We performed a comparison between ShiftLeft and Snyk based on real PeerSpot user reviews.
Find out what your peers are saying about Synopsys, Snyk, Veracode and others in Software Composition Analysis (SCA)."When it comes to ShiftLeft, the most valuable feature is definitely its ease of use and cost-effectiveness."
"The code scans on the source code itself were valuable."
"The most valuable features include enriched information around the vulnerabilities for better triaging, in terms of the vulnerability layer origin and vulnerability tree."
"We use Snyk to check vulnerabilities and rectify potential leaks in GitHub."
"I am impressed with the product's security vulnerability detection. My peers in security are praising the tool for its accuracy to detect security vulnerabilities. The product is very easy to onboard. It doesn't require a lot of preparation or prerequisites. It's a bit of a plug-and-play as long as you're using a package manager or for example, you are using a GitHub repository. And that is an advantage for this tool because developers don't want to add more tools to what they're currently using."
"Our overall security has improved. We are running fewer severities and vulnerabilities in our packages. We fixed a lot of the vulnerabilities that we didn't know were there."
"Snyk performs software composition analysis (SCA) similar to other expensive tools."
"The most effective feature in securing project dependencies stems from its ability to highlight security vulnerabilities."
"The dependency checks of the libraries are very valuable, but the licensing part is also very important because, with open source components, licensing can be all over the place. Our project is not an open source project, but we do use quite a lot of open source components and we want to make sure that we don't have surprises in there."
"Having support from senior management is crucial in making it mandatory for teams to collaborate with the security team throughout the development process."
"A feature we would like to see is the ability to archive and store historical data, without actually deleting it. It's a problem because it throws my numbers off. When I'm looking at the dashboard's current vulnerabilities, it's not accurate."
"The solution's integration with JFrog Artifactory could be improved."
"The log export function could be easier when shipping logs to other platforms such as Splunk."
"Basically the licensing costs are a little bit expensive."
"Offering API access in the lower or free open-source tiers would be better. That would help our customers. If you don't have an enterprise plan, it becomes challenging to integrate with the rest of the systems. Our customers would like to have some open-source integrations in the next release."
"The tool needs improvement in license compliance. I would like to see the integration of better policy management in the product's future release. When it comes to the organization that I work for, there are a lot of business units since we are a group of companies. Each of these companies has its specific requirements and its own appetite for risk. This should be able to reflect in flexible policies. We need to be able to configure policies that can be adjusted later or overridden by the business unit that is using the product."
"There are some new features that we would like to see added, e.g., more visibility into library usage for the code. Something along the lines where it's doing the identification of where vulnerabilities are used, etc. This would cause them to stand out in the market as a much different platform."
"They need to improve the Snyk plugins and make it easier to make your optimizations based on your own needs or features."
ShiftLeft is ranked 11th in Software Composition Analysis (SCA) with 1 review while Snyk is ranked 2nd in Software Composition Analysis (SCA) with 41 reviews. ShiftLeft is rated 10.0, while Snyk is rated 8.2. The top reviewer of ShiftLeft writes "Effectively in identify and fix bugs early in the development lifecycle". On the other hand, the top reviewer of Snyk writes "Performs software composition analysis (SCA) similar to other expensive tools". ShiftLeft is most compared with SonarQube, Black Duck and Semgrep Supply Chain, whereas Snyk is most compared with SonarQube, Black Duck, Fortify Static Code Analyzer, Veracode and GitHub Advanced Security.
See our list of best Software Composition Analysis (SCA) vendors and best Application Security Tools vendors.
We monitor all Software Composition Analysis (SCA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.