We performed a comparison between Snyk and Tenable Security Center based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."What is valuable about Snyk is its simplicity."
"Provides clear information and is easy to follow with good feedback regarding code practices."
"Snyk is a good and scalable tool."
"From the software composition analysis perspective, it first makes sure that we understand what is happening from a third-party perspective for the particular product that we use. This is very difficult when you are building software and incorporating dependencies from other libraries, because those dependencies have dependencies and that chain of dependencies can go pretty deep. There could be a vulnerability in something that is seven layers deep, and it would be very difficult to understand that is even affecting us. Therefore, Snyk provides fantastic visibility to know, "Yes, we have a problem. Here is where it ultimately comes from." It may not be with what we're incorporating, but something much deeper than that."
"The most valuable features are their GitLab and JIRA integrations. The GitLab integration lets us pull projects in pretty easily, so that it's pretty minimal for developers to get it set up. Using the JIRA integration, it's also pretty easy to get the information that is generated, as a result of that GitLab integration, back to our teams in a non-intrusive way and in a workflow that we are already using."
"The CLI feature is quite useful because it gives us a lot of flexibility in what we want to do. If you use the UI, all the information is there and you can see what Snyk is showing you, but there is nothing else that you can change. However, when you use the CLI, then you can use commands and can get the output or response back from Snyk. You can also take advantage of that output in a different way. For the same reason, we have been using the CLI for the hard gate in the pipeline: Obtain a particular CDSS score for vulnerability. Based on that information, we can then decide if we want to block or allow the build. We have more flexibility if we use the CLI."
"The most valuable feature of Snyk is the software composition analysis."
"We use Snyk to check vulnerabilities and rectify potential leaks in GitHub."
"Tenable.sc's best features are the availability model, accident management, and scoring."
"The most valuable features in Tenable SC are scanning and analysis."
"Feature-wise, Tenable Security Center is a very fast tool with many dashboards and reports, and it covers all our systems."
"The initial setup process is simple."
"Tenable's most valuable features are the credential scan, vulnerability reports, and vulnerability ratings (VPR)."
"What is useful to me is being able to fulfill very customized scanning policies. In the clinical environment, because of vendor control, we can't perform credential-vulnerability scanning. And network scans, which I've done before, can cause a lot of impact. Being able to create very customized policies to be able to routinely scan and audit our clinical networks, while simultaneously not causing impact, is important to us."
"One of the most valuable features is their distributed scan model for allotting engines to work together as a pool and handle multiple scans at once, across multiple environments. Automatic scanning distribution is a distinguishing feature of their toolset."
"Has a great advanced scanning feature."
"The feature for automatic fixing of security breaches could be improved."
"The tool needs improvement in license compliance. I would like to see the integration of better policy management in the product's future release. When it comes to the organization that I work for, there are a lot of business units since we are a group of companies. Each of these companies has its specific requirements and its own appetite for risk. This should be able to reflect in flexible policies. We need to be able to configure policies that can be adjusted later or overridden by the business unit that is using the product."
"The tool's initial use is complex."
"A feature we would like to see is the ability to archive and store historical data, without actually deleting it. It's a problem because it throws my numbers off. When I'm looking at the dashboard's current vulnerabilities, it's not accurate."
"They were a couple of issues which happened because Snyk lacked some documentation on the integration side. Snyk is lacking a lot of documentation, and I would like to see them improve this. This is where we struggle a bit. For example, if something breaks, we can't figure out how to fix that issue. It may be a very simple thing, but because we don't have the proper documentation around an issue, it takes us a bit longer."
"The solution's integration with JFrog Artifactory could be improved."
"There are some new features that we would like to see added, e.g., more visibility into library usage for the code. Something along the lines where it's doing the identification of where vulnerabilities are used, etc. This would cause them to stand out in the market as a much different platform."
"We have seen cases where tools didn't find or recognize certain dependencies. These are known issues, to some extent, due to the complexity in the language or stack that you using. There are some certain circumstances where the tool isn't actually finding what it's supposed to be finding, then it could be misleading."
"Though the solution's technical support is responsive, they do take a lot of time, making it one of the solution's shortcomings that needs improvement."
"The web application scanning area can be improved."
"Tenable's reporting engine needs improvement. It needs to be more efficient and add more features."
"Security can always be improved."
"The product should provide risk-based vulnerability management."
"Tenable SC can improve by adding more integrations with HCI-type tools and more accurate vulnerability detection."
"The solution needs to improve the vulnerability assessment because we have experienced some challenges with accuracy."
"The solution should provide better web application features and support."
Snyk is ranked 4th in Application Security Tools with 41 reviews while Tenable Security Center is ranked 1st in Risk-Based Vulnerability Management with 48 reviews. Snyk is rated 8.2, while Tenable Security Center is rated 8.2. The top reviewer of Snyk writes "Performs software composition analysis (SCA) similar to other expensive tools". On the other hand, the top reviewer of Tenable Security Center writes "A security solution for vulnerability assessment with automated scans". Snyk is most compared with SonarQube, Black Duck, Fortify Static Code Analyzer, Veracode and GitHub Advanced Security, whereas Tenable Security Center is most compared with Tenable Vulnerability Management, Qualys VMDR, Tenable Nessus, Rapid7 InsightVM and Horizon3.ai.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.