We performed a comparison between Snyk and SUSE NeuVector based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Snyk is highly regarded for its developer-friendly approach, broad feature set, and seamless integration with other tools. SUSE NeuVector is praised for its wide range of features, informative user interface, ISO certification checks, and automation capabilities. Reviewers say Snyk should improve its vulnerability database and reporting mechanism. SUSE NeuVector needs to expand scanning support and work on monitoring, reporting, and integration.
Service and Support: Snyk customers say support could improve the way they organize and prioritize assistance. SUSE NeuVector's support is praised for being supportive, prompt, and well-informed, although a few reviewers consider the process to be complex.
Ease of Deployment: Snyk's setup is generally considered to be simple, with good support from the vendor team. SUSE NeuVector can be either easy or difficult, depending on the user. Some users find it straightforward, while others find it complex and challenging. Integrating SUSE NeuVector with pipelines is particularly difficult, often requiring the use of custom scripts.
Pricing: Snyk is regarded as pricey, but users believe the cost is justified because of the features it offers. The pricing and licensing experiences of SUSE NeuVector users vary, with some considering it affordable and others indicating a need for improvement.
ROI: Snyk offers a cost-effective way to detect vulnerabilities, and customers can realize a solid ROI by resolving bugs earlier. SUSE NeuVector provides the largest ROI for high-risk sectors such as financial services, although its benefits may be limited for some sectors, such as retail.
Comparison Results: Snyk is preferred over SUSE NeuVector. Snyk is oriented toward developers, and users appreciate the scanning feature, automatic pull request creation, and software composition analysis tools. The setup is regarded as straightforward, with the Snyk team providing exceptional support. SUSE NeuVector's setup is more intricate and demanding, often requiring custom scripts for integration with pipelines.
"We use the infrastructure as code scanning, which is good."
"The most valuable feature of PingSafe is its integration with most of our technology stack, specifically all of our cloud platforms and ticketing software."
"When creating cloud infrastructure, Cloud Native Security evaluates the cloud security parameters and how they will impact the organization's risk. It lets us know whether our security parameter conforms to international industry standards. It alerts us about anything that increases our risk, so we can address those vulnerabilities and prevent attacks."
"It is advantageous in terms of time-saving and cost reduction."
"PingSafe's most valuable feature is its unified console."
"The ease of use of the platform is very nice."
"The real-time detection and response capabilities overall are great."
"The solution helped free other staff to work on other projects or other tasks. We basically just had to do a bunch of upfront configuring. With it, we do not have to spend as much time in the console."
"Snyk categorizes the level of vulnerability into high, medium, and low, which helps organizations prioritize which issues to tackle first."
"We have integrated it into our software development environment. We have it in a couple different spots. Developers can use it at the point when they are developing. They can test it on their local machine. If the setup that they have is producing alerts or if they need to upgrade or patch, then at the testing phase when a product is being built for automated testing integrates with Snyk at that point and also produces some checks."
"It is easy for developers to use. The documentation is clear as well as the APIs are good and easily readable. It's a good solution overall."
"It has an accurate database of vulnerabilities with a low amount of false positives."
"I find SCA to be valuable. It can read your libraries, your license and bring the best way to resolve your problem in the best scenario."
"The solution's Open Source feature gives us notifications and suggestions regarding how to address vulnerabilities."
"The code scans on the source code itself were valuable."
"Our overall security has improved. We are running fewer severities and vulnerabilities in our packages. We fixed a lot of the vulnerabilities that we didn't know were there."
"The most valuable feature of SUSE NeuVector is the performance, deployment, and cost."
"The UI has a lot of features."
"The features of image scanning and anti-malware are really valuable."
"When it comes to the price, we got a really good deal from the vendor instantly."
"The most valuable feature of SUSE NeuVector is its run-time security."
"The initial setup is quite good, it's straightforward."
"The tool's deployment is simple. Also, I am impressed with its risk capabilities."
"When you find a vulnerability and resolve it, the same issue will not occur again. I want PingSafe to block the same vulnerability from appearing again. I want something like a playbook where the steps that we take to resolve an issue are repeated when that issue happens again."
"I export CSV. I cannot export graphs. Restricting it to the CSV format has its own disadvantages. These are all machine IP addresses and information. I cannot change it to the JSON format. The export functionality can be improved."
"They could generally give us better comprehensive rules."
"The integration with Oracle has room for improvement."
"Some of the navigation and some aspects of the portal may be a little bit confusing."
"In addition to our telecom and Slack channels, it would be helpful to receive Cloud Native Security security notifications in Microsoft Teams."
"I used to work on AWS. At times, I would generate a normal bug in my system, and then I would check PingSafe. The alert used to come after about three and a half hours. It used to take that long to generate the alert about the vulnerability in my system. If a hacker attacks a system and PingSafe takes three to four hours to generate an alert, it will not be beneficial for the company. It would be helpful if we get the alert in five to ten minutes."
"They can work on policies based on different compliance standards."
"The tool should provide more flexibility and guidance to help us fix the top vulnerabilities before we go into production."
"We have to integrate with their database, which means we need to send our entire code to them to scan, and they send us the report. A company working in the financial domain usually won't like to share its code or any information outside its network with any third-party provider."
"Generating reports and visibility through reports are definitely things they can do better."
"I would like to give further ability to grouping code repositories, in such a way that you could group them by the teams that own them, then produce alerting to those teams. The way that we are seeing it right now, the alerting only goes to a couple of places. I wish we could configure the code to go to different places."
"We were using Microsoft Docker images. It was reporting some vulnerabilities, but we were not able to figure out the fix for them. It was reporting some vulnerabilities in the Docker images given by Microsoft, which were out of our control. That was the only limitation. Otherwise, it was good."
"It would be helpful if we get a recommendation while doing the scan about the necessary things we need to implement after identifying the vulnerabilities."
"The solution's integration with JFrog Artifactory could be improved."
"They were a couple of issues which happened because Snyk lacked some documentation on the integration side. Snyk is lacking a lot of documentation, and I would like to see them improve this. This is where we struggle a bit. For example, if something breaks, we can't figure out how to fix that issue. It may be a very simple thing, but because we don't have the proper documentation around an issue, it takes us a bit longer."
"SUSE NeuVector should provide more security protection rules and better container image scanning."
"SUSE NeuVector could improve by increasing its visibility into other elements of the DevSecOps pipeline. Additionally, scanning around infrastructure would be helpful."
"The image-scanning features need improvement."
"The tool should offer seamless integration of other security tools while in a hybrid environment."
"The documentation needs to improve a bit."
"I would say that this solution should improve monitoring and reporting. I would also like to see more integrations so that we could essentially make it a part of a developing pipeline."
"We are also working with IaaS VMS, but NeuVector doesn't support virtual machines."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
Snyk is ranked 5th in Container Security with 41 reviews while SUSE NeuVector is ranked 19th in Container Security with 7 reviews. Snyk is rated 8.2, while SUSE NeuVector is rated 7.8. The top reviewer of Snyk writes "Performs software composition analysis (SCA) similar to other expensive tools". On the other hand, the top reviewer of SUSE NeuVector writes "Good value for money; great for policy management". Snyk is most compared with SonarQube, Black Duck, GitHub Advanced Security, Fortify Static Code Analyzer and Veracode, whereas SUSE NeuVector is most compared with Prisma Cloud by Palo Alto Networks, Sysdig Falco, Aqua Cloud Security Platform, Red Hat Advanced Cluster Security for Kubernetes and CrowdStrike Falcon Cloud Security. See our SUSE NeuVector vs. Snyk report.
See our list of best Container Security vendors.
We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
