We performed a comparison between Snyk and SUSE NeuVector based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Snyk is highly regarded for its developer-friendly approach, broad feature set, and seamless integration with other tools. SUSE NeuVector is praised for its wide range of features, informative user interface, ISO certification checks, and automation capabilities. Reviewers say Snyk should improve its vulnerability database and reporting mechanism. SUSE NeuVector needs to expand scanning support and work on monitoring, reporting, and integration.
Service and Support: Snyk customers say support could improve the way they organize and prioritize assistance. SUSE NeuVector's support is praised for being supportive, prompt, and well-informed, although a few reviewers consider the process to be complex.
Ease of Deployment: Snyk's setup is generally considered to be simple, with good support from the vendor team. SUSE NeuVector can be either easy or difficult, depending on the user. Some users find it straightforward, while others find it complex and challenging. Integrating SUSE NeuVector with pipelines is particularly difficult, often requiring the use of custom scripts.
Pricing: Snyk is regarded as pricey, but users believe the cost is justified because of the features it offers. The pricing and licensing experiences of SUSE NeuVector users vary, with some considering it affordable and others indicating a need for improvement.
ROI: Snyk offers a cost-effective way to detect vulnerabilities, and customers can realize a solid ROI by resolving bugs earlier. SUSE NeuVector provides the largest ROI for high-risk sectors such as financial services, although its benefits may be limited for some sectors, such as retail.
Comparison Results: Snyk is preferred over SUSE NeuVector. Snyk is oriented toward developers, and users appreciate the scanning feature, automatic pull request creation, and software composition analysis tools. The setup is regarded as straightforward, with the Snyk team providing exceptional support. SUSE NeuVector's setup is more intricate and demanding, often requiring custom scripts for integration with pipelines.
"The most valuable features include enriched information around the vulnerabilities for better triaging, in terms of the vulnerability layer origin and vulnerability tree."
"The most effective feature in securing project dependencies stems from its ability to highlight security vulnerabilities."
"Our customers find container scans most valuable. They are always talking about it."
"A main feature of Snyk is that when you go with SCA, you do get properly done security composition, also from the licensing and open-source parameters perspective. A lot of companies often use open-source libraries or frameworks in their code, which is a big security concern. Snyk deals with all the things and provides you with a proper report about whether any open-source code or framework that you are using is vulnerable. In that way, Snyk is very good as compared to other tools."
"The solution's Open Source feature gives us notifications and suggestions regarding how to address vulnerabilities."
"The most valuable features of Snyk are vulnerability scanning and automation. The automation the solution brings around vulnerability scanning is useful."
"There are many valuable features. For example, the way the scanning feature works. The integration is cool because I can integrate it and I don't need to wait until the CACD, I can plug it in to our local ID, and there I can do the scanning. That is the part I like best."
"The dependency checks of the libraries are very valuable, but the licensing part is also very important because, with open source components, licensing can be all over the place. Our project is not an open source project, but we do use quite a lot of open source components and we want to make sure that we don't have surprises in there."
"When it comes to the price, we got a really good deal from the vendor instantly."
"The initial setup is quite good, it's straightforward."
"The UI has a lot of features."
"The most valuable feature of SUSE NeuVector is the performance, deployment, and cost."
"The features of image scanning and anti-malware are really valuable."
"The most valuable feature of SUSE NeuVector is its run-time security."
"The tool's deployment is simple. Also, I am impressed with its risk capabilities."
"The feature for automatic fixing of security breaches could be improved."
"Offering API access in the lower or free open-source tiers would be better. That would help our customers. If you don't have an enterprise plan, it becomes challenging to integrate with the rest of the systems. Our customers would like to have some open-source integrations in the next release."
"All such tools should definitely improve the signatures in their database. Snyk is pretty new to the industry. They have a pretty good knowledge base, but Veracode is on top because Veracode has been in this business for a pretty long time. They do have a pretty large database of all the findings, and the way that the correlation engine works is superb. Snyk is also pretty good, but it is not as good as Veracode in terms of maintaining a large space of all the historical data of vulnerabilities."
"The solution's reporting and storage could be improved."
"It lists projects. So, if you have a number of microservices in an enterprise, then you could have pages of findings. Developers will then spend zero time going through the pages of reports to figure out, "Is there something I need to fix?" While it may make sense to list all the projects and issues in these very long lists for completeness, Snyk could do a better job of bubbling up and grouping items, e.g., a higher level dashboard that draws attention to things that are new, the highest priority things, or things trending in the wrong direction. That would make it a lot easier. They don't quite have that yet in container security."
"DAST has shortcomings, and Snyk needs to improve and overcome such shortcomings."
"The product is very expensive."
"It can be improved from the reporting perspective and scanning perspective. They can also improve it on the UI front."
"I would say that this solution should improve monitoring and reporting. I would also like to see more integrations so that we could essentially make it a part of a developing pipeline."
"The tool should offer seamless integration of other security tools while in a hybrid environment."
"SUSE NeuVector could improve by increasing its visibility into other elements of the DevSecOps pipeline. Additionally, scanning around infrastructure would be helpful."
"SUSE NeuVector should provide more security protection rules and better container image scanning."
"The documentation needs to improve a bit."
"We are also working with IaaS VMS, but NeuVector doesn't support virtual machines."
"The image-scanning features need improvement."
Snyk is ranked 5th in Container Security with 41 reviews while SUSE NeuVector is ranked 20th in Container Security with 7 reviews. Snyk is rated 8.2, while SUSE NeuVector is rated 7.8. The top reviewer of Snyk writes "Performs software composition analysis (SCA) similar to other expensive tools". On the other hand, the top reviewer of SUSE NeuVector writes "Good value for money; great for policy management". Snyk is most compared with SonarQube, Black Duck, GitHub Advanced Security, Fortify Static Code Analyzer and Veracode, whereas SUSE NeuVector is most compared with Prisma Cloud by Palo Alto Networks, Red Hat Advanced Cluster Security for Kubernetes, Aqua Cloud Security Platform, Sysdig Falco and Wiz. See our SUSE NeuVector vs. Snyk report.
See our list of best Container Security vendors.
We monitor all Container Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.