We performed a comparison between Aqua Security Platform and Snyk based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Aqua Security Platform is highly appreciated for its ability to secure container images, identify vulnerabilities, and detect malware. Snyk is acclaimed for being developer-friendly, offering automatic pull request creation and software composition analysis. Aqua Security Platform could improve by automating reporting and log forwarding. Users also complain that it is too resource-heavy. Snyk could focus on improving compatibility and reporting capabilities. Reviewers said that Snyk could automate remediation and simplify functions.
Service and Support: Aqua Security Platform's customer service is generally considered prompt and supportive, but some users reported that they had to fix some issues themselves. Some users said Snyk's customer service should improve the way it organizes and prioritizes support tickets.
Ease of Deployment: Users reported varying levels of difficulty with Aqua's setup process, with some saying the solution required specialized knowledge. Snyk's setup was generally considered straightforward, with some variations depending on specific circumstances.
Pricing: Aqua Security Platform is moderately priced. Snyk is considered expensive, particularly for smaller companies. However, some users said the pricing was manageable for larger enterprises.
ROI: Snyk offers a budget-friendly solution that has the potential to offset annual subscription costs by addressing bugs faster. Users offered limited feedback on the ROI for Aqua Security Platform.
Comparison Results: Our users prefer Snyk over Aqua Security Platform. Users appreciate Snyk's straightforward setup and developer-friendly approach. Snyk offers valuable features like scanning, automatic pull requests, and software composition analysis.
"I like CSPM the most. It captures a lot of alerts within a short period of time. When an alert gets triggered on the cloud, it throws an alert within half an hour, which is very reasonable. It is a plus point for us."
"Cloud Native Security is user-friendly. Everything in the Cloud Native Security tool is straightforward, including detections, integration, reporting, etc. They are constantly improving their UI by adding plugins and other features."
"The offensive security feature is valuable because it publicly detects the offensive and vulnerable things present in our domain or applications. It checks any applications with public access. Some of the applications give public access to certain files or are present over a particular domain. It detects and lets us know with evidence. That is quite good. It is protecting our infrastructure quite well."
"The agentless vulnerability scanning is great."
"The mean time to detect has been reduced."
"It's positively affected the communication between cloud security, application developers, and AppSec teams."
"PingSafe's integration is smooth. They are highly customer-oriented, and the integration went well for us."
"PingSafe offers comprehensive security posture management."
"Support is very helpful."
"The container security element of this product has been very valuable to our organization."
"The DTA, which stands for Dynamic Threat Analysis, allows me to analyze Docker images in a sandbox environment before deployment, helping me anticipate risks."
"Aqua Security allowed us to gain visibility into the vulnerabilities that were present in the container images, that were being rolled out, the amount of risk that we were introducing to the platform, and provided us a look into the container environment by introducing access control mechanisms. In addition, when it came to runtime-level policies, we could restrict container access to resources in our environment, such as network-level or other application-level access."
"The most helpful feature of Aqua Security is Drift Prevention, which is a feature that allows images to be immutable. In addition, one of the main reasons we went with Aqua Security is because it provides strong protection when it comes to runtime security."
"The most valuable features are that it's easy to use and manage."
"The most valuable feature of Aqua Security is the scanner."
"The most valuable feature is the security."
"Its reports are nice and provide information about the issue as well as resolution. They also provide a proper fix. If there's an issue, they provide information in detail about how to remediate that issue."
"It's very easy for developers to use. Onboarding was an easy process for all of the developers within the company. After a quick, half-an-hour to an hour session, they were fully using it on their own. It's very straightforward. Usability is definitely a 10 out of 10."
"The most effective feature in securing project dependencies stems from its ability to highlight security vulnerabilities."
"Static code analysis is one of the best features of the solution."
"The solution's vulnerability database, in terms of comprehensiveness and accuracy, is very high-level. As far as I know, it's the best among their competitors."
"Our customers find container scans most valuable. They are always talking about it."
"From the software composition analysis perspective, it first makes sure that we understand what is happening from a third-party perspective for the particular product that we use. This is very difficult when you are building software and incorporating dependencies from other libraries, because those dependencies have dependencies and that chain of dependencies can go pretty deep. There could be a vulnerability in something that is seven layers deep, and it would be very difficult to understand that is even affecting us. Therefore, Snyk provides fantastic visibility to know, "Yes, we have a problem. Here is where it ultimately comes from." It may not be with what we're incorporating, but something much deeper than that."
"It has improved our vulnerability rating and reduced our vulnerabilities through the tool during the time that we've had it. It's definitely made us more aware, as we have removed scoping for existing vulnerabilities and platforms since we rolled it out up until now."
"After closing an alert in Cloud Native Security, it still shows as unresolved."
"We are getting reports only in a predefined form. I would like to have customized reports so that I can see how many issues are open or closed today or in two weeks."
"Their search feature could be better."
"PingSafe is an excellent CSPM tool, but the CWPP features need to improve, and there is a scope for more application security posture management features. There aren't many ASPM solutions on the market, and existing ones are costly. I would like to see PingSafe develop into a single pane of glass for ASPM, CSPM, and CWPP. Another feature I'd like to see is runtime protection."
"Some of the navigation and some aspects of the portal may be a little bit confusing."
"It would be really helpful if the solution improves its agent deployment process."
"We wanted it to provide us with something like Claroty Hub in AWS for lateral movement. For example, if an EC2 instance or a virtual machine is compromised in a public subnet based on a particular vulnerability, such as Log4j, we want it to not be able to reach some of our databases. This kind of feature is not supported in PingSafe."
"I want PingSafe to integrate additional third-party resources. For example, PingSafe is compatible with Azure and AWS, but Azure AD isn't integrated with AWS. If PingSafe had that ability, it would enrich the data because how users interact with our AWS environment is crucial. All the identity-related features require improvement."
"Sometimes I got stressed with the UI."
"It's a bit hard to use the user roles. That was a bit confusing."
"The user interface could be improved, especially in terms of organization and clarity."
"I would like Aqua Security to look into is the development of a web security portal."
"There's room for improvement, particularly in management capabilities as it may not be comprehensive enough for all customers, and it has been lacking in the realm of cloud security posture management."
"Since we are working from home, we would like to have the proper training for Aqua."
"Aqua Security could improve the forwarding of logging into Splunk and into other tools, it should be easier."
"The integrations on CICD could be improved. If Aqua had more plugins or container images to integrate and automate more easily on CICD, it would be better."
"We tried to integrate it into our software development environment but it went really badly. It took a lot of time and prevented the developers from using the IDE. Eventually, we didn't use it in the development area... I would like to see better integrations to help the developers get along better with the tool. And the plugin for the IDE is not so good. This is something we would like to have..."
"For the areas that they're new in, it's very early stages for them. For example, their expertise is in looking at third-party components and packages, which is their bread-and-butter and what they've been doing for ages, but for newer features such as static analysis I don't think they've got compatibility for all the languages and frameworks yet."
"I think Snyk should add more of a vulnerability protection feature in the tool since it is an area where it lacks."
"The tool's initial use is complex."
"The tool should provide more flexibility and guidance to help us fix the top vulnerabilities before we go into production."
"DAST has shortcomings, and Snyk needs to improve and overcome such shortcomings."
"The way Snyk notifies if we have an issue, there are a few options: High vulnerability or medium vulnerability. The problem with that is high vulnerabilities are too broad, because there are too many. If you enable notifications, you get a lot of notifications, When you get many notifications, they become irrelevant because they're not specific. I would prefer to have control over the notifications and somehow decide if I want to get only exploitable vulnerabilities or get a specific score for a vulnerability. Right now, we receive too many high vulnerabilities. If we enable notifications, then we just get a lot of spam message. Therefore, we would like some type of filtering system to be built-in for the system to be more precise."
"We have seen cases where tools didn't find or recognize certain dependencies. These are known issues, to some extent, due to the complexity in the language or stack that you using. There are some certain circumstances where the tool isn't actually finding what it's supposed to be finding, then it could be misleading."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
Aqua Cloud Security Platform is ranked 7th in Container Security with 16 reviews while Snyk is ranked 5th in Container Security with 41 reviews. Aqua Cloud Security Platform is rated 8.0, while Snyk is rated 8.2. The top reviewer of Aqua Cloud Security Platform writes "Reliable with good container scanning and a straightforward setup". On the other hand, the top reviewer of Snyk writes "Performs software composition analysis (SCA) similar to other expensive tools". Aqua Cloud Security Platform is most compared with Prisma Cloud by Palo Alto Networks, Wiz, Red Hat Advanced Cluster Security for Kubernetes, SUSE NeuVector and Sysdig Secure, whereas Snyk is most compared with SonarQube, Black Duck, GitHub Advanced Security, Fortify Static Code Analyzer and GitLab. See our Aqua Cloud Security Platform vs. Snyk report.
See our list of best Container Security vendors and best DevSecOps vendors.
We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
