We performed a comparison between Snyk and Trend Micro Deep Security based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."There are many valuable features. For example, the way the scanning feature works. The integration is cool because I can integrate it and I don't need to wait until the CACD, I can plug it in to our local ID, and there I can do the scanning. That is the part I like best."
"Snyk categorizes the level of vulnerability into high, medium, and low, which helps organizations prioritize which issues to tackle first."
"The advantage of Snyk is that Snyk automatically creates a pull request for all the findings that match or are classified according to the policy that we create. So, once we review the PR within Snyk and we approve the PR, Snyk auto-fixes the issue, which is quite interesting and which isn't there in any other product out there. So, Snyk is a step ahead in this particular area."
"The solution's vulnerability database, in terms of comprehensiveness and accuracy, is very high-level. As far as I know, it's the best among their competitors."
"The most valuable features include enriched information around the vulnerabilities for better triaging, in terms of the vulnerability layer origin and vulnerability tree."
"It has a nice dashboard where I can see all the vulnerabilities and risks that they provided. I can also see the category of any risk, such as medium, high, and low. They provide the input priority-wise. The team can target the highest one first, and then they can go to medium and low ones."
"The most valuable feature of Snyk is the software composition analysis."
"Snyk is a developer-friendly product."
"It serves its purpose and works well."
"The most valuable features are web security, email filtering, and content filtering."
"You can scale the solution to different versions."
"The integration and configuration of this product in our AWS environment was good. We haven't had any problems at all."
"The most valuable feature is the virtual patching."
"Patch management is most valuable. The major selling point of Deep Security is that it is based on the cloud. Deep Security is for the servers and databases of data centers, and generally, for patch management, you have to shut down the machines, and then you have to restart them. So, they need shutdown time, which is a cost. Big enterprises don't want to shut down their database or their data center for any kind of patch. Deep Security creates a wall and downloads all patches. You install it on the cloud. So, it saves your server from any kind of intrusion or any kind of penetration, and whenever you get a chance or time, in six, eight, or nine months, you can physically download or install all those patches in one go. So, it saves you time. It also saves your shutdown time and keeps your data center safe."
"The traceback feature in XDR is amazing. You can trace back an attack. You can playback where an attack actually occurred and see how the attacker moved. We can easily show this to management, and it makes it easy to make them understand and convince them, which is the best thing."
"Their support is good. They are responsive, which is nice."
"It would be helpful if we get a recommendation while doing the scan about the necessary things we need to implement after identifying the vulnerabilities."
"The log export function could be easier when shipping logs to other platforms such as Splunk."
"Because Snyk has so many integrations and so many things it can do, it's hard to really understand all of them and to get that information to each team that needs it... If there were more self-service, perhaps tutorials or overviews for new teams or developers, so that they could click through and see things themselves, that would help."
"Offering API access in the lower or free open-source tiers would be better. That would help our customers. If you don't have an enterprise plan, it becomes challenging to integrate with the rest of the systems. Our customers would like to have some open-source integrations in the next release."
"The reporting mechanism of Snyk could improve. The reporting mechanism is available only on the higher level of license. Adjusting the policy of the current setup of recording this report is something that can improve. For instance, if you have a certain license, you receive a rating, and the rating of this license remains the same for any use case. No matter if you are using it internally or using it externally, you cannot make the adjustment to your use case. It will always alert as a risky license. The areas of licenses in the reporting and adjustments can be improve"
"It would be great if they can include dynamic, interactive, and run-time scanning features. Checkmarx and Veracode provide dynamic, interactive, and run-time scanning, but Snyk doesn't do that. That's the reason there is more inclination towards Veracode, Checkmarx, or AppScan. These are a few tools available in the market that do all four types of scanning: static, dynamic, interactive, and run-time."
"It can be improved from the reporting perspective and scanning perspective. They can also improve it on the UI front."
"The documentation sometimes is not relevant. It does not cover the latest updates, scanning, and configurations. The documentation for some things is wrong and does not cover some configuration scannings for the multiple project settings."
"The default reports provided don't provide much insight."
"The email relays and proxies could be improved."
"Their automation needs improvement."
"It needs to improve its integration with a lot of other products. This should be in the road map because we have a lot of SaaS-based appliances which are not connected with each other."
"Post-implementation is time-consuming. You have to do monitoring, and that takes time. After you set up everything, it's not a full-fledged implementation. You have to keep on monitoring and configuring."
"We want to see improved authentication."
"Sometimes the patching is a bit slow."
"There should be more tools to trace back. Some sort of module needs to be included to attach all the things. It should be more stable, and the traceback feature should be improved. There were cases when we got virtual analyzer or CMC errors. We got false-positive malware notifications, but we couldn't trace them. I raised a case with Trend Micro two or three times, but they couldn't resolve it. Their support should be improved in terms of technical abilities to troubleshoot complex issues. They should be more knowledgeable."
Snyk is ranked 4th in Application Security Tools with 41 reviews while Trend Micro Deep Security is ranked 1st in Virtualization Security with 81 reviews. Snyk is rated 8.2, while Trend Micro Deep Security is rated 8.6. The top reviewer of Snyk writes "Performs software composition analysis (SCA) similar to other expensive tools". On the other hand, the top reviewer of Trend Micro Deep Security writes "High availability, effective VPM, and responsive support". Snyk is most compared with SonarQube, Black Duck, GitHub Advanced Security, Fortify Static Code Analyzer and Veracode, whereas Trend Micro Deep Security is most compared with Trend Vision One Endpoint Security, CrowdStrike Falcon, Microsoft Defender for Endpoint, Symantec Endpoint Security and Trellix Endpoint Security.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.