We performed a comparison between Snyk and Tenable Vulnerability Management based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."The most valuable feature of Snyk is the SBOM."
"The dependency checks of the libraries are very valuable, but the licensing part is also very important because, with open source components, licensing can be all over the place. Our project is not an open source project, but we do use quite a lot of open source components and we want to make sure that we don't have surprises in there."
"The most valuable feature is that they add a lot of their own information to the vulnerabilities. They describe vulnerabilities and suggest their own mitigations or version upgrades. The information was the winning factor when we compared Snyk to others. This is what gave it more impact."
"It is easy for developers to use. The documentation is clear as well as the APIs are good and easily readable. It's a good solution overall."
"The most valuable feature of Snyk is the software composition analysis."
"It's very easy for developers to use. Onboarding was an easy process for all of the developers within the company. After a quick, half-an-hour to an hour session, they were fully using it on their own. It's very straightforward. Usability is definitely a 10 out of 10."
"Snyk is a developer-friendly product."
"It is a stable solution. Stability-wise, I rate the solution a ten out of ten."
"The ease of use in terms of scanning assets is valuable."
"The vulnerability management itself is the most valuable feature as well as references to the mitigation techniques."
"The most valuable feature for me is container scanning because I am interested in CICD security."
"The initial setup is straightforward so long as your infrastructure, components, and networks are in place."
"I would rate Tenable's dashboards and reporting capabilities for illustrating security posture a nine out of ten, with ten being the best."
"The solution is very simple to use."
"It is a very, very user-friendly tool...The setup is easy"
"It is pretty stable. I would rate it nine or maybe ten."
"We were using Microsoft Docker images. It was reporting some vulnerabilities, but we were not able to figure out the fix for them. It was reporting some vulnerabilities in the Docker images given by Microsoft, which were out of our control. That was the only limitation. Otherwise, it was good."
"We tried to integrate it into our software development environment but it went really badly. It took a lot of time and prevented the developers from using the IDE. Eventually, we didn't use it in the development area... I would like to see better integrations to help the developers get along better with the tool. And the plugin for the IDE is not so good. This is something we would like to have..."
"I think Snyk should add more of a vulnerability protection feature in the tool since it is an area where it lacks."
"One area where Snyk could improve is in providing developers with the line where the error occurs."
"The solution could improve the reports. They have been working on improving the reports but more work could be done."
"The feature for automatic fixing of security breaches could be improved."
"There is always more work to do around managing the volume of information when you've got thousands of vulnerabilities. Trying to get those down to zero is virtually impossible, either through ignoring them all or through fixing them. That filtering or information management is always going to be something that can be improved."
"The tool needs improvement in license compliance. I would like to see the integration of better policy management in the product's future release. When it comes to the organization that I work for, there are a lot of business units since we are a group of companies. Each of these companies has its specific requirements and its own appetite for risk. This should be able to reflect in flexible policies. We need to be able to configure policies that can be adjusted later or overridden by the business unit that is using the product."
"I'm not satisfied with the reporting structure."
"More flexibility is required compared to other solutions."
"They've been able to think about everything in terms of where the world is going and the type of assets that you've got. They've everything sorted out in that aspect, but you have to pay for most of the other components that they've got to give you complete visibility across your tech surface. If it already had those capabilities in-built, without having to add them on to take advantage of them, it would be a very compelling value proposition."
"The solution seems to focus too much on enterprises, and they really need a product that works for SMBs."
"Another area of improvement is customer service and support. Tenable needs to include support in the pricing/license. Currently, they push clients to get support from partners or channel distributors, who often charge a lot."
"An area of improvement for this solution is being able to customize the dashboard. For example, the dashboard does not allow us to view a previous months vulnerability results alongside current results to make comparisons."
"The one drawback that we have found is the reports."
"It's not a user-friendly tool since it has a complicated interface."
More Tenable Vulnerability Management Pricing and Cost Advice →
Snyk is ranked 4th in Application Security Tools with 41 reviews while Tenable Vulnerability Management is ranked 2nd in Vulnerability Management with 39 reviews. Snyk is rated 8.2, while Tenable Vulnerability Management is rated 8.2. The top reviewer of Snyk writes "Performs software composition analysis (SCA) similar to other expensive tools". On the other hand, the top reviewer of Tenable Vulnerability Management writes "Discovers vulnerabilities and integrates well with other solutions". Snyk is most compared with SonarQube, Black Duck, GitHub Advanced Security, Fortify Static Code Analyzer and Veracode, whereas Tenable Vulnerability Management is most compared with Tenable Security Center, Tenable Nessus, Qualys VMDR, Amazon Inspector and Armis.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.