkmarx and some other open-source software.

The initial setup is neither difficult nor easy. However, it works slowly. It takes some weeks or months to complete the process.

The product has good pricing. 

I recommend Snyk to others and rate it a seven out of ten.

We use this product for security analysis. It enables us to analyze the development code and find the security vulnerabilities and best practices. We have around 20 developers testing this solution. I'm the senior DevOps and we are users of Snyk.

The solution is very easy to install. It provides clear information and is easy to follow. We get good feedback regarding code practices and how to fix security issues. Another benefit is that it has worked with containers for a long time and has a partnership with Docker. They have a lot of experience and good expertise in security.

I think they could improve the feature for automatic fixing of security breaches. If they had a Kubernetes coverage of vulnerabilities that would be helpful.

I've been using this solution for two months. 

The solution is stable. 

The solution is scalable. 

The technical support is good. They are very helpful and also offered us a demo.  

The initial setup is not complicated, it's just configuring the connection, and connecting to the server.

We're using the open source version for now.

I think it's worthwhile to try this product and I rate it nine out of 10. 

In my company, Snyk is useful because it provides container security and DAST.

Snyk is a strong security solution that helps customers analyze static code and improve their security and code in their main application.

DAST has shortcomings, and Snyk needs to improve and overcome such shortcomings.

I have experience with Snyk, and it is a new solution chosen by my company. I am a reseller of the solution.

It is a stable solution. Stability-wise, I rate the solution a ten out of ten.

Scalability-wise, I rate the solution an eight out of ten.

One security engineer uses Snyk in our company, but we don't use the tool for our own use cases, and we only deploy it for our customers.

I rate the technical support a ten out of ten.

Positive

Our company previously used Micro Focus for three or four months. We have worked with Checkmark for more than two or three years.

We provide Snyk to our customers. It is a very strong solution.

I rate the initial setup a ten on a scale of one to ten, where one is difficult, and ten is easy.

The solution is deployed on the cloud since it is a SaaS solution and doesn't have an on-premises version.

The deployment process for Snyk takes like a week.

For the steps in Snyk's deployment, one has to buy a license and click on the deploy icon on Snyk's website, after which it syncs up with the system.

One person is required for deployment. Even if we talk about something like container security or DAST, only one person would be required for the deployment process.

On a scale of one to ten, where one is cheap and ten is expensive, I rate the pricing a three. It is a cheap solution.

I would definitely recommend the solution to those planning to use it since it is easy to deploy and has strong features like machine learning and the ability to analyze static codes.

Overall, I rate the solution an eight out of ten.