17 years helping Canadian businesses
choose better software
About Snyk
Snyk's Developer Security Platform puts security expertise in the toolbox of every developer.
We can identify security vulnerabilities during the development and fix them. Its easy to use, and the depth at which the scans are performed to find the vulnalerabities is great.
I look forward to more information on vulnerability resolution in the platform.
Filter reviews (17)
Usage
Sort by
Filter reviews (17)
Security Sorted
Comments: So far our company has adopted Snyk across our SDLC and incorporated it into our repos and pipelines and have enjoyed our experience with using Snyk so far.
Pros:
Snyk simplifies security. It can scan your for vulnerabilities during development or when your run a pipeline in azure dev ops. This raises issues before they make it to production so you have the comfort of knowing that new and existing packages have no known security vulnerabilities. I also really like the ability to one click fix issues within Synk where it can automatically fix the issue and create a PR within azure devops - this simplifies the process and saves time.
Cons:
Not all issues have a 1 click fix which is understandable.
A necessary and reliable companion in the fight for security
Comments: Snyk is allowing us to make good use of the wealth of great open source software out there, without compromising on security.
Pros:
As a long time fan of open source software, keeping track of security issues amidst an ever growing software stack was increasingly an impossible task. I was so grateful to find a service like Snyk that does the hard work for me - keeping an eye on any security issues so I can focus on building great software!
Cons:
The pricing structure gets extremely expensive for medium to large companies, but thankfully for smaller organisations there is a free tier which covers our needs.
Good SCA
Pros:
Nice component analysis tool, great interface and dashboards. Very fast and easy deployment and use.
Cons:
SAST component is very weak and don’t support increment scanning.
Best tool for addressing the concerns of using open source libraries.
Comments: When I started using Snyk I found the reports useful but still too easy to ignore. So I added Snyk to build pipelines to fail builds that included high risk vulnerabilities. Snyk is now even better and warns me before I even merge my pull requests. In a world where the time from vulnerability being announced to exploit being used is decreasing rapidly it is crazy not to use a service like this. Snyk is by far the best tool I have found in this area
Pros:
Objective reports on vulnerabilities in code we produce GitHub Integration
Cons:
Having open source builds count towards your paid count if you are not careful
One of the best vulnerability scanning tools around
Pros:
Have been using Snyk for around 1 year now and it's one of the tool which we can't avoid though it annoys us now and then by finding new vulnerabilities in our packages and forcing us to mitigate the risk. They provide details of the vulnerability and in most cases the version to fix it. It integrates very well with the build pipelines and other CI/CD tools along with a nice IntelliJ plugin.
Cons:
Sometimes the UI is confusing and access management is a bit vague.
A must have for all node.js dev
Comments: Has delivered value from the day I started using it. I hope you will enjoy it too.
Pros:
Concise reporting and the vulnerability scan is excellent regarding categorization of issues.
Cons:
Nothing really. It is excellent as it is.
A good easy to use security tool
Comments: We were looking to have a quick method of checking for vulnerabilities in open source, Snyc fir that bill perfectly. It was fast to set up and the cost was quite low. A great tool.
Pros:
I liked the easy of setting the tool up. I did not have to spend a lot of time configuring this tool.
Cons:
The user interface can be a bit short on details. When I go to use it, there are really just a few items that say "everything is fine".
Snyc guards open source
Comments: Snyc guards our Node.js projects in our Medical applications
Pros:
Active scan for malicious software. Freeware model for small businesses with single project. Nice dashboard and nice CLI for SSH access.
Cons:
The cheapest paid plan should cost a bit less
Your security agent
Comments: Overall, the plugin is pretty handy to get started with but I would like to see smarter analysis.
Pros:
The automated repository analysis is pretty good and can be easy to plug into your PR (pull request) validator
Cons:
The security analysis is very primitive and often flags false positive which has to be fixed with manual override or skipping the PR validation check
Very useful tools
Comments: As a beta stage startup I appreciate the free offering and expect Snyk usage to grow with our business.
Pros:
Snyk was easy to setup and use. The weekly reports are a great way to regularly check in on overall package health. The alerts on new vulnerabilities are very useful and enable us to respond to important issues rapidly.
Cons:
No problems using the tool so far. I look forward to more information on vulnerability resolution in the platform.
Reviews on Snyk
Pros:
We can identify security vulnerabilities during the development and fix them. Its easy to use, and the depth at which the scans are performed to find the vulnalerabities is great.
Cons:
Nothing as much, but the pricing is expensive.
Works well
Comments: Helpful tool that integrates seamlessly and works as advertised.
Pros:
Snyk is easy to use, provides clear feeback, integrates well into GitHub
Cons:
Doesn't always update its results the fastest
be the Snykiest
Comments: i enjoyed using snyk so not bad
Pros:
it gave me really useful code to add to mine in really creative ways I didn't think about before using it
Cons:
your barely get any suggestions till you start typing, i feel this takes a lot of creativity out. just my opinion
Convenience and piece of mind
Pros:
It took only seconds to set up, yet works for my projects every day. Knowing what my venerabilities are during the development phase allows the evaluation of the concern prior to code ever seeing production
Cons:
I wish it had a way to automatically inform the creators in the chain of dependencies so we as developers did not have to.
Great service
Comments: Helps me keep on top of the dependent packages that my software relies on and motivates me to help in open source software with issue reporting or making PRs if I can.
Pros:
Informative email messages when vulnerabilities are found in dependencies. Very clear explanations. I also appreciate the email newsletters.
Cons:
So far nothing. It seems to fit my use-case really well.
Must have for UI development
Pros:
Quick results for vulnerabilities scanning
Cons:
I did not like the user interface. You should provide some dashboard
Testing Snyc
Pros:
It is fast at making the fixes it explains thing well
Cons:
that I don't understand if the changes will break my code