Overview

The Snyk Runtime Sensor is deployed as a Kubernetes DaemonSet. Leveraging eBPF, it extracts information about application behavior in runtime into Snyk AppRisk - the developer-first ASPM platform - to improve visibility into application risk and drive more efficient remediation and prioritization workflows.

Highlights

Provides intelligence on applications in runtime to facilitate enhanced application discovery and improved vulnerability prioritization in Snyk AppRisk.
Collects various runtime risk factors such as deployed images, loaded packages, etc.
Supported in the following environments: * Kubernetes 1.19 or newer * Privileged access - either root, or the following Linux capabilities: BPF, PERFMON, SYS_RESOURCES, DAC_READ_SEARCH, SYS_PTRACE, NET_ADMIN * Cluster nodes must support BTF * Language support - Go, Java (8+), .NET (2.0.9+), Node.js (10+), Python (3.6+)

Details

Sold by

Snyk

Features and programs

Financing for AWS Marketplace purchases

AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.

View financing details

Quick Launch

Leverage AWS CloudFormation templates to reduce the time and resources required to configure, deploy, and launch your software.

Learn more

Pricing

Snyk Runtime Sensor

Info

View purchase options

This product is free. Subscriptions have no end date and can be canceled anytime.

Vendor refund policy

Free product - no refund policy in place.

Legal

Vendor terms and conditions

Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

Content disclaimer

Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

Usage information

Info

Delivery method

Version

Delivery details

Snyk Runtime Sensor Add-on

Supported services: Learn more

Amazon EKS

EKS add-on

An add-on is software that provides supporting operational capabilities to Kubernetes applications but isn't specific to the application. This includes software like observability agents or Kubernetes drivers that allow the cluster to interact with underlying AWS resources for networking, compute, and storage. Add-on software is typically built and maintained by the Kubernetes community, cloud providers like AWS, or third-party vendors. Amazon EKS add-ons provide installation and management of a curated set of add-ons for Amazon EKS clusters. All Amazon EKS add-ons include the latest security patches and bug fixes, and are validated by AWS to work with Amazon EKS. Amazon EKS add-ons allow you to consistently ensure that your Amazon EKS clusters are secure and stable and reduce the amount of work that you need to do to install, configure, and update add-ons.

Version release notes

Snyk Runtime Sensor Release version 1.32.0

Additional details

Usage instructions

Obtain your Snyk Group ID and service account token and follow these steps: https://docs.snyk.io/manage-risk/snyk-apprisk/integrations-for-snyk-apprisk/snyk-runtime-sensor

Support

Vendor support

Snyk: Developer Security Platform Standard Support: Self-serve resources designed to help you quickly and successfully derive value throughout your security journey with Snyk. As part of any Snyk plan, we offer live sessions, on-demand videos, downloadable content, hands-on practice and other self-serve resources designed to help you quickly and successfully derive value throughout your security journey with Snyk. Find all of this content in the Snyk User Hub. https://snyk.io/user-hub/ Submit a ticket:

Get support

AWS infrastructure support

AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

Get support

Similar products

Snyk: Developer Security Platform

By Snyk

Snyk is a developer security platform that enables application and cloud developers to secure their whole application, finding and fixing vulnerabilities from their first lines of code to their running cloud. Snyk partners closely with AWS to provide a security platform that helps developers scan applications for vulnerabilities in code, open source dependencies, containers and IaC configurations, accelerating their app modernization and migration to the cloud - securely. Built on a comprehensive, proprietary vulnerability database, Snyk's solution provides tight integration into existing developer workflows, source control (including Bitbucket, GitLab, GitHub) tooling, CI/CD pipelines, registries and even Kubernetes clusters in order to meet developers wherever they work and help drastically reduce mean-time-to-fix.

View product

Snyk: Developer Security Platform (Free Tier)

By Snyk

Develop fast, stay secure. Snyk enables more than 2.2 million developers to find and fix vulnerabilities in their code, open source libraries, containers and configuration files.

View product

JuiceShop - OWASP Top 10 Web Applications Vulnerable App Examples

By Contrast Security

JuiceShop - OWASP Top 10 Web Applications Vulnerable App Examples

View product

VulnPY - OWASP Top 10 Example Vulnerable Web Applications

By Contrast Security

VulnPY - OWASP Top 10 Example Vulnerable Web Applications

View product

Customer reviews

Write a review

Ratings and reviews

Info

0 ratings

5 star

4 star

3 star

2 star

1 star

0 AWS reviews

120 external reviews

External reviews are sourced from G2 and are not included in the star rating for this product.

Computer & Network Security

Bad Customer support, Lots of bugs and a non-working product

Reviewed on Aug 21, 2024

Review provided by G2

What do you like best about the product?

Integrate with most major code repo's. but the integration is not amazing.

What do you dislike about the product?

Customer support is slow to respond, usually not helpful and ended up escalating to a developer, that's when we lost all contact and did not get a solution to a clear bug that prevents us from using the product.
Another really important note around SBOM, the CLI does not provide all the information that you get from the UI, the solution provided was to use another tool to extract data. not sure why we pay for a product if we need to use outside, 3rd party tools to get the information we need.

What problems is the product solving and how is that benefiting you?

Security scanning, SBOM.

Leave a comment 0 comments

Nitish U.

Very Good SAST tool to begin with

Reviewed on Aug 19, 2024

Review provided by G2

What do you like best about the product?

Integration with both Bitbucket and Github, policy as a code,

What do you dislike about the product?

Too much unnecessary false positives, policy overrides, hard and complex to manage and track alerts

What problems is the product solving and how is that benefiting you?

Help in reducing efforts on Manual VAPT, helps in identifying muliple vuln in a single package thus reduces effort to mitigate vuln with minimum number of upgrades and patches

Leave a comment 0 comments

Information Technology and Services

Very helpful and feature rich tool

Reviewed on Jul 13, 2024

Review provided by G2

What do you like best about the product?

Great integration with version control tools like Github and Bitbucket

What do you dislike about the product?

Initially when using Snyk it was a bit confusing, but since then they have improved all the UX and features.

What problems is the product solving and how is that benefiting you?

Using Snyk as our primary security tool offers us a lot of benefits from SAST to vulnerabiltiy scanning.

Leave a comment 0 comments

Ryan C.

Very quick to find security issues with code bases

Reviewed on Mar 20, 2024

Review provided by G2

What do you like best about the product?

I think it is so easy to use. I like that it includes solutions to the issues I have, it can quickly scan a codebase and will constantly scan it. We had no issues including it into our code base.

What do you dislike about the product?

The solutions sometimes overlap and don't coincide. Another issue I could say would be pricing.

What problems is the product solving and how is that benefiting you?

We have had some security issues in the code base we never would have realized without it.

Leave a comment 0 comments

Import and Export

Great vulnerability scanning tool

Reviewed on Feb 03, 2024

Review provided by G2

What do you like best about the product?

-Easy integration available for GIthub
-Vulenrabilities false positive rate is slightly better than other tools
-Can be easily integrated within CI/Cd pipline.
-Automatic code scanning and report generation available
-Works with almost all languages
-Very straightforward to use

What do you dislike about the product?

-Sometimes vulenrability reported are false positive and also rarely misses some of the genuine vulnerabilities.

What problems is the product solving and how is that benefiting you?

Snyk is a part of the CI/CD pipleline and performs static code scanning and basic sanity check of the code as a first level of testing. Snyk also provides remedition which is very useful. It has built in support for Github so we leverage snyk to perform regular scans on our codebase.

Leave a comment 0 comments

View all reviews