The most valuable features are their GitLab and JIRA integrations.
The GitLab integration lets us pull projects in pretty easily, so that it's pretty minimal for developers to get it set up.
Using the JIRA integration, it's also pretty easy to get the information that is generated, as a result of that GitLab integration, back to our teams in a non-intrusive way and in a workflow that we are already using. Snyk is something of a bridge that we use; we get our projects into it and then get the information out of it. Those two integrations are crucial for us to be able to do that pretty simply.
The ease of use for developers, on a scale of one to 10, is about an eight. The main feature of the reporting on the vulnerabilities and the information that you get from that are really easy to go through and use and interact with, whether it's pushing it to JIRA or ignoring certain vulnerabilities if you're not at risk. There are a couple of parts that, once you get into the settings a little bit more, are a little confusing and tricky. That's why it's not a nine or a 10, but the main features are pretty well done and easy to use.
The solution's ability to help developers find and fix vulnerabilities is pretty fast. The scanning for all of our various code bases could probably be done in under five minutes. It gives pretty clear information to developers, right away, about what we are vulnerable to and what we will be vulnerable to. Even if a fix or a patch is not out yet for a certain vulnerability, it will still give us that information. It also tells us what versioning, specifically, we need to upgrade to, which helps us determine the best upgrade path for ourselves, because sometimes our projects that are a little bit restricted as far as versioning goes.