We performed a comparison between Aqua Security Platform and Snyk based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Aqua Security Platform is highly appreciated for its ability to secure container images, identify vulnerabilities, and detect malware. Snyk is acclaimed for being developer-friendly, offering automatic pull request creation and software composition analysis. Aqua Security Platform could improve by automating reporting and log forwarding. Users also complain that it is too resource-heavy. Snyk could focus on improving compatibility and reporting capabilities. Reviewers said that Snyk could automate remediation and simplify functions.
Service and Support: Aqua Security Platform's customer service is generally considered prompt and supportive, but some users reported that they had to fix some issues themselves. Some users said Snyk's customer service should improve the way it organizes and prioritizes support tickets.
Ease of Deployment: Users reported varying levels of difficulty with Aqua's setup process, with some saying the solution required specialized knowledge. Snyk's setup was generally considered straightforward, with some variations depending on specific circumstances.
Pricing: Aqua Security Platform is moderately priced. Snyk is considered expensive, particularly for smaller companies. However, some users said the pricing was manageable for larger enterprises.
ROI: Snyk offers a budget-friendly solution that has the potential to offset annual subscription costs by addressing bugs faster. Users offered limited feedback on the ROI for Aqua Security Platform.
Comparison Results: Our users prefer Snyk over Aqua Security Platform. Users appreciate Snyk's straightforward setup and developer-friendly approach. Snyk offers valuable features like scanning, automatic pull requests, and software composition analysis.
"Valuable features include the ability to connect it to our Docker Hub where our images are stored, good integration with Slack, and the connection to the CV, to easily see which CVs are on each image."
"We use Aqua Security for the container security features."
"Aqua Security allowed us to gain visibility into the vulnerabilities that were present in the container images, that were being rolled out, the amount of risk that we were introducing to the platform, and provided us a look into the container environment by introducing access control mechanisms. In addition, when it came to runtime-level policies, we could restrict container access to resources in our environment, such as network-level or other application-level access."
"Support is very helpful."
"The CSPM product is great at securing our cloud accounts and I really like the runtime protection for containers and functions too."
"From what I understand, the initial setup is simple."
"Customers find it invaluable to have the ability to check for vulnerabilities in an image before deployment, similar to a sandbox environment."
"The most helpful feature of Aqua Security is Drift Prevention, which is a feature that allows images to be immutable. In addition, one of the main reasons we went with Aqua Security is because it provides strong protection when it comes to runtime security."
"What is valuable about Snyk is its simplicity."
"We use Snyk to check vulnerabilities and rectify potential leaks in GitHub."
"The most effective feature in securing project dependencies stems from its ability to highlight security vulnerabilities."
"Snyk categorizes the level of vulnerability into high, medium, and low, which helps organizations prioritize which issues to tackle first."
"The most valuable features include enriched information around the vulnerabilities for better triaging, in terms of the vulnerability layer origin and vulnerability tree."
"I am impressed with the product's security vulnerability detection. My peers in security are praising the tool for its accuracy to detect security vulnerabilities. The product is very easy to onboard. It doesn't require a lot of preparation or prerequisites. It's a bit of a plug-and-play as long as you're using a package manager or for example, you are using a GitHub repository. And that is an advantage for this tool because developers don't want to add more tools to what they're currently using."
"It has improved our vulnerability rating and reduced our vulnerabilities through the tool during the time that we've had it. It's definitely made us more aware, as we have removed scoping for existing vulnerabilities and platforms since we rolled it out up until now."
"The most valuable feature of Snyk is the software composition analysis."
"The integrations on CICD could be improved. If Aqua had more plugins or container images to integrate and automate more easily on CICD, it would be better."
"I would like Aqua Security to look into is the development of a web security portal."
"They want to release improvements to their product to work with other servers because now there are more focused on the Kubernetes environment. They need to improve the normal servers. I would like to have more options."
"In the next release, Aqua Security should add the ability to automatically send reports to customers."
"It's a bit hard to use the user roles. That was a bit confusing."
"Aqua Security could improve the forwarding of logging into Splunk and into other tools, it should be easier."
"We would like to see an improvement in the overview visibility that this solution offers."
"Since we are working from home, we would like to have the proper training for Aqua."
"Compatibility with other products would be great."
"DAST has shortcomings, and Snyk needs to improve and overcome such shortcomings."
"There are some new features that we would like to see added, e.g., more visibility into library usage for the code. Something along the lines where it's doing the identification of where vulnerabilities are used, etc. This would cause them to stand out in the market as a much different platform."
"All such tools should definitely improve the signatures in their database. Snyk is pretty new to the industry. They have a pretty good knowledge base, but Veracode is on top because Veracode has been in this business for a pretty long time. They do have a pretty large database of all the findings, and the way that the correlation engine works is superb. Snyk is also pretty good, but it is not as good as Veracode in terms of maintaining a large space of all the historical data of vulnerabilities."
"The product is very expensive."
"It would be helpful if we get a recommendation while doing the scan about the necessary things we need to implement after identifying the vulnerabilities."
"We were using Microsoft Docker images. It was reporting some vulnerabilities, but we were not able to figure out the fix for them. It was reporting some vulnerabilities in the Docker images given by Microsoft, which were out of our control. That was the only limitation. Otherwise, it was good."
"The tool should provide more flexibility and guidance to help us fix the top vulnerabilities before we go into production."
Aqua Cloud Security Platform is ranked 7th in Container Security with 16 reviews while Snyk is ranked 5th in Container Security with 41 reviews. Aqua Cloud Security Platform is rated 8.0, while Snyk is rated 8.2. The top reviewer of Aqua Cloud Security Platform writes "Reliable with good container scanning and a straightforward setup". On the other hand, the top reviewer of Snyk writes "Performs software composition analysis (SCA) similar to other expensive tools". Aqua Cloud Security Platform is most compared with Prisma Cloud by Palo Alto Networks, Wiz, Red Hat Advanced Cluster Security for Kubernetes, SUSE NeuVector and Sysdig Secure, whereas Snyk is most compared with SonarQube, Black Duck, GitHub Advanced Security, Fortify Static Code Analyzer and GitLab. See our Aqua Cloud Security Platform vs. Snyk report.
See our list of best Container Security vendors and best DevSecOps vendors.
We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.