We performed a comparison between Aqua Security Platform and Snyk based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Aqua Security Platform is highly appreciated for its ability to secure container images, identify vulnerabilities, and detect malware. Snyk is acclaimed for being developer-friendly, offering automatic pull request creation and software composition analysis. Aqua Security Platform could improve by automating reporting and log forwarding. Users also complain that it is too resource-heavy. Snyk could focus on improving compatibility and reporting capabilities. Reviewers said that Snyk could automate remediation and simplify functions.
Service and Support: Aqua Security Platform's customer service is generally considered prompt and supportive, but some users reported that they had to fix some issues themselves. Some users said Snyk's customer service should improve the way it organizes and prioritizes support tickets.
Ease of Deployment: Users reported varying levels of difficulty with Aqua's setup process, with some saying the solution required specialized knowledge. Snyk's setup was generally considered straightforward, with some variations depending on specific circumstances.
Pricing: Aqua Security Platform is moderately priced. Snyk is considered expensive, particularly for smaller companies. However, some users said the pricing was manageable for larger enterprises.
ROI: Snyk offers a budget-friendly solution that has the potential to offset annual subscription costs by addressing bugs faster. Users offered limited feedback on the ROI for Aqua Security Platform.
Comparison Results: Our users prefer Snyk over Aqua Security Platform. Users appreciate Snyk's straightforward setup and developer-friendly approach. Snyk offers valuable features like scanning, automatic pull requests, and software composition analysis.
"PingSafe provides email alerts and ranks issues based on severity, such as high, critical, etc., that help us prioritize issues."
"Cloud Native Security has helped us with our risk posture and securing our agenda. It has been tremendous in terms of supporting growth."
"Cloud Native Security helps us discover vulnerabilities in a cloud environment like open ports that allow people to attack our environment. If someone unintentionally opens a port, we are exposed. Cloud Native Security alerts us so we can remediate the problem. We can also automate it so that Cloud Native Security will fix it."
"The UI is very good."
"The most valuable feature of PingSafe is its integration with most of our technology stack, specifically all of our cloud platforms and ticketing software."
"We like the platform and its response time. We also like that its console is user-friendly as well as modern and sleek."
"The offensive security where they do a fix is valuable. They go to a misconfiguration and provide detailed alerts on what could be there. They also provide a remediation feature where if we give the permission, they can also go and fix the issue."
"Support has been very helpful and provides regular feedback and help whenever needed. They've been very useful."
"From what I understand, the initial setup is simple."
"The solution was very user-friendly."
"Support is very helpful."
"The most valuable feature of Aqua Security is the scanner."
"The CSPM product is great at securing our cloud accounts and I really like the runtime protection for containers and functions too."
"Valuable features include the ability to connect it to our Docker Hub where our images are stored, good integration with Slack, and the connection to the CV, to easily see which CVs are on each image."
"Aqua Security allowed us to gain visibility into the vulnerabilities that were present in the container images, that were being rolled out, the amount of risk that we were introducing to the platform, and provided us a look into the container environment by introducing access control mechanisms. In addition, when it came to runtime-level policies, we could restrict container access to resources in our environment, such as network-level or other application-level access."
"Customers find it invaluable to have the ability to check for vulnerabilities in an image before deployment, similar to a sandbox environment."
"It has an accurate database of vulnerabilities with a low amount of false positives."
"What is valuable about Snyk is its simplicity."
"Its reports are nice and provide information about the issue as well as resolution. They also provide a proper fix. If there's an issue, they provide information in detail about how to remediate that issue."
"The most effective feature in securing project dependencies stems from its ability to highlight security vulnerabilities."
"The CLI feature is quite useful because it gives us a lot of flexibility in what we want to do. If you use the UI, all the information is there and you can see what Snyk is showing you, but there is nothing else that you can change. However, when you use the CLI, then you can use commands and can get the output or response back from Snyk. You can also take advantage of that output in a different way. For the same reason, we have been using the CLI for the hard gate in the pipeline: Obtain a particular CDSS score for vulnerability. Based on that information, we can then decide if we want to block or allow the build. We have more flexibility if we use the CLI."
"The code scans on the source code itself were valuable."
"Snyk helps me pinpoint security errors in my code."
"The most valuable features are their GitLab and JIRA integrations. The GitLab integration lets us pull projects in pretty easily, so that it's pretty minimal for developers to get it set up. Using the JIRA integration, it's also pretty easy to get the information that is generated, as a result of that GitLab integration, back to our teams in a non-intrusive way and in a workflow that we are already using."
"When you find a vulnerability and resolve it, the same issue will not occur again. I want PingSafe to block the same vulnerability from appearing again. I want something like a playbook where the steps that we take to resolve an issue are repeated when that issue happens again."
"The Automation tab is an add-on that doesn’t work properly. They provide a list of scripts that don’t work and I have asked support to assist but they won’t help. When running on various endpoints the script doesn’t work and if it does, it’s only a couple. There are a lot of useful scripts that would be beneficial to run forensics, event logs, and process lists running on the endpoint."
"There is a bit of a learning curve for new users."
"PingSafe takes four to five hours to detect and highlight an issue, and that time should be reduced."
"Implementing single sign-on requires a pre-class account feature, which is currently not available."
"Crafting customized policies can be tricky."
"Currently, we would have to export our vulnerability report to an .xlsx file, and review it in an Excel spreadsheet, and then we sort of compile a list from there. It would be cool if there was a way to actually toggle multiple applications for review and then see those file paths on multiple users rather than only one user at a time or only one application at a time."
"In addition to the console alerts, I would like PingSafe to also send email notifications."
"It's a bit hard to use the user roles. That was a bit confusing."
"The solution could improve user-friendliness."
"Aqua Security could provide more open documentation so that their learning resources can be more easily accessed and searched through online. Right now, a lot of the documentation is closed and not available to the public."
"The user interface could be improved, especially in terms of organization and clarity."
"They want to release improvements to their product to work with other servers because now there are more focused on the Kubernetes environment. They need to improve the normal servers. I would like to have more options."
"Since we are working from home, we would like to have the proper training for Aqua."
"Sometimes I got stressed with the UI."
"We would like to see an improvement in the overview visibility that this solution offers."
"The tool needs improvement in license compliance. I would like to see the integration of better policy management in the product's future release. When it comes to the organization that I work for, there are a lot of business units since we are a group of companies. Each of these companies has its specific requirements and its own appetite for risk. This should be able to reflect in flexible policies. We need to be able to configure policies that can be adjusted later or overridden by the business unit that is using the product."
"We have seen cases where tools didn't find or recognize certain dependencies. These are known issues, to some extent, due to the complexity in the language or stack that you using. There are some certain circumstances where the tool isn't actually finding what it's supposed to be finding, then it could be misleading."
"For the areas that they're new in, it's very early stages for them. For example, their expertise is in looking at third-party components and packages, which is their bread-and-butter and what they've been doing for ages, but for newer features such as static analysis I don't think they've got compatibility for all the languages and frameworks yet."
"They were a couple of issues which happened because Snyk lacked some documentation on the integration side. Snyk is lacking a lot of documentation, and I would like to see them improve this. This is where we struggle a bit. For example, if something breaks, we can't figure out how to fix that issue. It may be a very simple thing, but because we don't have the proper documentation around an issue, it takes us a bit longer."
"Could include other types of security scanning and statistical analysis"
"There are some new features that we would like to see added, e.g., more visibility into library usage for the code. Something along the lines where it's doing the identification of where vulnerabilities are used, etc. This would cause them to stand out in the market as a much different platform."
"The tool's initial use is complex."
"It can be improved from the reporting perspective and scanning perspective. They can also improve it on the UI front."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
Aqua Cloud Security Platform is ranked 7th in Container Security with 16 reviews while Snyk is ranked 5th in Container Security with 41 reviews. Aqua Cloud Security Platform is rated 8.0, while Snyk is rated 8.2. The top reviewer of Aqua Cloud Security Platform writes "Reliable with good container scanning and a straightforward setup". On the other hand, the top reviewer of Snyk writes "Performs software composition analysis (SCA) similar to other expensive tools". Aqua Cloud Security Platform is most compared with Prisma Cloud by Palo Alto Networks, Wiz, Red Hat Advanced Cluster Security for Kubernetes, SUSE NeuVector and Sysdig Secure, whereas Snyk is most compared with SonarQube, Black Duck, GitHub Advanced Security, Fortify Static Code Analyzer and GitLab. See our Aqua Cloud Security Platform vs. Snyk report.
See our list of best Container Security vendors and best DevSecOps vendors.
We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.