We performed a comparison between Snyk and Tenable Vulnerability Management based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."The most valuable feature of Snyk is the software composition analysis."
"The product's most valuable features are an open-source platform, remote functionality, and good pricing."
"The CLI feature is quite useful because it gives us a lot of flexibility in what we want to do. If you use the UI, all the information is there and you can see what Snyk is showing you, but there is nothing else that you can change. However, when you use the CLI, then you can use commands and can get the output or response back from Snyk. You can also take advantage of that output in a different way. For the same reason, we have been using the CLI for the hard gate in the pipeline: Obtain a particular CDSS score for vulnerability. Based on that information, we can then decide if we want to block or allow the build. We have more flexibility if we use the CLI."
"The most valuable features are their GitLab and JIRA integrations. The GitLab integration lets us pull projects in pretty easily, so that it's pretty minimal for developers to get it set up. Using the JIRA integration, it's also pretty easy to get the information that is generated, as a result of that GitLab integration, back to our teams in a non-intrusive way and in a workflow that we are already using."
"The solution has great features and is quite stable."
"Snyk is a good and scalable tool."
"From the software composition analysis perspective, it first makes sure that we understand what is happening from a third-party perspective for the particular product that we use. This is very difficult when you are building software and incorporating dependencies from other libraries, because those dependencies have dependencies and that chain of dependencies can go pretty deep. There could be a vulnerability in something that is seven layers deep, and it would be very difficult to understand that is even affecting us. Therefore, Snyk provides fantastic visibility to know, "Yes, we have a problem. Here is where it ultimately comes from." It may not be with what we're incorporating, but something much deeper than that."
"The advantage of Snyk is that Snyk automatically creates a pull request for all the findings that match or are classified according to the policy that we create. So, once we review the PR within Snyk and we approve the PR, Snyk auto-fixes the issue, which is quite interesting and which isn't there in any other product out there. So, Snyk is a step ahead in this particular area."
"It is pretty stable. I would rate it nine or maybe ten."
"The initial setup is not complex."
"One of the most valuable features of Tenable.io Vulnerability Management is its exportability, which allows us to conduct risk assessments efficiently."
"Tenable.io, in particular, is quite a powerful product. It looks at your traditional environment, which is pretty much anything that is on-premises, and it also goes a step ahead and covers your modern assets, which is anything that is currently sitting in the cloud. You get complete visibility of your entire environment and tech operation. The ability to give you visibility across the entire tech surface is one of the biggest advantages that Tenable.io has."
"The interface is fine."
"The most valuable feature for me is container scanning because I am interested in CICD security."
"Technical support has been good. They respond quite quickly."
"The initial setup is very straightforward."
"The solution's integration with JFrog Artifactory could be improved."
"The documentation sometimes is not relevant. It does not cover the latest updates, scanning, and configurations. The documentation for some things is wrong and does not cover some configuration scannings for the multiple project settings."
"It would be helpful if we get a recommendation while doing the scan about the necessary things we need to implement after identifying the vulnerabilities."
"I think Snyk should add more of a vulnerability protection feature in the tool since it is an area where it lacks."
"Because Snyk has so many integrations and so many things it can do, it's hard to really understand all of them and to get that information to each team that needs it... If there were more self-service, perhaps tutorials or overviews for new teams or developers, so that they could click through and see things themselves, that would help."
"The log export function could be easier when shipping logs to other platforms such as Splunk."
"We've also had technical issues with blocking newly introduced vulnerabilities in PRs and that was creating a lot of extra work for developers in trying to close and reopen the PR to get rid of some areas. We ended up having to disable that feature altogether because it wasn't really working for us and it was actually slowing down developer velocity."
"The solution's reporting and storage could be improved."
"The one drawback that we have found is the reports."
"An area of improvement for this solution is being able to customize the dashboard. For example, the dashboard does not allow us to view a previous months vulnerability results alongside current results to make comparisons."
"The solution must provide penetration testing."
"The only drawback of the solution is that it is expensive."
"The UI has room for improvement."
"I would like the solution to cover the whole cycle of mitigation since it's an area where the solution currently lacks."
"Users get confused between VPR and CVSS ratings."
"The pricing of the solution could be more reasonable."
More Tenable Vulnerability Management Pricing and Cost Advice →
Snyk is ranked 4th in Application Security Tools with 21 reviews while Tenable Vulnerability Management is ranked 2nd in Vulnerability Management with 28 reviews. Snyk is rated 8.2, while Tenable Vulnerability Management is rated 8.2. The top reviewer of Snyk writes "A cost-effective solution that makes scanning your repositories a cinch". On the other hand, the top reviewer of Tenable Vulnerability Management writes "Though it is scalable and has an easy setup phase in place, the solution is an expensive one ". Snyk is most compared with SonarQube, Black Duck, Fortify Static Code Analyzer, Veracode and GitHub Advanced Security, whereas Tenable Vulnerability Management is most compared with Tenable Security Center, Tenable Nessus, Qualys VMDR, Microsoft Defender Vulnerability Management and Armis.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.