We performed a comparison between Snyk and Trend Micro Cloud One based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Snyk is highly regarded for its developer-friendly approach, seamless integration, and ability to automatically generate pull requests. It particularly shines in software composition analysis and supports container usage. Trend Micro Cloud One is praised for its extensive range of features, strong vulnerability protection, and real-time server security. Snyk users say the solution could improve in terms of compatibility and reporting while expanding its vulnerability database. Trend Micro Cloud One should focus on providing equal support for AWS and Azure and enhance its automation capabilities.
Service and Support: Reviewers say Snyk should overhaul how it organizes and prioritizes requests. Trend Micro Cloud One was commended for its exceptional and easily accessible technical support. Users value the expertise and knowledge of the Trend Micro team.
Ease of Deployment: Most Snyk users found the setup process uncomplicated, but some needed professional guidance. Difficulties arose when collaborating with multiple developers and integrating Snyk with specific tools. Some found Trend Micro Cloud One easy to set up, while others found it complicated. It could pose challenges for individuals without a background in IT or information security. The deployment time varied depending on the complexity of the system.
Pricing: Snyk has a higher setup cost than other solutions, while Trend Micro Cloud One falls in the middle. Snyk offers a free open-source version, whereas additional services for Trend Micro Cloud One come at an added cost. The view of Trend Micro Cloud One's pricing is generally positive.
ROI: Snyk provides a budget-friendly option for detecting vulnerabilities in open-source software, which may offset yearly subscription costs. Trend Micro Cloud One offers a versatile return on investment and smooth integration without any reported issues.
Comparison Results: Snyk emerges as the favored choice compared to Trend Micro Cloud One. Users like Snyk's developer-oriented approach and valuable functionalities like automatic pull requests and software composition analysis. They also highlight its compatibility with containers and accurate identification of security vulnerabilities. Trend Micro Cloud One users want more automation and a more comprehensive feature set.
"The user interface is well-designed and easy to navigate."
"PingSafe can integrate all your cloud accounts and resources you create in the AWS account, We have set it up to scan the AWS transfer services, EC2, security groups, and GitHub."
"Our previous product took a lot of man hours to manage. Once we got Singularity Cloud Workload Security, it freed up our time to work on other tasks."
"PingSafe offers an intuitive user interface that lets us navigate quickly and easily."
"It used to guide me about an alert. There is something called an alert guide. I used to click on the alert guide, and I could read everything. I could read about the alert and how to resolve it. I used to love that feature."
"Cloud Native Security offers a valuable tool called an offensive search engine."
"The offensive security where they do a fix is valuable. They go to a misconfiguration and provide detailed alerts on what could be there. They also provide a remediation feature where if we give the permission, they can also go and fix the issue."
"It is very straightforward. It is not complicated. For the information that it provides, it does a pretty good job."
"The code scans on the source code itself were valuable."
"It is easy for developers to use. The documentation is clear as well as the APIs are good and easily readable. It's a good solution overall."
"The CLI feature is quite useful because it gives us a lot of flexibility in what we want to do. If you use the UI, all the information is there and you can see what Snyk is showing you, but there is nothing else that you can change. However, when you use the CLI, then you can use commands and can get the output or response back from Snyk. You can also take advantage of that output in a different way. For the same reason, we have been using the CLI for the hard gate in the pipeline: Obtain a particular CDSS score for vulnerability. Based on that information, we can then decide if we want to block or allow the build. We have more flexibility if we use the CLI."
"Provides clear information and is easy to follow with good feedback regarding code practices."
"The most valuable feature of Snyk is the software composition analysis."
"It has a nice dashboard where I can see all the vulnerabilities and risks that they provided. I can also see the category of any risk, such as medium, high, and low. They provide the input priority-wise. The team can target the highest one first, and then they can go to medium and low ones."
"The most valuable features include enriched information around the vulnerabilities for better triaging, in terms of the vulnerability layer origin and vulnerability tree."
"Its reports are nice and provide information about the issue as well as resolution. They also provide a proper fix. If there's an issue, they provide information in detail about how to remediate that issue."
"The storage and computing features are valuable."
"Detection response and cloud conformity are valuable features."
"I like the conformity and workload security modules. Workload security is all about intrusion detection and prevention. Trend Vision One - Cloud Security has behavioral rules that are auto-populated based on organizational structure. That's one aspect that we liked most."
"The most valuable features are intrusion prevention and anti-malware capabilities."
"I really like Trend Vision One - Cloud Security's dashboard."
"The most valuable part of Trend Vision One - Cloud Security is its dashboard, as it's simple. It's easy to manage, and you can better control the solution."
"Trend Vision One - Cloud Security's best features are security analysis, remote access security, and driver security."
"Virtual patching is one of the key features, which is executed with their IPS."
"For vulnerabilities, they are showing CVE ID. The naming convention should be better so that it indicates the container where a vulnerability is present. Currently, they are only showing CVE ID, but the same CVE ID might be present in multiple containers. We would like to have the container name so that we can easily fix the issue."
"PingSafe takes four to five hours to detect and highlight an issue, and that time should be reduced."
"The alerting system of the product is an area that I look at and sometimes get confused about. I feel the alerting feature needs improvement."
"One of the issues with the product stems from the fact that it clubs different resources under one ticket."
"There is a bit of a learning curve for new users."
"The Automation tab is an add-on that doesn’t work properly. They provide a list of scripts that don’t work and I have asked support to assist but they won’t help. When running on various endpoints the script doesn’t work and if it does, it’s only a couple. There are a lot of useful scripts that would be beneficial to run forensics, event logs, and process lists running on the endpoint."
"There is no break-glass account feature. They should implement this as soon as possible because we can't implement SSO without a break-glass feature."
"PingSafe is an excellent CSPM tool, but the CWPP features need to improve, and there is a scope for more application security posture management features. There aren't many ASPM solutions on the market, and existing ones are costly. I would like to see PingSafe develop into a single pane of glass for ASPM, CSPM, and CWPP. Another feature I'd like to see is runtime protection."
"We would like to have upfront knowledge on how easy it should be to just pull in an upgraded dependency, e.g., even introduce full automation for dependencies supposed to have no impact on the business side of things. Therefore, we would like some output when you get the report with the dependencies. We want to get additional information on the expected impact of the business code that is using the dependency with the newer version. This probably won't be easy to add, but it would be helpful."
"The log export function could be easier when shipping logs to other platforms such as Splunk."
"I would like to give further ability to grouping code repositories, in such a way that you could group them by the teams that own them, then produce alerting to those teams. The way that we are seeing it right now, the alerting only goes to a couple of places. I wish we could configure the code to go to different places."
"For the areas that they're new in, it's very early stages for them. For example, their expertise is in looking at third-party components and packages, which is their bread-and-butter and what they've been doing for ages, but for newer features such as static analysis I don't think they've got compatibility for all the languages and frameworks yet."
"The tool should provide more flexibility and guidance to help us fix the top vulnerabilities before we go into production."
"We use Bamboo for CI.CD, and we had problems integrating Snyk with it. Ultimately, we got the two solutions to work together, but it was difficult."
"Basically the licensing costs are a little bit expensive."
"The product is very expensive."
"The firewall configuration should have been automated based on the understanding of the application, utilities, and protocols."
"The dashboard should be a bit more intuitive."
"One area for improvement in Trend Vision One - Cloud Security is marketing; in particular, Trend Vision should update the marketing documentation. The information needs to be more comprehensive."
"Documentation on cloud architecture and job architecture would be helpful."
"Securing S3 using Trend Vision One - Cloud Security can cost too much. Trend Vision One - Cloud Security has a tool that requires lots of privileges. From my understanding, it's only for static application testing, so they need to add dynamic application testing, and there should be more collaboration with the application testing tools on the market. We have not used this product, and I don't know if they plan to decommission it or something. They should focus on application security because this tool's unique feature is multi-cloud support. However, they should improve integration with tools for these kinds of use cases, especially application security and dynamic scanning. For example, I would like it to support Dell SecureOps. I'd also like to see some enhancements to API gateway security."
"Trend Vision One - Cloud Security seems to have a preference for AWS Cloud over Azure and would be improved by focusing equally on both."
"They should provide a way for users to see violations for specific compliance."
"The licensing model could be improved. To gain full coverage, you need to spend more to buy subscriptions for each kind of service they offer. It will start to be pricey if you want full coverage."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
More Trend Vision One - Cloud Security Pricing and Cost Advice →
Snyk is ranked 4th in Application Security Tools with 41 reviews while Trend Vision One - Cloud Security is ranked 13th in Application Security Tools with 17 reviews. Snyk is rated 8.2, while Trend Vision One - Cloud Security is rated 8.6. The top reviewer of Snyk writes "Performs software composition analysis (SCA) similar to other expensive tools". On the other hand, the top reviewer of Trend Vision One - Cloud Security writes "We can quickly deploy cloud conformity, provides good visibility, and control". Snyk is most compared with SonarQube, Black Duck, GitHub Advanced Security, Fortify Static Code Analyzer and Veracode, whereas Trend Vision One - Cloud Security is most compared with Microsoft Defender for Cloud, AWS GuardDuty, Check Point Harmony Email & Collaboration, Prisma Cloud by Palo Alto Networks and AWS Security Hub. See our Snyk vs. Trend Vision One - Cloud Security report.
See our list of best Application Security Tools vendors and best Container Security vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.