Compare Snyk vs. Veracode Software Composition Analysis
Sponsored
Use Accurics? Share your opinion.
 | Dirk Koehler Senior Director, Engineering at Zillow Group |
 | Nagaraj Sheshachalam Lead Cyber Security Engineer at Ecolab Inc. |
Find out what your peers are saying about Snyk vs. Veracode Software Composition Analysis and other solutions. Updated: March 2021.
475,208 professionals have used our research since 2012.
Quotes From Members
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
Information Not Available
"It's inexpensive and easy to license. It comes in standard package sizing, which is straightforward. This information is publicly found on their website."
"We do have some missing licenses issues, especially with non-SPDX compliant one, but we expect this to be fixed soon"
"You can get a good deal with Snyk for pricing. It's a little expensive, but it is worth it."
"Their licensing model is fairly robust and scalable for our needs. I believe we have reached a reasonable agreement on the licensing to enable hundreds of developers to participate in this product offering. The solution is very tailored towards developers and its licensing model works well for us."
"The price is good. Snyk had a good price compared to the competition, who had higher pricing than them. Also, their licensing and billing are clear."
"It's good value. That's the primary thing. It's not cheap-cheap, but it's good value."
"With Snyk, you get what you pay for. It is not a cheap solution, but you get a comprehensiveness and level of coverage that is very good. The dollars in the security budget only go so far. If I can maximize my value and be able to have some funds left over for other initiatives, I want to do that. That is what drives me to continue to say, "What's out there in the market? Snyk's expensive, but it's good. Is there something as good, but more affordable?" Ultimately, I find we could go cheaper, but we would lose the completeness of vision or scope. I am not willing to do that because Snyk does provide a pretty important benefit for us."
"Snyk is a premium-priced product, so it's kind of expensive. The big con that I find frustrating is when a company charges extra for single sign-on (SSO) into their SaaS app. Snyk is one of the few that I'm willing to pay that add-on charge, but generally I disqualify products that charge an extra fee to do integrated authentication to our identity provider, like Okta or some other SSO. That is a big negative. We had to pay extra for that. That little annoyance aside, it is expensive. You get a lot out of it, but you're paying for that premium."
"Without getting too specific, I'd say the average yearly cost is around $50,000. The costs include licensing and maintenance support."
"The Veracode price model is based on application profiles, which is how you package your components for scanning."
"Compared to other similar products, the licensing and pricing are definitely competitive. If you see Checkmarx as the market leader, then we are talking about Veracode being a fraction of the cost. You also have to consider your hidden costs: you need a team to maintain it, a server, and resources. From that point of view, Veracode is great because the cost is really a fraction of many competitors."
More Veracode Software Composition Analysis Pricing and Cost Advice »
Use our free recommendation engine to learn which Software Composition Analysis (SCA) solutions are best for your needs.
475,208 professionals have used our research since 2012.
Ask a question
Earn 20 points
Top Answer: It is easy for developers to use. The documentation is clear as well as the APIs are good and easily readable. It's a… more »
Top Answer: We would like to have upfront knowledge on how easy it should be to just pull in an upgraded dependency, e.g., even… more »
Top Answer: We have been considering Snyk in order to improve the security of our platform, in terms of Docker image security as… more »
Top Answer: There have been a lot of benefits gained from Veracode. Compared to other tools, Veracode has good flexibility with an… more »
Top Answer: Checkmarx is a very good solution and probably a better solution than Veracode, but it costs four times as much as… more »
Top Answer: The scanning could be improved, because some scans take a bit of time. Many developers have commented on the packaging… more »
Compared 19% of the time.
Compared 15% of the time.
Compared 15% of the time.
Compared 7% of the time.
Compared 3% of the time.
Compared 42% of the time.
Compared 18% of the time.
Compared 11% of the time.
Compared 8% of the time.
Compared 3% of the time.
Veracode SCA, SourceClear
At Accurics™, we envision a world where organizations can innovate in the cloud with confidence. Our mission is to enable cyber resilience through self-healing as organizations embrace cloud native infrastructure. The Accurics platform self-heals cloud native infrastructure by codifying security throughout the development lifecycle. It programmatically detects and resolves risks across Infrastructure as Code before infrastructure is provisioned, and maintains the secure posture in runtime by programmatically mitigating risks from changes. Accurics enables organizations of all sizes to achieve cloud cyber resilience through free cloud-based and open source tools such as Terrascan™.
Snyk’s mission is to help developers use open source code and stay secure. The use of open source is booming, but security is a key concern (https://snyk.io/stateofossecurity/). Snyk’s unique developer focused product enables developers and enterprise security to continuously find & fix vulnerable dependencies without slowing down, with seamless integration into Dev & DevOps workflows. Snyk is adopted by over 100,000 developers, has multiple enterprise customers (such as Google, New Relic, ASOS and others) and is experiencing rapid growth. Our investors are Canaan Partners, BOLDStart, and several successful developer tools entrepreneurs. Snyk was founded in 2015 and is headquartered in London with offices in Israel and the US. For more information, go to https://snyk.io/.
Veracode Software Composition detects open source vulnerabilities in the software development process with higher accuracy. Veracode SCA reduces false positives by prioritizing vulnerabilities in the execution path of the application. Its proprietary database contains significantly more vulnerabilities than the NVD because it datamines pull requests, bug reports, and release notes. It also looks for vulnerabilities in dependencies several layers deep. Veracode SCA is part of a comprehensive DevSecOps solution that covers multiple assessment types, enables developers, and helps organizations achieve AppSec governance.
Learn more about Accurics
Learn more about Snyk
Learn more about Veracode Software Composition Analysis
Automation Anywhere, NBA, GroundTruth, ServiceMax, Navis, Edcast
StartApp, Segment, Skyscanner, DigitalOcean, Comic Relief
Blue Prism, Advantasure, Automation Anywhere, Cox Automotive
Computer Software Company27%
Comms Service Provider15%
Financial Services Firm13%
Manufacturing Company6%
Computer Software Company29%
Comms Service Provider21%
Financial Services Firm8%
Media Company7%
Computer Software Company39%
Comms Service Provider11%
Financial Services Firm8%
Retailer5%
No Data Available
Small Business29%
Midsize Enterprise41%
Large Enterprise29%
Small Business40%
Midsize Enterprise5%
Large Enterprise55%
Small Business44%
Midsize Enterprise22%
Large Enterprise33%
Find out what your peers are saying about Snyk vs. Veracode Software Composition Analysis and other solutions. Updated: March 2021.
475,208 professionals have used our research since 2012.
Snyk is ranked 2nd in Software Composition Analysis (SCA) with 16 reviews while Veracode Software Composition Analysis is ranked 7th in Software Composition Analysis (SCA) with 8 reviews. Snyk is rated 8.6, while Veracode Software Composition Analysis is rated 7.8. The top reviewer of Snyk writes "Helps Avoid The Pain And The Cost Of Trying To Retrofit Security in your Code". On the other hand, the top reviewer of Veracode Software Composition Analysis writes "Provides extensive guidance for writing secure code and pointing to vulnerable open source libraries". Snyk is most compared with WhiteSource, SonarQube, Black Duck, JFrog Xray and CoreOS Clair, whereas Veracode Software Composition Analysis is most compared with Black Duck, JFrog Xray, WhiteSource, Sonatype Nexus Lifecycle and FOSSA. See our Snyk vs. Veracode Software Composition Analysis report.
See our list of best Software Composition Analysis (SCA) vendors.
We monitor all Software Composition Analysis (SCA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.