TrustRadius

Lacework vs. Snyk

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Lacework
Score 7.1 out of 10
N/A
Lacework is a cloud-native application protection platform offered as-a-Service; delivering build-time to run-time threat detection, behavioral anomaly detection, and cloud compliance across multicloud environments, workloads, containers, and Kubernetes.N/A
Snyk
Score 8.1 out of 10
N/A
Snyk’s Developer Security Platform automatically integrates with a developer’s workflow and helps security teams to collaborate with their development teams. It boasts a developer-first approach that ensures organizations can secure all of the critical components of their applications from code to cloud, driving developer productivity, revenue growth, customer satisfaction, cost savings and an improved security posture. The vendor states Snyk is used by 1,200 customers worldwide today, including…
$0
Pricing
LaceworkSnyk
Editions & Modules
No answers on this topic
Free
$0
Team (Snyk Open Source or Snyk Container or Snyk Infrastructure as Code)
$23
per month per user
Business (Snyk Open Source or Snyk Container or Snyk Infrastructure as Code)
$42
per month per user
Team (Snyk Open Source + Snyk Container + Snyk Code + Snyk Infrastructure as Code)
$98
per month per user
Business (Snyk Open Source + Snyk Container + Snyk Code + Snyk Infrastructure as Code)
$178
per month per user
Enterprise
Contact Sales
Offerings
Pricing Offerings
LaceworkSnyk
Free Trial
NoYes
Free/Freemium Version
NoYes
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional DetailsPricing is dependent on the number of developers selected, the number of products selected, and the payment term selected. Please visit the Snyk plans page for an interactive pricing calculator.
More Pricing Information
Community Pulse
LaceworkSnyk
User Ratings
LaceworkSnyk
Likelihood to Recommend
7.1
(0 ratings)
8.0
(0 ratings)
User Testimonials
LaceworkSnyk
Likelihood to Recommend
Lacework is well suited for behavioral analysis. One thing to consider thought is in the early stages there will be quite a bit of noise generated by Lacework. There will be a higher volume alerts generated initially - until a good baseline is generated. Overall Lacework is good with alert handling - integration with Slack is good.
DS
Dan Soble
VP Engineering
Read full review
1) SAST Code Scan 2) Infra Code Scan 3) Docker Image Scan 4) SAS solution and provides good integration with various SCMS
MS
Manas Singh
IT Architect
Read full review
Pros
  • The detailed visibility of all our container across multiple accounts is great.
  • Anomaly-based detection allows us to focus our efforts and time on other events. Integrations with Jira, Slack, etc. are very easy to set up.
  • The lacework team is very helpful before and during purchase.
Verified User
Anonymous
Read full review
  • Integration in CI/CD pipeline.
  • Periodic reporting is also an option.
  • Clear separation of issues/categories.
  • Insightful reasoning for issue and suggested solutions.
Verified User
Anonymous
Read full review
Cons
  • Not all runtime behaviour alerts offer enough data to decide whether or not something is malicious. Having even more data (e.g., what process is doing a specific action) would help.
Verified User
Anonymous
Read full review
  • Setting up is complex and when not do no properly provides too many false positives.
  • We use another tool in parallel because it does not cover all of our languages especially for older code that is in mixed languages.
  • Integrating it with bitbucket was not straight forward.
AC
Alex Campos
Head of Engineering
Read full review
Usability
No answers on this topic
Developer-Centric Design - Snyk integrates directly into IDEs (like VS Code and IntelliJ), CI/CD pipelines, GitHub/GitLab, and container registries. Clear, Actionable Vulnerability report issues are categorized by severity.


Reports include fix recommendations, pull request suggestions, and links to remediation advice.
Verified User
Anonymous
Read full review
Alternatives Considered
Compared to Sysdig Falco (the free open-source IDS), Lacework helps security teams by providing actionable alerts and a user-friendly interface that gives you an overview of all workloads being monitored, and detailed insights into these workloads if needed. Falco requires you to build your own integration and interface around it, including a mechanism to whitelist certain alerts. This made it harder for the security team to focus their time on potential intrusions.
Verified User
Anonymous
Read full review
Developer-Centric Design


Snyk integrates seamlessly into the dev workflow (IDEs, Git, CI/CD).


Tools like Veracode/Fortify are security team-centric, with less developer engagement.


Unlike WhiteSource or Sonatype, Snyk has a faster learning curve and actionable fixes.
Verified User
Anonymous
Read full review
Return on Investment
  • Being a FinTech company, financial institutions who partner with us want to know that we are appropriately maintaining a Security, Risk and Compliance program that maintains a level of comfort for their vendor management. Lacework gives us the ability to monitor and maintain a level of security for our infrastructure that puts our partners at ease, reduces the revenue cycle for new partners and opens doors to the future.
Richard Russell | TrustRadius Reviewer
Richard Russell
Director of Information Security & IT Infrastructure
Read full review
  • The API is extensive enough for many integration options.
  • API keys are rotated on a non-preferred time schedule. There's no way to configure this.
  • We had a great experience with the support team and success managers while setting up the product and onboarding projects into the tool
Verified User
Anonymous
Read full review
ScreenShots