Sold by: Snyk
Deployed on AWS
The Snyk Runtime Sensor enables teams to better manage & prioritize application risk. Insights collected by the Snyk Runtime Sensor are incorporated into Snyk AppRisk - the developer-first ASPM platform designed to help AppSec teams better build, manage and scale their developer-first AppSec program with Snyk.
4.4
Overview
The Snyk Runtime Sensor is deployed as a Kubernetes DaemonSet. Leveraging eBPF, it extracts information about application behavior in runtime into Snyk AppRisk - the developer-first ASPM platform - to improve visibility into application risk and drive more efficient remediation and prioritization workflows.
Highlights
- Provides intelligence on applications in runtime to facilitate enhanced application discovery and improved vulnerability prioritization in Snyk AppRisk.
- Collects various runtime risk factors such as deployed images, loaded packages, etc.
- Supported in the following environments: * Kubernetes 1.19 or newer * Privileged access - either root, or the following Linux capabilities: BPF, PERFMON, SYS_RESOURCES, DAC_READ_SEARCH, SYS_PTRACE, NET_ADMIN * Cluster nodes must support BTF * Language support - Go, Java (8+), .NET (2.0.9+), Node.js (10+), Python (3.6+)
Details
Sold by
Categories
Delivery method
Supported services
Delivery option
Snyk Runtime Sensor Helm Chart
Snyk Runtime Sensor Add-on
Latest version
Operating system
Linux
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
This product is available free of charge. Free subscriptions have no end date and may be canceled any time.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Vendor refund policy
Free product - no refund policy in place.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Snyk Runtime Sensor Add-on
Supported services: Learn more
- Amazon EKS
EKS add-on
An add-on is software that provides supporting operational capabilities to Kubernetes applications but isn't specific to the application. This includes software like observability agents or Kubernetes drivers that allow the cluster to interact with underlying AWS resources for networking, compute, and storage. Add-on software is typically built and maintained by the Kubernetes community, cloud providers like AWS, or third-party vendors. Amazon EKS add-ons provide installation and management of a curated set of add-ons for Amazon EKS clusters. All Amazon EKS add-ons include the latest security patches and bug fixes, and are validated by AWS to work with Amazon EKS. Amazon EKS add-ons allow you to consistently ensure that your Amazon EKS clusters are secure and stable and reduce the amount of work that you need to do to install, configure, and update add-ons.
Version release notes
Performance enhancements
Additional details
Usage instructions
Obtain your Snyk Group ID and service account token and follow these steps: https://docs.snyk.io/integrate-with-snyk/snyk-runtime-sensor#aws-eks-deployment
Support
Vendor support
Snyk: Developer Security Platform Standard Support: Self-serve resources designed to help you quickly and successfully derive value throughout your security journey with Snyk. As part of any Snyk plan, we offer live sessions, on-demand videos, downloadable content, hands-on practice and other self-serve resources designed to help you quickly and successfully derive value throughout your security journey with Snyk. Find all of this content in the Snyk User Hub. https://snyk.io/user-hub/ Submit a ticket:
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Snyk is a developer security platform that enables application and cloud developers to secure their whole application, finding and fixing vulnerabilities from their first lines of code to their running cloud.
Secure-by-design AI code generation agent for enterprises. Enforce security policies, verify outputs, and auto-remediate vulnerabilities before code reaches your repos.
Build fast with the world's leading artifact repository manager.
The only platform to give you end-to-end visibility, security, and control
for automating delivery of trusted releases.
Customer reviews
Manseerat K.
Effortless Vulnerability Detection, But Licensing Needs Attention
Reviewed on Mar 18, 2026
Review provided by G2
What do you like best about the product?
I like that Snyk easily runs scans and even provides the versions in which vulnerabilities are fixed. This feature is valuable because it helps me identify security risks or bad implementations in my code changes without having to test and update my code and dependencies manually. I also appreciate the easy setup process; the extension for Snyk is available in Visual Studio Code, and after downloading it, I just needed to sign up and authenticate my project.
What do you dislike about the product?
I've seen that Snyk does not do that well with the vulnerabilities that are related to licensing.
What problems is the product solving and how is that benefiting you?
I use Snyk to find open source vulnerabilities, ensuring my code is secure. It helps identify vulnerabilities in third-party projects like Spring Boot and Tomcat. I like how easily it runs scans and shows fixed versions, saving testing time and improving my product's standard.
KannanPadmanabhan
Automated security checks have blocked critical code issues and protect daily banking releases
Reviewed on Feb 26, 2026
Review provided by PeerSpot
What is our primary use case?
We are a customer of Snyk , which is a SaaS solution. We are one of the tenants using Snyk services but are not doing any enhancement development. We are purely a customer availing Snyk services.
We are also using a separate DAST tool, though I am not aware of the tool name as it is managed by a different team.
We utilize two main capabilities: application vulnerability detection and SCA capabilities. The primary reason we use Snyk is for SAST , as we want to scan our applications for any security vulnerabilities and address them.
What is most valuable?
Snyk is finding all the issues we have. It suggests solutions for every vulnerability, and we are getting patches frequently. As someone from an enterprise, I want to share feedback that might help others. There are multiple teams involved in our organization. We have a separate cyber team that works with Snyk and keeps on updating, though I am not fully aware of all the details in that area.
What needs improvement?
I have not explored from that perspective. Being from an application perspective, I cannot say anything that needs real improvement. I have not explored from that angle. Till now, we did not face any scaling issues and I did not hear of any. I would rate this at 9 because I always keep one number in reserve, as there is always scope for improvement for any tool.
For how long have I used the solution?
We have been using Snyk for more than a year.
What do I think about the scalability of the solution?
Till now, we did not face any scaling issues and I did not hear of any. I would rate this at 9 because I always keep one number in reserve, as there is always scope for improvement for any tool.
How are customer service and support?
We do not raise issues directly with Snyk. We have a common team that liaises with Snyk. Whenever we have issues, we raise them with the cybersecurity team within our company who supports Snyk, and they in turn interact with Snyk.
Which solution did I use previously and why did I switch?
Earlier, I used Checkmarx, which is another SAST tool. By default, any company and any SAST tool like Checkmarx or Snyk provides a plugin.
What about the implementation team?
Snyk is integrated. I have not used it directly, though I may have used it indirectly.
What other advice do I have?
I am from an enterprise and want to share feedback that might help others. There are multiple teams involved in our organization. I am from the application team, so I know the vulnerabilities and how to fix them. However, there is a platform team that takes care of giving permission for Snyk and access levels, which I am not fully aware of. At a high level, we have a Snyk admin team in our company that gives permissions, though I do not know all the details of what they do. I cannot share feedback on the admin area, but I can share that vulnerability-wise, I am happy with what Snyk provides and the solutions it gives.
When Snyk identifies issues, our pull request process will not allow us to merge them in the first place. Snyk helps us by blocking critical issues and vulnerabilities. If someone bypassed the pull request check, we have another check in place before production release where we validate everything and block the code if it violates our standards. Based on Snyk categorization, we block issues from our end while raising a pull request and also before releasing to production.
We need Snyk because we are in the banking industry with thousands of applications. Every day, we deploy code to production, releasing almost every day except weekends, though we sometimes release on weekends for very large deployments. Anything that goes to production should not have any security vulnerabilities. Being in the banking industry and having applications used by end customers, we are dealing with end customer data. No one should steal data in any format, and with authentication, one user cannot see another user's data. Snyk is paramount and extremely important for us. Every application that goes into production must pass Snyk vulnerability scanning before it can be deployed. If you ask whether it is important, it is absolutely critical. I would rate it 10 out of 10.
Internally, whenever a Snyk scan runs, we have created GitHub Actions . Our target state is GitHub Actions everywhere. When we run the GitHub Actions, it will connect to the latest Snyk scanning through API and automatically gets all open issues, then creates a GitHub issue. First, our internal tool pulls out all Snyk security issues through the API and creates GitHub issues. We manually open a GitHub issue and give a command prompt to our AI agent. That prompt internally might work with Snyk autofix capability and gets the fixes correctly and creates a pull request. We review and check in the pull request, which is reviewed by experienced team members. This is the process we follow: create an issue based on a Snyk scan and for every issue, run a prompt so that it creates a pull request automatically with the fixes.
We do use Snyk documentation. We internally do not have many resources because we do not want to duplicate. Snyk guide is purely open and not logged in, so we use it.
Snyk documentation is extremely useful. Vulnerability-wise, I do not go to Snyk documentation frequently because in the current world, with my 25 plus years of experience, I used to fix many things manually before these tools existed. I need to know the intricacies of how to fix code. If you take 10 years back, there were tools and libraries which you could integrate with one or two lines, which solved the problem. With the current AI world, I do not even need that. If I get some issues, I do not even need to go to the Snyk website and read how to fix. I have an AI tool that can fix it if I ask it to. From an engineer's perspective, I still read the documentation. As a person who came from the manual world 25 years back, I still read the fix documentation. The documentation is very good, and being a general one, I understand the SAST world, so I did not find much problem with the documentation.
We are using Snyk, which is a SAST tool. There is a team in our organization who developed some AI agent on top of Snyk capabilities. I do not know exactly how they integrated Snyk, but our organization provides an AI agent which, if we run, automatically fixes issues and raises a pull request. In that case, we are indirectly using Snyk.
My overall rating for Snyk is 10 out of 10.
Computer & Network Security
Extensive Vulnerability Detection and Seamless CI/CD Integration
Reviewed on Dec 18, 2025
Review provided by G2
What do you like best about the product?
Snyk has an extensive and up-to-date vulnerability database which helps early detection of vulnerabilities in applications. It is very developer friendly with easy integration set-up and descriptive remediation advice for detected vulnerabilities. I use it daily running in CI/CD pipelines.
What do you dislike about the product?
Sometimes it flags false positives. Scans can take a few minutes for a medium sized repository which can slow down pipeline.
What problems is the product solving and how is that benefiting you?
Snyk scans repositories for security vulnerabilities in code and also its dependencies. Catches the vulnerabilities early before deploying to codebase.
Media Production
Intuitive, Customizable, and Seamless Integration with Snyk
Reviewed on Dec 16, 2025
Review provided by G2
What do you like best about the product?
Snyk's product features a highly intuitive GUI, making it straightforward to identify and address vulnerabilities. The platform allows you to organize developers into Orgs, which is helpful for ensuring that only specific development teams can view the vulnerabilities related to their own products. This structure also enhances the reporting capabilities. Integration with GitHub Cloud is relatively simple; you can use a GitHub app to onboard individual repositories to team orgs. Implementation is also quite manageable, provided you know which teams are responsible for which repositories and the products or services they support. Customer support is accessible online through the portal, making it easy to submit a ticket or arrange a call when needed. Snyk is fairly customisable per org too, allowing you to decide which settings you want to enable on a per team / product basis, so you can get quite granular in terms of what PR's get raised for which activities. Feedback is also provided in GitHub itself, which is useful for the developers.
What do you dislike about the product?
It's DAST product is in a seperate interface and not integrated into the Snyk product itself, I beleive this was due to it being an acquisition. Equally, their secret detection capability is not very good and they don't focus on code quality so you will need a different product for that.
What problems is the product solving and how is that benefiting you?
It's supporting us with integrating security into the development lifecycle, and moving towards shifting left, to try to enable developers to fix security issues before they release issues into their products / services.
Information Technology and Services
Accurate, Beginner-Friendly SAST Tool with CI/CD Integration
Reviewed on Nov 25, 2025
Review provided by G2
What do you like best about the product?
What I appreciate most about Snyk is its "Reachability" feature. This means that if a vulnerable or exploitable library or package is imported in the code but not actually called or used, it is identified as a false positive and does not require remediation. However, this feature is only available in the paid subscription, not in the free version. It significantly reduces the time the VAPT team spends validating issues, and also helps the DevOps team address problems more efficiently.
Another aspect I value is how quickly Snyk adapts to new CVEs. If a zero-day exploit appears, Snyk updates its CVE database within a maximum of 24 hours, helping to keep the code secure.
Another aspect I value is how quickly Snyk adapts to new CVEs. If a zero-day exploit appears, Snyk updates its CVE database within a maximum of 24 hours, helping to keep the code secure.
What do you dislike about the product?
After some months of project being imported, scanned, and tested, snyk starts providing false-positives issues as well.
What problems is the product solving and how is that benefiting you?
Snyk scans the code for the latest bugs and issues, offers remediation steps, and keeps its CVE database up to date. The entire process is automated and does not require any human intervention. Scans are scheduled daily, and Snyk sends notifications, generates alerts via email, provides remediation guidance, and can even create Jira tickets for clients. By establishing its own ecosystem, Snyk is helping to reduce the workload of the VAPT team when it comes to SAST tasks. This has been a direct benefit for me and my team, allowing us to focus more on DAST operations.