We performed a comparison between Snyk and SUSE NeuVector based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Snyk is highly regarded for its developer-friendly approach, broad feature set, and seamless integration with other tools. SUSE NeuVector is praised for its wide range of features, informative user interface, ISO certification checks, and automation capabilities. Reviewers say Snyk should improve its vulnerability database and reporting mechanism. SUSE NeuVector needs to expand scanning support and work on monitoring, reporting, and integration.
Service and Support: Snyk customers say support could improve the way they organize and prioritize assistance. SUSE NeuVector's support is praised for being supportive, prompt, and well-informed, although a few reviewers consider the process to be complex.
Ease of Deployment: Snyk's setup is generally considered to be simple, with good support from the vendor team. SUSE NeuVector can be either easy or difficult, depending on the user. Some users find it straightforward, while others find it complex and challenging. Integrating SUSE NeuVector with pipelines is particularly difficult, often requiring the use of custom scripts.
Pricing: Snyk is regarded as pricey, but users believe the cost is justified because of the features it offers. The pricing and licensing experiences of SUSE NeuVector users vary, with some considering it affordable and others indicating a need for improvement.
ROI: Snyk offers a cost-effective way to detect vulnerabilities, and customers can realize a solid ROI by resolving bugs earlier. SUSE NeuVector provides the largest ROI for high-risk sectors such as financial services, although its benefits may be limited for some sectors, such as retail.
Comparison Results: Snyk is preferred over SUSE NeuVector. Snyk is oriented toward developers, and users appreciate the scanning feature, automatic pull request creation, and software composition analysis tools. The setup is regarded as straightforward, with the Snyk team providing exceptional support. SUSE NeuVector's setup is more intricate and demanding, often requiring custom scripts for integration with pipelines.
"The most valuable feature of PingSafe is its integration with most of our technology stack, specifically all of our cloud platforms and ticketing software."
"When creating cloud infrastructure, Cloud Native Security evaluates the cloud security parameters and how they will impact the organization's risk. It lets us know whether our security parameter conforms to international industry standards. It alerts us about anything that increases our risk, so we can address those vulnerabilities and prevent attacks."
"It used to guide me about an alert. There is something called an alert guide. I used to click on the alert guide, and I could read everything. I could read about the alert and how to resolve it. I used to love that feature."
"PingSafe offers comprehensive security posture management."
"Cloud Native Security is user-friendly. Everything in the Cloud Native Security tool is straightforward, including detections, integration, reporting, etc. They are constantly improving their UI by adding plugins and other features."
"PingSafe released a new security graph tool that helps us identify the root issue. Other tools give you a pass/fail type of profile on all misconfigurations, and those will run into the thousands. PingSafe's graphing algorithm connects various components together and tries to identify what is severe and what is not. It can correlate various vulnerabilities and datasets to test them on the back end to pinpoint the real issue."
"We like PingSafe's vulnerability assessment and management features, and its vulnerability databases."
"PingSafe offers an intuitive user interface that lets us navigate quickly and easily."
"The most valuable features of Snyk are vulnerability scanning and automation. The automation the solution brings around vulnerability scanning is useful."
"The most valuable features are their GitLab and JIRA integrations. The GitLab integration lets us pull projects in pretty easily, so that it's pretty minimal for developers to get it set up. Using the JIRA integration, it's also pretty easy to get the information that is generated, as a result of that GitLab integration, back to our teams in a non-intrusive way and in a workflow that we are already using."
"I think all the standard features are quite useful when it comes to software component scanning, but I also like the new features they're coming out with, such as container scanning, secrets scanning, and static analysis with SAST."
"It is a stable solution. Stability-wise, I rate the solution a ten out of ten."
"Our overall security has improved. We are running fewer severities and vulnerabilities in our packages. We fixed a lot of the vulnerabilities that we didn't know were there."
"The most valuable features include enriched information around the vulnerabilities for better triaging, in terms of the vulnerability layer origin and vulnerability tree."
"It has an accurate database of vulnerabilities with a low amount of false positives."
"We're loving some of the Kubernetes integration as well. That's really quite cool. It's still in the early days of our use of it, but it looks really exciting. In the Kubernetes world, it's very good at reporting on the areas around the configuration of your platform, rather than the things that you've pulled in. There's some good advice there that allows you to prioritize whether something is important or just worrying. That's very helpful."
"The tool's deployment is simple. Also, I am impressed with its risk capabilities."
"The most valuable feature of SUSE NeuVector is its run-time security."
"The features of image scanning and anti-malware are really valuable."
"The UI has a lot of features."
"When it comes to the price, we got a really good deal from the vendor instantly."
"The initial setup is quite good, it's straightforward."
"The most valuable feature of SUSE NeuVector is the performance, deployment, and cost."
"Maybe container runtime security could be improved."
"here is a bit of a learning curve. However, you only need two to three days to identify options and get accustomed."
"We are experiencing problems with Cloud Native Security reporting."
"Cloud Native Security's reporting could be better. We are unable to see which images are impacted. Several thousand images have been deployed, so if we can see some application-specific information in the dashboard, we can directly send that report to the team that owns the application. We'd also like the option to download the report from the portal instead of waiting for the report to be sent to our email."
"Customized queries should be made easier to improve PingSafe."
"PingSafe is an excellent CSPM tool, but the CWPP features need to improve, and there is a scope for more application security posture management features. There aren't many ASPM solutions on the market, and existing ones are costly. I would like to see PingSafe develop into a single pane of glass for ASPM, CSPM, and CWPP. Another feature I'd like to see is runtime protection."
"The integration with Oracle has room for improvement."
"In terms of ease of use, initially, it is a bit confusing to navigate around, but once you get used to it, it becomes easier."
"It would be great if they can include dynamic, interactive, and run-time scanning features. Checkmarx and Veracode provide dynamic, interactive, and run-time scanning, but Snyk doesn't do that. That's the reason there is more inclination towards Veracode, Checkmarx, or AppScan. These are a few tools available in the market that do all four types of scanning: static, dynamic, interactive, and run-time."
"The tool's initial use is complex."
"It can be improved from the reporting perspective and scanning perspective. They can also improve it on the UI front."
"For the areas that they're new in, it's very early stages for them. For example, their expertise is in looking at third-party components and packages, which is their bread-and-butter and what they've been doing for ages, but for newer features such as static analysis I don't think they've got compatibility for all the languages and frameworks yet."
"Offering API access in the lower or free open-source tiers would be better. That would help our customers. If you don't have an enterprise plan, it becomes challenging to integrate with the rest of the systems. Our customers would like to have some open-source integrations in the next release."
"We tried to integrate it into our software development environment but it went really badly. It took a lot of time and prevented the developers from using the IDE. Eventually, we didn't use it in the development area... I would like to see better integrations to help the developers get along better with the tool. And the plugin for the IDE is not so good. This is something we would like to have..."
"The tool needs improvement in license compliance. I would like to see the integration of better policy management in the product's future release. When it comes to the organization that I work for, there are a lot of business units since we are a group of companies. Each of these companies has its specific requirements and its own appetite for risk. This should be able to reflect in flexible policies. We need to be able to configure policies that can be adjusted later or overridden by the business unit that is using the product."
"The feature for automatic fixing of security breaches could be improved."
"The tool should offer seamless integration of other security tools while in a hybrid environment."
"I would say that this solution should improve monitoring and reporting. I would also like to see more integrations so that we could essentially make it a part of a developing pipeline."
"The image-scanning features need improvement."
"We are also working with IaaS VMS, but NeuVector doesn't support virtual machines."
"SUSE NeuVector could improve by increasing its visibility into other elements of the DevSecOps pipeline. Additionally, scanning around infrastructure would be helpful."
"The documentation needs to improve a bit."
"SUSE NeuVector should provide more security protection rules and better container image scanning."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
Snyk is ranked 5th in Container Security with 41 reviews while SUSE NeuVector is ranked 20th in Container Security with 7 reviews. Snyk is rated 8.2, while SUSE NeuVector is rated 7.8. The top reviewer of Snyk writes "Performs software composition analysis (SCA) similar to other expensive tools". On the other hand, the top reviewer of SUSE NeuVector writes "Good value for money; great for policy management". Snyk is most compared with SonarQube, Black Duck, GitHub Advanced Security, Fortify Static Code Analyzer and Veracode, whereas SUSE NeuVector is most compared with Sysdig Falco, Prisma Cloud by Palo Alto Networks, Aqua Cloud Security Platform, Red Hat Advanced Cluster Security for Kubernetes and Wiz. See our SUSE NeuVector vs. Snyk report.
See our list of best Container Security vendors.
We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
