Compare GitLab vs. Snyk

Cancel
You must select at least 2 products to compare!
GitLab Logo
5,575 views|4,884 comparisons
Snyk Logo
Read 14 Snyk reviews.
6,940 views|5,540 comparisons
Most Helpful Review
Find out what your peers are saying about GitLab vs. Snyk and other solutions. Updated: September 2020.
441,850 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
"The dashboard and interface make it easy to use.""We like that we can create branches and then the branches can be reviewed and you can mesh those branches back. You can independently work with your own branch, you don't need to really control the core of other people.""Everything is easy to configure and easy to work with.""A user friendly solution.""It speeds up our development, it's faster, safer, and more convenient."

More GitLab Pros »

"What is valuable about Snyk is its simplicity.""It has improved our vulnerability rating and reduced our vulnerabilities through the tool during the time that we've had it. It's definitely made us more aware, as we have removed scoping for existing vulnerabilities and platforms since we rolled it out up until now.""Snyk has given us really good results because it is fully automated. We don't have to scan projects every time to find vulnerabilities, as it already stores the dependencies that we are using. It monitors 24/7 to find out if there are any issues that have been reported out on the Internet.""The most valuable features include enriched information around the vulnerabilities for better triaging, in terms of the vulnerability layer origin and vulnerability tree.""Our overall security has improved. We are running fewer severities and vulnerabilities in our packages. We fixed a lot of the vulnerabilities that we didn't know were there.""The CLI feature is quite useful because it gives us a lot of flexibility in what we want to do. If you use the UI, all the information is there and you can see what Snyk is showing you, but there is nothing else that you can change. However, when you use the CLI, then you can use commands and can get the output or response back from Snyk. You can also take advantage of that output in a different way. For the same reason, we have been using the CLI for the hard gate in the pipeline: Obtain a particular CDSS score for vulnerability. Based on that information, we can then decide if we want to block or allow the build. We have more flexibility if we use the CLI.""It is one of the best product out there to help developers find and fix vulnerabilities quickly. When we talk about the third-party software vulnerability piece and potentially security issues, it takes the load off the user or developer. They even provide automitigation strategies and an auto-fix feature, which seem to have been adopted pretty well.""The dependency checks of the libraries are very valuable, but the licensing part is also very important because, with open source components, licensing can be all over the place. Our project is not an open source project, but we do use quite a lot of open source components and we want to make sure that we don't have surprises in there."

More Snyk Pros »

Cons
"GitLab doesn't have AWS integration. It would be better to have integration with other container management environments beyond Kubernetes. It has very good integration with Kubernetes, but it doesn't have good integration with, for example, AWS, ETS, etc.""I would like to see static analysis also embedded in GitLab. That would also help us. If there's something that it does internally by GitLab and then that is already tied up with your pipeline and then it can tell you that you're coding is good or your code is not great. Based on that, it would pass or fail. That should be streamlined. I would think that would help to a greater extent, in terms of having one solution rather than depending on multiple vendors.""The only thing our company is really waiting on in terms of features is the development of metrics.""Reporting could be improved.""I would like to see better integration with project management tools such as Jira."

More GitLab Cons »

"Could include other types of security scanning and statistical analysis""There are some new features that we would like to see added, e.g., more visibility into library usage for the code. Something along the lines where it's doing the identification of where vulnerabilities are used, etc. This would cause them to stand out in the market as a much different platform.""They were a couple of issues which happened because Snyk lacked some documentation on the integration side. Snyk is lacking a lot of documentation, and I would like to see them improve this. This is where we struggle a bit. For example, if something breaks, we can't figure out how to fix that issue. It may be a very simple thing, but because we don't have the proper documentation around an issue, it takes us a bit longer.""We've also had technical issues with blocking newly introduced vulnerabilities in PRs and that was creating a lot of extra work for developers in trying to close and reopen the PR to get rid of some areas. We ended up having to disable that feature altogether because it wasn't really working for us and it was actually slowing down developer velocity.""Scalability has some issues because we have a lot of code and its use is mandatory. Therefore, it can be slow at times, especially because there are a lot of projects and reporting. Some UI improvements could help with this.""The way Snyk notifies if we have an issue, there are a few options: High vulnerability or medium vulnerability. The problem with that is high vulnerabilities are too broad, because there are too many. If you enable notifications, you get a lot of notifications, When you get many notifications, they become irrelevant because they're not specific. I would prefer to have control over the notifications and somehow decide if I want to get only exploitable vulnerabilities or get a specific score for a vulnerability. Right now, we receive too many high vulnerabilities. If we enable notifications, then we just get a lot of spam message. Therefore, we would like some type of filtering system to be built-in for the system to be more precise.""We have seen cases where tools didn't find or recognize certain dependencies. These are known issues, to some extent, due to the complexity in the language or stack that you using. There are some certain circumstances where the tool isn't actually finding what it's supposed to be finding, then it could be misleading.""Generating reports and visibility through reports are definitely things they can do better."

More Snyk Cons »

Pricing and Cost Advice
"I think that we pay approximately $100 USD per month."

More GitLab Pricing and Cost Advice »

"It's inexpensive and easy to license. It comes in standard package sizing, which is straightforward. This information is publicly found on their website.""We do have some missing licenses issues, especially with non-SPDX compliant one, but we expect this to be fixed soon""You can get a good deal with Snyk for pricing. It's a little expensive, but it is worth it.""Their licensing model is fairly robust and scalable for our needs. I believe we have reached a reasonable agreement on the licensing to enable hundreds of developers to participate in this product offering. The solution is very tailored towards developers and its licensing model works well for us.""The price is good. Snyk had a good price compared to the competition, who had higher pricing than them. Also, their licensing and billing are clear.""It's good value. That's the primary thing. It's not cheap-cheap, but it's good value."

More Snyk Pricing and Cost Advice »

report
Use our free recommendation engine to learn which Software Composition Analysis (SCA) solutions are best for your needs.
441,850 professionals have used our research since 2012.
Questions from the Community
Ask a question

Earn 20 points

Top Answer: What is valuable about Snyk is its simplicity.
Top Answer: The product could be improved by including other types of security scanning (e.g. SAST or DAST), which is important. It would also help to include the static analysis specifically to the open-source… more »
Top Answer: We use the product to scan our code for any vulnerable dependencies we might have. We depend on open source libraries and need to make sure they're secure. If not, we need to highlight the areas and… more »
Ranking
Views
5,575
Comparisons
4,884
Reviews
3
Average Words per Review
503
Avg. Rating
8.7
Views
6,940
Comparisons
5,540
Reviews
14
Average Words per Review
1,808
Avg. Rating
8.5
Popular Comparisons
Compared 27% of the time.
Compared 10% of the time.
Compared 7% of the time.
Compared 5% of the time.
Compared 3% of the time.
Compared 21% of the time.
Compared 19% of the time.
Compared 12% of the time.
Compared 8% of the time.
Learn
GitLab
Snyk
Overview

GitLab is a single application with features for the whole software development and operations (DevOps) lifecycle.

Snyk’s mission is to help developers use open source code and stay secure. The use of open source is booming, but security is a key concern (https://snyk.io/stateofossecurity/). Snyk’s unique developer focused product enables developers and enterprise security to continuously find & fix vulnerable dependencies without slowing down, with seamless integration into Dev & DevOps workflows. Snyk is adopted by over 100,000 developers, has multiple enterprise customers (such as Google, New Relic, ASOS and others) and is experiencing rapid growth. Our investors are Canaan Partners, BOLDStart, and several successful developer tools entrepreneurs. Snyk was founded in 2015 and is headquartered in London with offices in Israel and the US. For more information, go to https://snyk.io/.

Offer
Learn more about GitLab
Learn more about Snyk
Sample Customers
Siemens, University of Washington, Equinix, Paessler AG, CNCF, Ticketmaster, CERN, VaadinStartApp, Segment, Skyscanner, DigitalOcean, Comic Relief
Top Industries
VISITORS READING REVIEWS
Computer Software Company32%
Comms Service Provider15%
Government7%
Media Company6%
VISITORS READING REVIEWS
Computer Software Company39%
Comms Service Provider14%
Media Company9%
Financial Services Firm5%
Find out what your peers are saying about GitLab vs. Snyk and other solutions. Updated: September 2020.
441,850 professionals have used our research since 2012.
GitLab is ranked 5th in Software Composition Analysis (SCA) with 5 reviews while Snyk is ranked 2nd in Software Composition Analysis (SCA) with 14 reviews. GitLab is rated 8.6, while Snyk is rated 8.6. The top reviewer of GitLab writes "Provides or mandates quantitative code into the Master". On the other hand, the top reviewer of Snyk writes "Helps Avoid The Pain And The Cost Of Trying To Retrofit Security in your Code". GitLab is most compared with Microsoft Azure DevOps, Tekton, TeamCity, Bamboo and Harness, whereas Snyk is most compared with WhiteSource, Black Duck , SonarQube, JFrog Xray and Prisma Cloud by Palo Alto Networks. See our GitLab vs. Snyk report.

See our list of best Software Composition Analysis (SCA) vendors.

We monitor all Software Composition Analysis (SCA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.