We performed a comparison between Snyk and Trend Micro Deep Security based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."The solution's Open Source feature gives us notifications and suggestions regarding how to address vulnerabilities."
"The most valuable features are their GitLab and JIRA integrations. The GitLab integration lets us pull projects in pretty easily, so that it's pretty minimal for developers to get it set up. Using the JIRA integration, it's also pretty easy to get the information that is generated, as a result of that GitLab integration, back to our teams in a non-intrusive way and in a workflow that we are already using."
"Snyk has given us really good results because it is fully automated. We don't have to scan projects every time to find vulnerabilities, as it already stores the dependencies that we are using. It monitors 24/7 to find out if there are any issues that have been reported out on the Internet."
"A main feature of Snyk is that when you go with SCA, you do get properly done security composition, also from the licensing and open-source parameters perspective. A lot of companies often use open-source libraries or frameworks in their code, which is a big security concern. Snyk deals with all the things and provides you with a proper report about whether any open-source code or framework that you are using is vulnerable. In that way, Snyk is very good as compared to other tools."
"The CLI feature is quite useful because it gives us a lot of flexibility in what we want to do. If you use the UI, all the information is there and you can see what Snyk is showing you, but there is nothing else that you can change. However, when you use the CLI, then you can use commands and can get the output or response back from Snyk. You can also take advantage of that output in a different way. For the same reason, we have been using the CLI for the hard gate in the pipeline: Obtain a particular CDSS score for vulnerability. Based on that information, we can then decide if we want to block or allow the build. We have more flexibility if we use the CLI."
"The most valuable feature is that they add a lot of their own information to the vulnerabilities. They describe vulnerabilities and suggest their own mitigations or version upgrades. The information was the winning factor when we compared Snyk to others. This is what gave it more impact."
"It has a nice dashboard where I can see all the vulnerabilities and risks that they provided. I can also see the category of any risk, such as medium, high, and low. They provide the input priority-wise. The team can target the highest one first, and then they can go to medium and low ones."
"There are many valuable features. For example, the way the scanning feature works. The integration is cool because I can integrate it and I don't need to wait until the CACD, I can plug it in to our local ID, and there I can do the scanning. That is the part I like best."
"For day-to-day efficiency, it provides a good dashboard, so our team can be active 24/7 instead of doing a lot of manual stuff. We just look at the dashboard, and it's all done."
"The initial setup was straightforward."
"Patch management is most valuable. The major selling point of Deep Security is that it is based on the cloud. Deep Security is for the servers and databases of data centers, and generally, for patch management, you have to shut down the machines, and then you have to restart them. So, they need shutdown time, which is a cost. Big enterprises don't want to shut down their database or their data center for any kind of patch. Deep Security creates a wall and downloads all patches. You install it on the cloud. So, it saves your server from any kind of intrusion or any kind of penetration, and whenever you get a chance or time, in six, eight, or nine months, you can physically download or install all those patches in one go. So, it saves you time. It also saves your shutdown time and keeps your data center safe."
"The user interface is the most valuable feature."
"It is connected into an intelligence database and is quick to pick up new threats. It also reduces my workload with its speed and the protection that it provides."
"It helps with virtual patching and IDS fetching."
"We've found stability to be great so far."
"The initial setup was straightforward and we didn't have any problem with it."
"The reporting mechanism of Snyk could improve. The reporting mechanism is available only on the higher level of license. Adjusting the policy of the current setup of recording this report is something that can improve. For instance, if you have a certain license, you receive a rating, and the rating of this license remains the same for any use case. No matter if you are using it internally or using it externally, you cannot make the adjustment to your use case. It will always alert as a risky license. The areas of licenses in the reporting and adjustments can be improve"
"We would like to have upfront knowledge on how easy it should be to just pull in an upgraded dependency, e.g., even introduce full automation for dependencies supposed to have no impact on the business side of things. Therefore, we would like some output when you get the report with the dependencies. We want to get additional information on the expected impact of the business code that is using the dependency with the newer version. This probably won't be easy to add, but it would be helpful."
"Snyk's API and UI features could work better in terms of speed."
"The tool's initial use is complex."
"The solution could improve the reports. They have been working on improving the reports but more work could be done."
"For the areas that they're new in, it's very early stages for them. For example, their expertise is in looking at third-party components and packages, which is their bread-and-butter and what they've been doing for ages, but for newer features such as static analysis I don't think they've got compatibility for all the languages and frameworks yet."
"Compatibility with other products would be great."
"The documentation sometimes is not relevant. It does not cover the latest updates, scanning, and configurations. The documentation for some things is wrong and does not cover some configuration scannings for the multiple project settings."
"A minor issue in Trend Micro Deep Security is that once the tool is upgraded, it shows some machines as offline or not reported while showing a recent update as outdated. The tool has some server connection issues."
"As for what could be improved, I think it should come with an XDR facility without any extra cost. They're always releasing new features, but we need to pay extra for them."
"The updates for legacy systems are not rolled out frequently."
"I would rate tech support in the range of six to eight out of 10. Time to provide solution could be improved."
"We are not very happy with Trend Micro Deep Security since it is not able to detect many viruses and bugs."
"The solution could use more integration."
"There is room for improvement with Trend Micro Deep Security, as there are instances where installations may need to be redone. There seem to be glitches when working with older Windows servers, such as those from 2003 or 2005, requiring us to uninstall and reinstall the product to resolve the issue."
"In the solution, servers often go offline for various reasons, requiring us to manually check the cause or issue, such as connectivity issues, and to find out why the agent went offline."
Snyk is ranked 4th in Application Security Tools with 41 reviews while Trend Micro Deep Security is ranked 1st in Virtualization Security with 80 reviews. Snyk is rated 8.2, while Trend Micro Deep Security is rated 8.6. The top reviewer of Snyk writes "Performs software composition analysis (SCA) similar to other expensive tools". On the other hand, the top reviewer of Trend Micro Deep Security writes "Offers excellent endpoint protection and great stability ". Snyk is most compared with SonarQube, Black Duck, GitHub Advanced Security, Fortify Static Code Analyzer and Veracode, whereas Trend Micro Deep Security is most compared with Trend Micro Apex One, CrowdStrike Falcon, Microsoft Defender for Endpoint, Symantec Endpoint Security and Trellix Endpoint Security.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.