TrustRadius Insights for Snyk are summaries of user sentiment data from TrustRadius reviews and, when necessary, third party data sources.
Pros
Integration with CI/CD tools: Users appreciate Snyk's integration with CI/CD tools, finding it beneficial for their development process. Several reviewers have mentioned how this integration has improved their workflow and made it easier to incorporate security measures into their continuous integration and deployment pipelines.
Identifying and updating code to keep it secure: The ability to identify and update code to keep it secure is seen as a valuable feature by users. Many reviewers have praised Snyk for its effectiveness in pinpointing vulnerabilities in their codebase and providing guidance on how to resolve them, ensuring that their software remains secure.
Helpful in identifying issues with dependencies: Users find Snyk helpful in identifying issues with dependencies and providing upgrade pathways for resolving them. Numerous reviewers have mentioned that Snyk's dependency scanning capabilities have been instrumental in uncovering vulnerabilities and guiding them towards the necessary updates or patches.
We have been using Snyk for over 4 years now, Snyk Code in comparison to its peers gives a very precise outline of code level vulnerabilities, it has a very low false positive rate and the coverage across languages is also something which addresses a vast range of product portfolio. All in all, when compared to its peers we find Snyk Code giving a better ROI and empowers the developers in a much more positive way than others.
Pros
The Snyk Code IDE plugin is something that really works very well and brings out the true shift left story by providing very accurate findings and equally good mitigation solutions to the developers.
The fact that even at the level of enterprise the ability to collate all the snyk code information on to a common dashboard is also something which adds a lot of value.
Improve compliance & risk management
Snyk has been exceptional throughout the entire selection, on-boarding, and implementation process
Cons
The tool itself has many capabilities but using them operationally within the platform on a day to day basis for managing vulnerabilities is not a good experience.
Our company was in desparate need of a tool to help us manage vulnerabilities so we could achieve a SOC 2 assurance report without findings.
Likelihood to Recommend
Snyk Code provides detailed insights into potential security issues, helping you identify vulnerabilities in the early stage and it saves time with the IDE integration and also they have lots of integration with different SCM and it's very easy to onboard the projects and scan it on weekly basics.
VU
Verified User
Engineer in Engineering (E-Learning company, 10,001+ employees)
Snyk is an integral part of our development process. It is fully integrated into our deployment process to ensure that Snyk scans any new code to identify security issues. We trust this tool to support our effort for clean and secure code. It is sometimes verbose but almost always correct on issues it identifies or areas of concern.
Pros
Identify potential security issues.
Analyse library dependencies.
Secure code as it is written close to development.
Cons
Setting up is complex and when not do no properly provides too many false positives.
We use another tool in parallel because it does not cover all of our languages especially for older code that is in mixed languages.
Integrating it with bitbucket was not straight forward.
Likelihood to Recommend
Snyk is a good tool to give you some confidence in the quality and security of your code. There is always old code; no matter how much teams would like to get rid of it, it is not easy or cost-effective most times. Snyk struggles a bit with old monoliths and services and complex code with sometimes very old libraries.