We performed a comparison between GitHub and Snyk based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."A great feature is being able to have different repositories and different kinds of projects in a single solution at a single time. It's just a click away."
"The most valuable features of GitHub are the ease of integration into Microsoft Azure DevOps. The process that you need to deploy into Microsoft Azure becomes fairly simple and the templates are already available, a lot of the engineers find it easier to use."
"The initial setup was straightforward."
"It is really simple to set up."
"If you want to share documents, you can create articles and diagrams with GitHub and share."
"I like the CI/CD features."
"Any complex banking can be handled very easily in GitHub. It allows us to integrate with tools like Grid, where we can merge and resolve conflicts without any hassle."
"I find the most valuable collaboration between our peers to be a seamless collaboration between our peers. We can connect and change our code, allowing us to be agile in our projects. Since we're talking about DevOps, we're using Jenkins in our pipeline. It helps speed up the process by automating the DevOps workflow."
"Snyk performs software composition analysis (SCA) similar to other expensive tools."
"The advantage of Snyk is that Snyk automatically creates a pull request for all the findings that match or are classified according to the policy that we create. So, once we review the PR within Snyk and we approve the PR, Snyk auto-fixes the issue, which is quite interesting and which isn't there in any other product out there. So, Snyk is a step ahead in this particular area."
"Snyk helps me pinpoint security errors in my code."
"The most valuable feature is that they add a lot of their own information to the vulnerabilities. They describe vulnerabilities and suggest their own mitigations or version upgrades. The information was the winning factor when we compared Snyk to others. This is what gave it more impact."
"We use Snyk to check vulnerabilities and rectify potential leaks in GitHub."
"The solution has great features and is quite stable."
"I think all the standard features are quite useful when it comes to software component scanning, but I also like the new features they're coming out with, such as container scanning, secrets scanning, and static analysis with SAST."
"Provides clear information and is easy to follow with good feedback regarding code practices."
"I would want to see some form of code security scanning implemented."
"We would like this solution to have a more user-friendly interface."
"They're improving the work items to track the progress of the team, but in my experience, Azure DevOps is better in this functionality. GitHub needs to improve the form to track the progress of the work done by a team."
"I think it would be valuable to have more security. Some of the data is very open to everyone."
"While using the solution when merging two code branches the code becomes a bit messy. This should be improved in the future."
"The solution needs some more controls for deleting code."
"I decided not to use GitHub but developed my tool because I found it more efficient. I'm familiar with my tools, making them easier to use. I like being able to customize them to fit my workflow and the way I think.. Software development is like a personal workshop, and I tailor my version control to match my approach."
"The project management sector really needs some improvement for GitHub. I don't know if GitHub made sense for me as a project manager."
"We would like to have upfront knowledge on how easy it should be to just pull in an upgraded dependency, e.g., even introduce full automation for dependencies supposed to have no impact on the business side of things. Therefore, we would like some output when you get the report with the dependencies. We want to get additional information on the expected impact of the business code that is using the dependency with the newer version. This probably won't be easy to add, but it would be helpful."
"Snyk's API and UI features could work better in terms of speed."
"We have seen cases where tools didn't find or recognize certain dependencies. These are known issues, to some extent, due to the complexity in the language or stack that you using. There are some certain circumstances where the tool isn't actually finding what it's supposed to be finding, then it could be misleading."
"A feature we would like to see is the ability to archive and store historical data, without actually deleting it. It's a problem because it throws my numbers off. When I'm looking at the dashboard's current vulnerabilities, it's not accurate."
"Generating reports and visibility through reports are definitely things they can do better."
"We've also had technical issues with blocking newly introduced vulnerabilities in PRs and that was creating a lot of extra work for developers in trying to close and reopen the PR to get rid of some areas. We ended up having to disable that feature altogether because it wasn't really working for us and it was actually slowing down developer velocity."
"The tool's initial use is complex."
"The solution's integration with JFrog Artifactory could be improved."
GitHub is ranked 9th in Application Security Tools with 74 reviews while Snyk is ranked 4th in Application Security Tools with 41 reviews. GitHub is rated 8.6, while Snyk is rated 8.2. The top reviewer of GitHub writes "Beneficial version control and continuous integration, but guides would be helpful". On the other hand, the top reviewer of Snyk writes "Performs software composition analysis (SCA) similar to other expensive tools". GitHub is most compared with AWS CodeCommit, Fortify on Demand, Bitbucket, Atlassian SourceTree and Checkmarx One, whereas Snyk is most compared with SonarQube, Black Duck, GitHub Advanced Security, Fortify Static Code Analyzer and Mend.io. See our GitHub vs. Snyk report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.