We performed a comparison between Snyk and Tenable Vulnerability Management based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."Our customers find container scans most valuable. They are always talking about it."
"I find SCA to be valuable. It can read your libraries, your license and bring the best way to resolve your problem in the best scenario."
"The CLI feature is quite useful because it gives us a lot of flexibility in what we want to do. If you use the UI, all the information is there and you can see what Snyk is showing you, but there is nothing else that you can change. However, when you use the CLI, then you can use commands and can get the output or response back from Snyk. You can also take advantage of that output in a different way. For the same reason, we have been using the CLI for the hard gate in the pipeline: Obtain a particular CDSS score for vulnerability. Based on that information, we can then decide if we want to block or allow the build. We have more flexibility if we use the CLI."
"The most valuable feature of Snyk is the SBOM."
"The most valuable features include enriched information around the vulnerabilities for better triaging, in terms of the vulnerability layer origin and vulnerability tree."
"Snyk helps me pinpoint security errors in my code."
"We're loving some of the Kubernetes integration as well. That's really quite cool. It's still in the early days of our use of it, but it looks really exciting. In the Kubernetes world, it's very good at reporting on the areas around the configuration of your platform, rather than the things that you've pulled in. There's some good advice there that allows you to prioritize whether something is important or just worrying. That's very helpful."
"A main feature of Snyk is that when you go with SCA, you do get properly done security composition, also from the licensing and open-source parameters perspective. A lot of companies often use open-source libraries or frameworks in their code, which is a big security concern. Snyk deals with all the things and provides you with a proper report about whether any open-source code or framework that you are using is vulnerable. In that way, Snyk is very good as compared to other tools."
"The vulnerability management itself is the most valuable feature as well as references to the mitigation techniques."
"The price of Tenable.io Vulnerability Management is reasonable as it is ten times cheaper than other options."
"One of the most valuable features of Tenable.io Vulnerability Management is its exportability, which allows us to conduct risk assessments efficiently."
"It is pretty stable. I would rate it nine or maybe ten."
"The interface is fine."
"The most valuable feature for me is container scanning because I am interested in CICD security."
"The solution provides seamlessness, a perfect UI, and identity management for office operations. We are most vulnerable to users. Therefore, it is crucial to implement the right solution to ensure proper user access and resource management."
"The solution is quite friendly."
"They need to improve the Snyk plugins and make it easier to make your optimizations based on your own needs or features."
"Scalability has some issues because we have a lot of code and its use is mandatory. Therefore, it can be slow at times, especially because there are a lot of projects and reporting. Some UI improvements could help with this."
"It would be great if they can include dynamic, interactive, and run-time scanning features. Checkmarx and Veracode provide dynamic, interactive, and run-time scanning, but Snyk doesn't do that. That's the reason there is more inclination towards Veracode, Checkmarx, or AppScan. These are a few tools available in the market that do all four types of scanning: static, dynamic, interactive, and run-time."
"The log export function could be easier when shipping logs to other platforms such as Splunk."
"Could include other types of security scanning and statistical analysis"
"I would like to give further ability to grouping code repositories, in such a way that you could group them by the teams that own them, then produce alerting to those teams. The way that we are seeing it right now, the alerting only goes to a couple of places. I wish we could configure the code to go to different places."
"There is always more work to do around managing the volume of information when you've got thousands of vulnerabilities. Trying to get those down to zero is virtually impossible, either through ignoring them all or through fixing them. That filtering or information management is always going to be something that can be improved."
"Because Snyk has so many integrations and so many things it can do, it's hard to really understand all of them and to get that information to each team that needs it... If there were more self-service, perhaps tutorials or overviews for new teams or developers, so that they could click through and see things themselves, that would help."
"More flexibility is required compared to other solutions."
"The solution’s pricing could be improved."
"They've been able to think about everything in terms of where the world is going and the type of assets that you've got. They've everything sorted out in that aspect, but you have to pay for most of the other components that they've got to give you complete visibility across your tech surface. If it already had those capabilities in-built, without having to add them on to take advantage of them, it would be a very compelling value proposition."
"The shortcoming of the solution that needs improvement is related to its capability to do vulnerability assessments on applications."
"The one drawback that we have found is the reports."
"It can have more integration."
"Tenable.io Vulnerability Management could be improved with an increased number of dashboards and MSSP integration."
"The UI has room for improvement."
More Tenable Vulnerability Management Pricing and Cost Advice →
Snyk is ranked 4th in Application Security Tools with 41 reviews while Tenable Vulnerability Management is ranked 2nd in Vulnerability Management with 39 reviews. Snyk is rated 8.2, while Tenable Vulnerability Management is rated 8.2. The top reviewer of Snyk writes "Performs software composition analysis (SCA) similar to other expensive tools". On the other hand, the top reviewer of Tenable Vulnerability Management writes "Discovers vulnerabilities and integrates well with other solutions". Snyk is most compared with SonarQube, Black Duck, GitHub Advanced Security, Fortify Static Code Analyzer and Veracode, whereas Tenable Vulnerability Management is most compared with Tenable Security Center, Tenable Nessus, Qualys VMDR, Amazon Inspector and Armis.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.