• Home
  • Snyk vs. Tenable Nessus

Snyk vs Tenable Nessus comparison

Cancel
You must select at least 2 products to compare!
Snyk Logo
Snyk
Read 41 Snyk reviews
18,759 views|13,243 comparisons
100% willing to recommend
Tenable Logo
Tenable Nessus
Read 75 Tenable Nessus reviews
11,521 views|8,491 comparisons
98% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Application Security Tools
April 2024
Executive Summary

We performed a comparison between Snyk and Tenable Nessus based on real PeerSpot user reviews.

Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools.
To learn more, read our detailed Application Security Tools Report (Updated: April 2024).
Download the complete report
770,292 professionals have used our research since 2012.
Featured Review
Anonymous User
A stable and affordable solution that offers exceptional technical support to its users
Snyk is a strong security solution that helps customers analyze static code and improve their security and code in their main application.
Bryan Evans
Useful vulnerability detection, highly scalable, and good support
Tenable Nessus allows us to keep up on fixing the vulnerabilities that are either being exploited in the wild or the ones that we find most critical.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"It has improved our vulnerability rating and reduced our vulnerabilities through the tool during the time that we've had it. It's definitely made us more aware, as we have removed scoping for existing vulnerabilities and platforms since we rolled it out up until now.""I think all the standard features are quite useful when it comes to software component scanning, but I also like the new features they're coming out with, such as container scanning, secrets scanning, and static analysis with SAST.""Our customers find container scans most valuable. They are always talking about it.""Its reports are nice and provide information about the issue as well as resolution. They also provide a proper fix. If there's an issue, they provide information in detail about how to remediate that issue.""Snyk categorizes the level of vulnerability into high, medium, and low, which helps organizations prioritize which issues to tackle first.""There are many valuable features. For example, the way the scanning feature works. The integration is cool because I can integrate it and I don't need to wait until the CACD, I can plug it in to our local ID, and there I can do the scanning. That is the part I like best.""It has a nice dashboard where I can see all the vulnerabilities and risks that they provided. I can also see the category of any risk, such as medium, high, and low. They provide the input priority-wise. The team can target the highest one first, and then they can go to medium and low ones.""The solution has great features and is quite stable."

More Snyk Pros →

"Nessus is good at finding out what nodes you have in place. It will then provide you a report, by node, of what the vulnerabilities are. It does it quickly and stealthfully.""The most valuable feature of Tenable Nessus is the self-updating engine.""Its initial setup was simple and straightforward.""The solution is the most dynamic one I have seen thus far.""Tenable Nessus is one of the best vulnerability assessment tools, that I know.""The vulnerability scanner is the most valuable feature.""The scanning capabilities are most valuable when compared to Nessus.""The reports are pretty nice and easy to understand."

More Tenable Nessus Pros →

Cons
"It can be improved from the reporting perspective and scanning perspective. They can also improve it on the UI front.""The solution's integration with JFrog Artifactory could be improved.""Scalability has some issues because we have a lot of code and its use is mandatory. Therefore, it can be slow at times, especially because there are a lot of projects and reporting. Some UI improvements could help with this.""We were using Microsoft Docker images. It was reporting some vulnerabilities, but we were not able to figure out the fix for them. It was reporting some vulnerabilities in the Docker images given by Microsoft, which were out of our control. That was the only limitation. Otherwise, it was good.""The feature for automatic fixing of security breaches could be improved.""The tool's initial use is complex.""The tool should provide more flexibility and guidance to help us fix the top vulnerabilities before we go into production.""The log export function could be easier when shipping logs to other platforms such as Splunk."

More Snyk Cons →

"We would like to have the option of using the solution for the cloud as well as on-premises with the same license at the same time. That would be very helpful.""The report for counters is too simple and would be improved by a dashboard.""The professional version is not very scalable.""Lacks some penetration testing-related services.""It would be better if they had application-level support for mobile devices. They don't have anything to scan mobile devices. Tenable Nessus doesn't have a mobile application vulnerability assessment. I also have issues with the false positive rates. The product has limited features.""Online learning could be a bit better.""Consumes more system resources when it's running.""I would like to see an improvement in the ranking of high, medium and low vulnerability."

More Tenable Nessus Cons →

Pricing and Cost Advice
  • "It's inexpensive and easy to license. It comes in standard package sizing, which is straightforward. This information is publicly found on their website."
  • "We do have some missing licenses issues, especially with non-SPDX compliant one, but we expect this to be fixed soon"
  • "You can get a good deal with Snyk for pricing. It's a little expensive, but it is worth it."
  • "Their licensing model is fairly robust and scalable for our needs. I believe we have reached a reasonable agreement on the licensing to enable hundreds of developers to participate in this product offering. The solution is very tailored towards developers and its licensing model works well for us."
  • "The price is good. Snyk had a good price compared to the competition, who had higher pricing than them. Also, their licensing and billing are clear."
  • "It's good value. That's the primary thing. It's not cheap-cheap, but it's good value."
  • "With Snyk, you get what you pay for. It is not a cheap solution, but you get a comprehensiveness and level of coverage that is very good. The dollars in the security budget only go so far. If I can maximize my value and be able to have some funds left over for other initiatives, I want to do that. That is what drives me to continue to say, "What's out there in the market? Snyk's expensive, but it's good. Is there something as good, but more affordable?" Ultimately, I find we could go cheaper, but we would lose the completeness of vision or scope. I am not willing to do that because Snyk does provide a pretty important benefit for us."
  • "Snyk is a premium-priced product, so it's kind of expensive. The big con that I find frustrating is when a company charges extra for single sign-on (SSO) into their SaaS app. Snyk is one of the few that I'm willing to pay that add-on charge, but generally I disqualify products that charge an extra fee to do integrated authentication to our identity provider, like Okta or some other SSO. That is a big negative. We had to pay extra for that. That little annoyance aside, it is expensive. You get a lot out of it, but you're paying for that premium."

    • More Snyk Pricing and Cost Advice →

  • "The pricing is much more manageable versus other products."
  • "The price of Tenable Nessus is much more competitive versus other solutions on the market."
  • "I think the price is fairly affordable. It provides a license that is fair."
  • "Nowadays, your vulnerability applications are going to be kind of pricey because lots of them, including Rapid7, are based upon a base price, but then they add in the nodes. That's where they get you. If you're a big network, obviously, you need to scan everything. Therefore, it's going to be costly. The risk and insurance money associated with having ransomware on my networks is going to cost me more money, time, and marketing than the price of the tool. That's why I'm speaking only as an information security officer to security operations. This is the tool that is there in my toolbox to say whether we vulnerable or not. At this point, I don't care about how much it costs my company to have it because if I wasn't able to report it and we got ransomware, then who cares? I'm probably going to be out of business because it happened. That's why I don't care about the price. I have it, and I could use it effectively and do my report. At the end of the day, even if we get ransomware, as long as I reported it, followed my protocol, and put in the change, irrespective of whether it was ignored or denied, I did my job."
  • "We pay approximately $2,500 on a yearly basis."
  • "We have a subscription, the licensing fees are paid yearly, and I am using the latest version."
  • "We incurred a single cost for a perpetual license, although I cannot comment on the price as this is above my management level."
  • "The price is reasonable."

    • More Tenable Nessus Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
    See Recommendations
    770,292 professionals have used our research since 2012.
    Questions from the Community
    How does Snyk compare with SonarQube?
    Top Answer:Snyk does a great job identifying and reducing vulnerabilities. This solution is fully automated and monitors 24/7 to find any issues reported on the internet. It will store dependencies that you are… more »
    What do you like most about Snyk?
    Top Answer:The most effective feature in securing project dependencies stems from its ability to highlight security vulnerabilities.
    Read all 39 answers   →
    What needs improvement with Snyk?
    Top Answer:I don't use Snyk anymore. The tool is just used in our company, but not by me anymore. It is important that the solution has the ability to match up with the OWASP Top 10 list, especially considering… more »
    Read all 39 answers   →
    How would you choose between Rapid7 InsightVM and Tenable Nessus?
    Top Answer:You have full visibility across cloud, network, virtual, and containerized infrastructures with Rapid7 Insight VM. You can easily prioritize vulnerabilities using attacker analytics. Overall, Rapid7… more »
    Read all 2 answers   →
    What's the difference between Tenable Nessus and Tenable.io Vulnerability...
    Top Answer: Tenable Nessus is a vulnerability assessment solution that is both easy to deploy and easy to manage. The design of the program is such that if a company should desire to handle the installation… more »
    Read all 2 answers   →
    What do you like most about Tenable Nessus?
    Top Answer:We have around 500 virtual machines. Therefore, we conduct monthly scans and open tickets for our developers to address identified vulnerabilities. These scans cover the servers, other network… more »
    Read all 53 answers   →
    Ranking
    4th
    out of 74 in Application Security Tools
    Views
    18,759
    Comparisons
    13,243
    Reviews
    18
    Average Words per Review
    550
    Rating
    7.9
    3rd
    out of 111 in Vulnerability Management
    Views
    11,521
    Comparisons
    8,491
    Reviews
    29
    Average Words per Review
    429
    Rating
    8.4
    Comparisons
    Learn More
    Snyk
    Tenable
    Overview

    Snyk is a user-friendly security solution that enables users to safely develop and use open source code. Users can create automatic scans that allow them to keep a close eye on their code and prevent bad actors from exploiting vulnerabilities. This enables users to find and remove vulnerabilities soon after they appear.

    Benefits of Snyk

    Some of the benefits of using Snyk include:

    • Conserves resources: Snyk easily integrates with other security solutions and uses their security features to ensure that the work that users are doing is completely secure. These integrations allow them to protect themselves without pulling resources from their continued integration or continued delivery workflows. Resources can be conserved for areas of the greatest need.
    • Highly flexible: Snyk enables users to customize the system’s security automation features to meet their needs. Users can guarantee that the automation performs the functions that are most essential for their current project. Additionally, users are able to maintain platform governance consistency across their system.
    • Keeps users ahead of emerging threats. Snyk employs a database of threats that help it detect and keep track of potential issues. This database is constantly being updated to reflect the changes that take place in the realm of cybersecurity. It also uses machine learning. Users are prepared to deal with new issues as they arise.
    • Automatically scans projects for threats. Snyk’s command-line interface enables users to schedule the solution to run automatic scans of their projects. Time and manpower can be conserved for the areas of greatest need without sacrificing security.

    Reviews from Real Users

    Snyk is a security platform for developers that stands out among its competitors for a number of reasons. Two major ones are its ability to integrate with other security solutions and important insights that it can enable users to discover. Snyk enables users to combine its already existing security features with those of other solutions to create far more robust and flexible layers of security than what it can supply on its own. It gives users the ability to dig into the security issues that they may experience. Users are given a clear view of the root causes of these problems. This equips them to address the problem and prevent similar issues in the future.

    Cameron G., a security software engineer at a tech company, writes, “The most valuable features are their GitLab and JIRA integrations.The GitLab integration lets us pull projects in pretty easily, so that it's pretty minimal for developers to get it set up. Using the JIRA integration, it's also pretty easy to get the information that is generated, as a result of that GitLab integration, back to our teams in a non-intrusive way and in a workflow that we are already using. Snyk is something of a bridge that we use; we get our projects into it and then get the information out of it. Those two integrations are crucial for us to be able to do that pretty simply.”

    Sean M., the chief information security officer of a technology vendor, writes, "From the software composition analysis perspective, it first makes sure that we understand what is happening from a third-party perspective for the particular product that we use. This is very difficult when you are building software and incorporating dependencies from other libraries, because those dependencies have dependencies and that chain of dependencies can go pretty deep. There could be a vulnerability in something that is seven layers deep, and it would be very difficult to understand that is even affecting us. Therefore, Snyk provides fantastic visibility to know, "Yes, we have a problem. Here is where it ultimately comes from." It may not be with what we're incorporating, but something much deeper than that."

    Tenable Nessus is a vulnerability management solution that aims to empower organizations to be aware of threats that both they and their customers face. It is the most deployed scanner in the vulnerability management industry. Organizations that use this product have access to the largest continuously updated global library of vulnerability and configuration checks. They can stay ahead of threats that Tenable Nessus’s competitors may be unable to spot. Additionally, Tenable Nessus supports a greater number of technologies than its competitors.

    Tenable Nessus Benefits

    Some of the ways that organizations can benefit by deploying Tenable Nessus include:

    • Ease of use. Tenable Nessus is designed with security administrators in mind. It is built so that users can manipulate it intuitively without having to undergo special systems training. Users can create security policies with the greatest level of ease and can initiate scans of their entire networks with only a few clicks.
    • Support and resources. Tenable Nessus has both a support system of clarification resources and technical support for users to rely on. The solution has a resource center that contains guides and tips that can clarify things that confuse users and can aid them in gaining the maximum level of value. Additionally, users can reach out to Tenable Nessus’s technical support team, which is available around the clock and is reachable via a number of methods. This makes it simple for users to get help if they need it.
    • Reduction of threat vectors. Tenable Nessus provides users with the ability to reduce the number of potential threat vectors that a hacker can exploit. It enables users to find where the vulnerabilities in their networks are so their security won’t be compromised. They can then quickly address those weak points and head off issues before any have the chance to arise.

    Tenable Nessus Features

    • Report customization. Tenable Nessus enables users to customize the security reports that their system produces. They are able to set Tenable Nessus to generate reports that contain the information that is most relevant to their business objectives. Users can also utilize these report customization capabilities to customize the formats of their reports.
    • Vulnerability triage capability. Included in the Tenable Nessus security suite is a feature that enables users to conduct a triage of their vulnerabilities. The solution can apply one of five ratings to vulnerabilities that it detects. This makes it possible for organizations to work on addressing issues by order of severity.
    • Scaling. Tenable Nessus can scale to meet an organization’s needs by migrating the network that it is connected to, to other Tenable solutions. Users can scale up their systems as their security demands increase. It is capable of reaching hundreds of thousands of systems.

    Reviews from Real Users

    Tenable Nessus is a solution that stands out when compared to many of its competitors. Two major advantages it offers are its ease of use and its vulnerability scanning feature.

    Rallis F., the principal security architect at a technology vendor, writes, “The ease of use is the primary valuable feature. This specific version is very straightforward. I like the ability to modify it and configure it based on the different policies.”

    Sandip D., a cyber security expert at Birlasoft India Ltd, writes, “The vulnerability scanner is the most valuable feature. It's an important feature for us. We use the plugin output for that. It shows us the exact version of Nessus and what is needed for remediation. Based on that, we decide what should be remediated first to get the best result for security.”

    Sample Customers
    StartApp, Segment, Skyscanner, DigitalOcean, Comic Relief
    Bitbrains, Tesla, Just Eat, Crosskey Banking Solutions, Covenant Health, Youngstown State University
    Top Industries
    REVIEWERS
    Computer Software Company39%
    Financial Services Firm22%
    Individual & Family Service6%
    Comms Service Provider6%
    VISITORS READING REVIEWS
    Computer Software Company15%
    Financial Services Firm15%
    Manufacturing Company8%
    Insurance Company6%
    REVIEWERS
    Computer Software Company14%
    Financial Services Firm12%
    Security Firm9%
    Manufacturing Company9%
    VISITORS READING REVIEWS
    Educational Organization35%
    Computer Software Company11%
    Government7%
    Financial Services Firm7%
    Company Size
    REVIEWERS
    Small Business44%
    Midsize Enterprise22%
    Large Enterprise34%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise14%
    Large Enterprise64%
    REVIEWERS
    Small Business40%
    Midsize Enterprise22%
    Large Enterprise38%
    VISITORS READING REVIEWS
    Small Business16%
    Midsize Enterprise43%
    Large Enterprise41%
    Buyer's Guide
    Application Security Tools
    April 2024
    Download Free Report
    Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools. Updated: April 2024.
    DOWNLOAD NOW
    770,292 professionals have used our research since 2012.

    Snyk is ranked 4th in Application Security Tools with 41 reviews while Tenable Nessus is ranked 3rd in Vulnerability Management with 75 reviews. Snyk is rated 8.2, while Tenable Nessus is rated 8.4. The top reviewer of Snyk writes "Performs software composition analysis (SCA) similar to other expensive tools". On the other hand, the top reviewer of Tenable Nessus writes "Unlimited assets for one price and quick, agentless results". Snyk is most compared with SonarQube, Black Duck, GitHub Advanced Security, Fortify Static Code Analyzer and Veracode, whereas Tenable Nessus is most compared with Qualys VMDR, Rapid7 InsightVM, Tenable Security Center, Tenable Vulnerability Management and Wiz.

    We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.