We performed a comparison between Tenable.io Container Security and Snyk based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Tenable.io Container Security excels at identifying weaknesses and misconfigurations. Snyk is commended for its scanning features and ability to generate pull requests and resolve problems automatically. Tenable.io Container Security could its auto-remediation, asset visibility, and compliance system customization. Snyk could work on improving compatibility while expanding its vulnerability database and enhancing its reporting mechanism.
Service and Support: Users say Tenable.io support is hindered by technical challenges. Some users said they value Snyk's proactive approach and the abundance of resources they provide, while others said that Snyk should rethink how their support team organizes and prioritizes requests.
Ease of Deployment: Both products are relatively easy to set up with good support from their respective teams.The setup process for Tenable.io Container Security is made easier by solid documentation. Tenable.io takes around one or two weeks to deploy on average, while Snyk's implementation process can take a couple of days or a few weeks. Integrating Snyk with different repositories or CI/CD systems is generally considered to be simple, although some users reported challenges.
Pricing: Tenable.io Container Security's cost is determined by the application's page count. Snyk's pricing is viewed as costly compared to alternative options. Nevertheless, but many users said that Snyk's pricing is justifiable for businesses, as it includes integrated features and avoids additional expenses.
ROI: Tenable.io Container Security yields an ROI by enhancing container security and averting security incidents. Snyk emphasizes economical bug resolution early in the development process, possibly resulting in a significant return on investment.
Comparison Results: Tenable.io Container Security is preferred Snyk. Users appreciate its efficient setup process, extensive vulnerability detection, and ability to identify misconfiguration. Tenable.io Container Security also offers superior technical support and a customizable compliance system. Snyk lacks some of the advanced features and support options provided by Tenable.io.
"The cloud misconfiguration is the most valuable feature."
"Cloud Native Security is user-friendly. Everything in the Cloud Native Security tool is straightforward, including detections, integration, reporting, etc. They are constantly improving their UI by adding plugins and other features."
"It is very straightforward. It is not complicated. For the information that it provides, it does a pretty good job."
"As a frequently audited company, we value PingSafe's compliance monitoring features. They give us a report with a compliance score for how well we meet certain regulatory standards, like HIPAA. We can show our compliance as a percentage. It's also a way to show that we are serious about security."
"The most valuable feature is the ability to gain deep visibility into the workloads inside containers."
"The solution helped free other staff to work on other projects or other tasks. We basically just had to do a bunch of upfront configuring. With it, we do not have to spend as much time in the console."
"We mostly use alerts. That has been pretty good. If we use the alert system from Amazon, it is much costlier to us, so we use PingSafe."
"Cloud Native Security helps us discover vulnerabilities in a cloud environment like open ports that allow people to attack our environment. If someone unintentionally opens a port, we are exposed. Cloud Native Security alerts us so we can remediate the problem. We can also automate it so that Cloud Native Security will fix it."
"It is easy for developers to use. The documentation is clear as well as the APIs are good and easily readable. It's a good solution overall."
"Snyk has given us really good results because it is fully automated. We don't have to scan projects every time to find vulnerabilities, as it already stores the dependencies that we are using. It monitors 24/7 to find out if there are any issues that have been reported out on the Internet."
"Our customers find container scans most valuable. They are always talking about it."
"We're loving some of the Kubernetes integration as well. That's really quite cool. It's still in the early days of our use of it, but it looks really exciting. In the Kubernetes world, it's very good at reporting on the areas around the configuration of your platform, rather than the things that you've pulled in. There's some good advice there that allows you to prioritize whether something is important or just worrying. That's very helpful."
"From the software composition analysis perspective, it first makes sure that we understand what is happening from a third-party perspective for the particular product that we use. This is very difficult when you are building software and incorporating dependencies from other libraries, because those dependencies have dependencies and that chain of dependencies can go pretty deep. There could be a vulnerability in something that is seven layers deep, and it would be very difficult to understand that is even affecting us. Therefore, Snyk provides fantastic visibility to know, "Yes, we have a problem. Here is where it ultimately comes from." It may not be with what we're incorporating, but something much deeper than that."
"It has an accurate database of vulnerabilities with a low amount of false positives."
"The dependency checks of the libraries are very valuable, but the licensing part is also very important because, with open source components, licensing can be all over the place. Our project is not an open source project, but we do use quite a lot of open source components and we want to make sure that we don't have surprises in there."
"There are many valuable features. For example, the way the scanning feature works. The integration is cool because I can integrate it and I don't need to wait until the CACD, I can plug it in to our local ID, and there I can do the scanning. That is the part I like best."
"Nessus scanner is very effective for internal penetration testing."
"The tool's most valuable feature is scanning, reporting, and troubleshooting."
"It is a scalable solution. Scalability-wise, it is a good solution."
"Tenable.io detects misconfiguration when you deploy a Docker or Kubernetes container. It's much better to remedy these issues during deployment instead of waiting until the container is already in the production environment."
"The strong security provided by the product in the container environment is its most valuable feature."
"Currently, I haven't implemented the solution due to its deprecation by the site. However, I can highlight some benefits of Tenable Cloud Security, a cybersecurity solution with various features for scanning vulnerabilities in both cloud environments and on-premises container security."
"It helps us secure our applications from the build phase and identify the weaknesses from scratch."
"In addition to our telecom and Slack channels, it would be helpful to receive Cloud Native Security security notifications in Microsoft Teams."
"One of our use cases was setting up a firewall for our endpoints, specifically for our remote users... We were hoping to utilize SentinelOne's firewall capabilities, but there were limitations on how many URLs we could implement. Because of those limitations on the number of URLs, we weren't able to utilize that feature in the way we had hoped to."
"There is no break-glass account feature. They should implement this as soon as possible because we can't implement SSO without a break-glass feature."
"Customized queries should be made easier to improve PingSafe."
"We've found a lot of false positives."
"Sometimes the Storyline ID is a bit wacky."
"We had a glitch in PingSafe where it fed us false positives in the past."
"We are experiencing problems with Cloud Native Security reporting."
"Because Snyk has so many integrations and so many things it can do, it's hard to really understand all of them and to get that information to each team that needs it... If there were more self-service, perhaps tutorials or overviews for new teams or developers, so that they could click through and see things themselves, that would help."
"The tool needs improvement in license compliance. I would like to see the integration of better policy management in the product's future release. When it comes to the organization that I work for, there are a lot of business units since we are a group of companies. Each of these companies has its specific requirements and its own appetite for risk. This should be able to reflect in flexible policies. We need to be able to configure policies that can be adjusted later or overridden by the business unit that is using the product."
"We use Bamboo for CI.CD, and we had problems integrating Snyk with it. Ultimately, we got the two solutions to work together, but it was difficult."
"I think Snyk should add more of a vulnerability protection feature in the tool since it is an area where it lacks."
"All such tools should definitely improve the signatures in their database. Snyk is pretty new to the industry. They have a pretty good knowledge base, but Veracode is on top because Veracode has been in this business for a pretty long time. They do have a pretty large database of all the findings, and the way that the correlation engine works is superb. Snyk is also pretty good, but it is not as good as Veracode in terms of maintaining a large space of all the historical data of vulnerabilities."
"It lists projects. So, if you have a number of microservices in an enterprise, then you could have pages of findings. Developers will then spend zero time going through the pages of reports to figure out, "Is there something I need to fix?" While it may make sense to list all the projects and issues in these very long lists for completeness, Snyk could do a better job of bubbling up and grouping items, e.g., a higher level dashboard that draws attention to things that are new, the highest priority things, or things trending in the wrong direction. That would make it a lot easier. They don't quite have that yet in container security."
"The tool's initial use is complex."
"We would like to have upfront knowledge on how easy it should be to just pull in an upgraded dependency, e.g., even introduce full automation for dependencies supposed to have no impact on the business side of things. Therefore, we would like some output when you get the report with the dependencies. We want to get additional information on the expected impact of the business code that is using the dependency with the newer version. This probably won't be easy to add, but it would be helpful."
"The stability and setup phase of the product are areas with shortcomings where improvements are needed."
"The support is tricky to reach, so we would like better-oriented technical support enabled."
"Tenable.io Container Security should improve integration modules. It should also improve stability."
"I feel that in certain areas this product has false positives which the company should work on. They should also try to include business logic vulnerabilities in the scanner testing. Finally, the vulnerability assessment feature should be increased to other hardware devices, apart from firewalls."
"The initial setup is highly complex."
"They need to work on auto-remediation so it's easier for the security team to act quickly when certain assets or resources are deployed. The latest version has a CIS benchmark that you need to meet for containers in the cloud, but more automation is needed."
"I believe integration plays a crucial role for Tenable, particularly in terms of connecting with other products and various container solutions like Docker or Kubernetes. It seems that in future updates, enhanced integration is something I would appreciate. Currently, there is integration with Docker, but when it comes to Kubernetes or other container solutions, it appears to be a challenge, especially with on-prem scanners."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
More Tenable.io Container Security Pricing and Cost Advice →
Snyk is ranked 5th in Container Security with 41 reviews while Tenable.io Container Security is ranked 21st in Container Security with 7 reviews. Snyk is rated 8.2, while Tenable.io Container Security is rated 7.8. The top reviewer of Snyk writes "Performs software composition analysis (SCA) similar to other expensive tools". On the other hand, the top reviewer of Tenable.io Container Security writes "It helps you catch misconfigurations before they go into a production environment where they're harder to deal with". Snyk is most compared with SonarQube, Black Duck, GitHub Advanced Security, Fortify Static Code Analyzer and Veracode, whereas Tenable.io Container Security is most compared with Prisma Cloud by Palo Alto Networks, Aqua Cloud Security Platform, Wiz, Trivy and Red Hat Advanced Cluster Security for Kubernetes. See our Snyk vs. Tenable.io Container Security report.
See our list of best Container Security vendors.
We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.