We performed a comparison between Red Hat Advanced Cluster Security for Kubernetes and Snyk based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Red Hat Advanced Cluster Security for Kubernetes is highly regarded for its exceptional resource-sharing and segmentation capabilities. Snyk earns praise for its developer-friendly approach and range of scanning features. Snyk also stands out for its software composition analysis and compatibility with containers. Red Hat Advanced Cluster Security reviewers stressed a need for better documentation. They would also like the solution to incorporate features like zero trust and access control. Users said Snyk should work on improving compatibility and enhancing their vulnerability database.
Service and Support: Red Hat has been praised for its efficient and effective technical support. Some Snyk customers said support could better organize and prioritize requests.
Ease of Deployment: Red Hat Advanced Cluster Security for Kubernetes requires users to create various customer resource files and deploy an image as a container, which is a time-consuming process that can take days or weeks to configure. Snyk's setup is simple and uncomplicated, with users reporting positive experiences and excellent support from the vendor team.
Pricing: Advanced Cluster Security for Kubernetes is moderately priced, and Red Hat offers affordable bundled pricing options. Snyk is considered expensive relative to other solutions. Users say it is better suited for larger companies or enterprises that can afford it.
ROI: Red Hat Advanced Cluster Security for Kubernetes provides extensive security features, while Snyk emphasizes cost-effective vulnerability identification.
Comparison Results: Red Hat Advanced Cluster Security for Kubernetes is preferred over Snyk. Users appreciate its comprehensive setup process, scalability, and ability to run multiple containers. It also offers a hybrid cloud approach and seamless integration with other solutions. Some users encountered difficulties integrating Snyk with existing tools.
"I am impressed with the tool's visibility."
"Segmentation is the most powerful feature."
"The technical support is good."
"Scalability-wise, I rate the solution a nine out of ten."
"I like virtualization and all those tools that come with OpenShift. I also like Advanced Cluster Management and the built-in security."
"One of the most valuable features I found was the ability of this solution to map the network and show you the communication between your containers and your different nodes."
"The benefit of working with the solution is the fact that it's very straightforward...It is a perfectly stable product since the details are very accurate."
"It is easy to install and manage."
More Red Hat Advanced Cluster Security for Kubernetes Pros →
"From the software composition analysis perspective, it first makes sure that we understand what is happening from a third-party perspective for the particular product that we use. This is very difficult when you are building software and incorporating dependencies from other libraries, because those dependencies have dependencies and that chain of dependencies can go pretty deep. There could be a vulnerability in something that is seven layers deep, and it would be very difficult to understand that is even affecting us. Therefore, Snyk provides fantastic visibility to know, "Yes, we have a problem. Here is where it ultimately comes from." It may not be with what we're incorporating, but something much deeper than that."
"Snyk has given us really good results because it is fully automated. We don't have to scan projects every time to find vulnerabilities, as it already stores the dependencies that we are using. It monitors 24/7 to find out if there are any issues that have been reported out on the Internet."
"It is easy for developers to use. The documentation is clear as well as the APIs are good and easily readable. It's a good solution overall."
"A main feature of Snyk is that when you go with SCA, you do get properly done security composition, also from the licensing and open-source parameters perspective. A lot of companies often use open-source libraries or frameworks in their code, which is a big security concern. Snyk deals with all the things and provides you with a proper report about whether any open-source code or framework that you are using is vulnerable. In that way, Snyk is very good as compared to other tools."
"The most valuable feature of Snyk is the software composition analysis."
"The CLI feature is quite useful because it gives us a lot of flexibility in what we want to do. If you use the UI, all the information is there and you can see what Snyk is showing you, but there is nothing else that you can change. However, when you use the CLI, then you can use commands and can get the output or response back from Snyk. You can also take advantage of that output in a different way. For the same reason, we have been using the CLI for the hard gate in the pipeline: Obtain a particular CDSS score for vulnerability. Based on that information, we can then decide if we want to block or allow the build. We have more flexibility if we use the CLI."
"The code scans on the source code itself were valuable."
"Provides clear information and is easy to follow with good feedback regarding code practices."
"The testing process could be improved."
"They're trying to convert it to the platform as a source. They are moving in the direction of Cloud Foundry so it can be easier for a developer to deploy it."
"The initial setup is pretty complex. There's a learning curve, and its cost varies across different environments. It's difficult."
"Red Hat is somewhat expensive."
"The tool's command line and configuration are hard for us to understand and make deployment complex. It should also include zero trust, access control features and database connectivity."
"The documentation about Red Hat Advanced Cluster Security available online is very limited... So it's very limited to the documentation."
"The solution lacks features when compared to some of the competitors such as Prisma Cloud by Palo Alto Networks and has room for improvement."
"The deprecation of APIs is a concern since the deprecation of APIs will cause issues for us every time we upgrade."
More Red Hat Advanced Cluster Security for Kubernetes Cons →
"For the areas that they're new in, it's very early stages for them. For example, their expertise is in looking at third-party components and packages, which is their bread-and-butter and what they've been doing for ages, but for newer features such as static analysis I don't think they've got compatibility for all the languages and frameworks yet."
"The way Snyk notifies if we have an issue, there are a few options: High vulnerability or medium vulnerability. The problem with that is high vulnerabilities are too broad, because there are too many. If you enable notifications, you get a lot of notifications, When you get many notifications, they become irrelevant because they're not specific. I would prefer to have control over the notifications and somehow decide if I want to get only exploitable vulnerabilities or get a specific score for a vulnerability. Right now, we receive too many high vulnerabilities. If we enable notifications, then we just get a lot of spam message. Therefore, we would like some type of filtering system to be built-in for the system to be more precise."
"Compatibility with other products would be great."
"We use Bamboo for CI.CD, and we had problems integrating Snyk with it. Ultimately, we got the two solutions to work together, but it was difficult."
"The reporting mechanism of Snyk could improve. The reporting mechanism is available only on the higher level of license. Adjusting the policy of the current setup of recording this report is something that can improve. For instance, if you have a certain license, you receive a rating, and the rating of this license remains the same for any use case. No matter if you are using it internally or using it externally, you cannot make the adjustment to your use case. It will always alert as a risky license. The areas of licenses in the reporting and adjustments can be improve"
"The solution could improve the reports. They have been working on improving the reports but more work could be done."
"The solution's reporting and storage could be improved."
"There is always more work to do around managing the volume of information when you've got thousands of vulnerabilities. Trying to get those down to zero is virtually impossible, either through ignoring them all or through fixing them. That filtering or information management is always going to be something that can be improved."
More Red Hat Advanced Cluster Security for Kubernetes Pricing and Cost Advice →
Red Hat Advanced Cluster Security for Kubernetes is ranked 16th in Container Security with 10 reviews while Snyk is ranked 5th in Container Security with 41 reviews. Red Hat Advanced Cluster Security for Kubernetes is rated 8.4, while Snyk is rated 8.2. The top reviewer of Red Hat Advanced Cluster Security for Kubernetes writes "Provides network mapping feature for visualizing container communication but complex setup ". On the other hand, the top reviewer of Snyk writes "Performs software composition analysis (SCA) similar to other expensive tools". Red Hat Advanced Cluster Security for Kubernetes is most compared with Prisma Cloud by Palo Alto Networks, Aqua Cloud Security Platform, SUSE NeuVector, CrowdStrike Falcon Cloud Security and Tenable.io Container Security, whereas Snyk is most compared with SonarQube, Black Duck, Fortify Static Code Analyzer, Veracode and GitHub Advanced Security. See our Red Hat Advanced Cluster Security for Kubernetes vs. Snyk report.
See our list of best Container Security vendors.
We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
