We performed a comparison between Tenable.io Container Security and Snyk based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Tenable.io Container Security excels at identifying weaknesses and misconfigurations. Snyk is commended for its scanning features and ability to generate pull requests and resolve problems automatically. Tenable.io Container Security could its auto-remediation, asset visibility, and compliance system customization. Snyk could work on improving compatibility while expanding its vulnerability database and enhancing its reporting mechanism.
Service and Support: Users say Tenable.io support is hindered by technical challenges. Some users said they value Snyk's proactive approach and the abundance of resources they provide, while others said that Snyk should rethink how their support team organizes and prioritizes requests.
Ease of Deployment: Both products are relatively easy to set up with good support from their respective teams.The setup process for Tenable.io Container Security is made easier by solid documentation. Tenable.io takes around one or two weeks to deploy on average, while Snyk's implementation process can take a couple of days or a few weeks. Integrating Snyk with different repositories or CI/CD systems is generally considered to be simple, although some users reported challenges.
Pricing: Tenable.io Container Security's cost is determined by the application's page count. Snyk's pricing is viewed as costly compared to alternative options. Nevertheless, but many users said that Snyk's pricing is justifiable for businesses, as it includes integrated features and avoids additional expenses.
ROI: Tenable.io Container Security yields an ROI by enhancing container security and averting security incidents. Snyk emphasizes economical bug resolution early in the development process, possibly resulting in a significant return on investment.
Comparison Results: Tenable.io Container Security is preferred Snyk. Users appreciate its efficient setup process, extensive vulnerability detection, and ability to identify misconfiguration. Tenable.io Container Security also offers superior technical support and a customizable compliance system. Snyk lacks some of the advanced features and support options provided by Tenable.io.
"The management console is highly intuitive to comprehend and operate."
"PingSafe offers three key features: vulnerability management notifications, cloud configuration assistance, and security scanning."
"Cloud Native Security helps us discover vulnerabilities in a cloud environment like open ports that allow people to attack our environment. If someone unintentionally opens a port, we are exposed. Cloud Native Security alerts us so we can remediate the problem. We can also automate it so that Cloud Native Security will fix it."
"The solution is a good alerting tool."
"The UI is very good."
"The cloud misconfiguration is the most valuable feature."
"The dashboard gives me an overview of all the things happening in the product, making it one of the tool's best features."
"PingSafe has a dashboard that can detect the criticality of a particular problem, whether it falls under critical, medium, or low vulnerability."
"It has improved our vulnerability rating and reduced our vulnerabilities through the tool during the time that we've had it. It's definitely made us more aware, as we have removed scoping for existing vulnerabilities and platforms since we rolled it out up until now."
"I think all the standard features are quite useful when it comes to software component scanning, but I also like the new features they're coming out with, such as container scanning, secrets scanning, and static analysis with SAST."
"Its reports are nice and provide information about the issue as well as resolution. They also provide a proper fix. If there's an issue, they provide information in detail about how to remediate that issue."
"A main feature of Snyk is that when you go with SCA, you do get properly done security composition, also from the licensing and open-source parameters perspective. A lot of companies often use open-source libraries or frameworks in their code, which is a big security concern. Snyk deals with all the things and provides you with a proper report about whether any open-source code or framework that you are using is vulnerable. In that way, Snyk is very good as compared to other tools."
"We have integrated it into our software development environment. We have it in a couple different spots. Developers can use it at the point when they are developing. They can test it on their local machine. If the setup that they have is producing alerts or if they need to upgrade or patch, then at the testing phase when a product is being built for automated testing integrates with Snyk at that point and also produces some checks."
"Snyk is a good and scalable tool."
"Our overall security has improved. We are running fewer severities and vulnerabilities in our packages. We fixed a lot of the vulnerabilities that we didn't know were there."
"I am impressed with the product's security vulnerability detection. My peers in security are praising the tool for its accuracy to detect security vulnerabilities. The product is very easy to onboard. It doesn't require a lot of preparation or prerequisites. It's a bit of a plug-and-play as long as you're using a package manager or for example, you are using a GitHub repository. And that is an advantage for this tool because developers don't want to add more tools to what they're currently using."
"Nessus scanner is very effective for internal penetration testing."
"Currently, I haven't implemented the solution due to its deprecation by the site. However, I can highlight some benefits of Tenable Cloud Security, a cybersecurity solution with various features for scanning vulnerabilities in both cloud environments and on-premises container security."
"Tenable.io detects misconfiguration when you deploy a Docker or Kubernetes container. It's much better to remedy these issues during deployment instead of waiting until the container is already in the production environment."
"The tool's most valuable feature is scanning, reporting, and troubleshooting."
"It is a scalable solution. Scalability-wise, it is a good solution."
"The strong security provided by the product in the container environment is its most valuable feature."
"It helps us secure our applications from the build phase and identify the weaknesses from scratch."
"The recommended actions aren't always specific, so it might suggest recommendations that don't apply to the particular infrastructure code I'm reviewing."
"We are getting reports only in a predefined form. I would like to have customized reports so that I can see how many issues are open or closed today or in two weeks."
"They need more experienced support personnel."
"The cost has the potential for improvement."
"When you find a vulnerability and resolve it, the same issue will not occur again. I want PingSafe to block the same vulnerability from appearing again. I want something like a playbook where the steps that we take to resolve an issue are repeated when that issue happens again."
"The could improve their mean time to detect."
"PingSafe is an excellent CSPM tool, but the CWPP features need to improve, and there is a scope for more application security posture management features. There aren't many ASPM solutions on the market, and existing ones are costly. I would like to see PingSafe develop into a single pane of glass for ASPM, CSPM, and CWPP. Another feature I'd like to see is runtime protection."
"There's an array of upcoming versions with numerous features to be incorporated into the roadmap. Customers particularly appreciate the service's emphasis on intensive security, especially the secret scanning aspect. During the proof of concept (POC) phase, the system is required to gather logs from the customer's environment. This process entails obtaining specific permissions, especially in terms of gateway access. While most permissions for POC are manageable, the need for various permissions may need improvement, especially in the context of security."
"It can be improved from the reporting perspective and scanning perspective. They can also improve it on the UI front."
"The log export function could be easier when shipping logs to other platforms such as Splunk."
"One area where Snyk could improve is in providing developers with the line where the error occurs."
"There is always more work to do around managing the volume of information when you've got thousands of vulnerabilities. Trying to get those down to zero is virtually impossible, either through ignoring them all or through fixing them. That filtering or information management is always going to be something that can be improved."
"The solution could improve the reports. They have been working on improving the reports but more work could be done."
"The tool should provide more flexibility and guidance to help us fix the top vulnerabilities before we go into production."
"It would be great if they can include dynamic, interactive, and run-time scanning features. Checkmarx and Veracode provide dynamic, interactive, and run-time scanning, but Snyk doesn't do that. That's the reason there is more inclination towards Veracode, Checkmarx, or AppScan. These are a few tools available in the market that do all four types of scanning: static, dynamic, interactive, and run-time."
"The documentation sometimes is not relevant. It does not cover the latest updates, scanning, and configurations. The documentation for some things is wrong and does not cover some configuration scannings for the multiple project settings."
"The initial setup is highly complex."
"The stability and setup phase of the product are areas with shortcomings where improvements are needed."
"I believe integration plays a crucial role for Tenable, particularly in terms of connecting with other products and various container solutions like Docker or Kubernetes. It seems that in future updates, enhanced integration is something I would appreciate. Currently, there is integration with Docker, but when it comes to Kubernetes or other container solutions, it appears to be a challenge, especially with on-prem scanners."
"The support is tricky to reach, so we would like better-oriented technical support enabled."
"They need to work on auto-remediation so it's easier for the security team to act quickly when certain assets or resources are deployed. The latest version has a CIS benchmark that you need to meet for containers in the cloud, but more automation is needed."
"Tenable.io Container Security should improve integration modules. It should also improve stability."
"I feel that in certain areas this product has false positives which the company should work on. They should also try to include business logic vulnerabilities in the scanner testing. Finally, the vulnerability assessment feature should be increased to other hardware devices, apart from firewalls."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
More Tenable.io Container Security Pricing and Cost Advice →
Snyk is ranked 5th in Container Security with 41 reviews while Tenable.io Container Security is ranked 21st in Container Security with 7 reviews. Snyk is rated 8.2, while Tenable.io Container Security is rated 7.8. The top reviewer of Snyk writes "Performs software composition analysis (SCA) similar to other expensive tools". On the other hand, the top reviewer of Tenable.io Container Security writes "It helps you catch misconfigurations before they go into a production environment where they're harder to deal with". Snyk is most compared with SonarQube, Black Duck, GitHub Advanced Security, Fortify Static Code Analyzer and Veracode, whereas Tenable.io Container Security is most compared with Prisma Cloud by Palo Alto Networks, Aqua Cloud Security Platform, Wiz, Trivy and Red Hat Advanced Cluster Security for Kubernetes. See our Snyk vs. Tenable.io Container Security report.
See our list of best Container Security vendors.
We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.