Listing Thumbnail

    Snyk: Developer Security Platform

     Info
    Sold by: Snyk 
    Snyk is a developer security platform that enables application and cloud developers to secure their whole application, finding and fixing vulnerabilities from their first lines of code to their running cloud. Snyk partners closely with AWS to provide a security platform that helps developers scan applications for vulnerabilities in code, open source dependencies, containers and IaC configurations, accelerating their app modernization and migration to the cloud - securely. Built on a comprehensive, proprietary vulnerability database, Snyk's solution provides tight integration into existing developer workflows, source control (including Bitbucket, GitLab, GitHub) tooling, CI/CD pipelines, registries and even Kubernetes clusters in order to meet developers wherever they work and help drastically reduce mean-time-to-fix.
    0 AWS reviews
    |
    120 external reviews
    View purchase options
    Listing Thumbnail

    Snyk: Developer Security Platform

     Info
    Sold by: Snyk 
    View purchase options

    Overview

    Play video

    Product video

    Application Security: Snyk is an essential application security technology because it provides end to end monitoring and mitigation steps that integrate into developers existing workflows.

    Snyk solutions include:

    Snyk Code: A developer first SAST tool aimed at making fixes easy and efficient

    Snyk Open Source: A software composition analysis (SCA) tool that uncovers and prioritizes open source vulnerabilities

    Snyk Container: A tool that helps secure containers from base image to runtime

    Snyk IaC: A tool that helps developers write secure IaC configurations

    Snyk AppRisk: A solution designed to empower application security teams with the comprehensive Application Security Posture Management (ASPM) workbench they need to govern and scale their security programs, as well as minimize risk arising from applications. Snyk AppRisk is the industrys first ASPM solution that creates seamless collaboration between developer and security teams to address cybersecurity challenges, while also delivering C Suite stakeholders visibility into software supply chain risk posture and their overall AppSec program performance.

    Software Supply Chain: Snyk can help you understand and manage supply chain security, from enabling secure design to tracking dependencies to fixing vulnerabilities.

    Build an SBOM in seconds: Scan your apps to create a software bill of materials, identifying all your components and how they interact.

    Fix more security issues faster: Get remediation advice and automatically generate fix PRs right from the tools teams use.

    Cloud Security: Snyk detects cloud security issues starting right from the design phase, providing expert guidance to developers and security teams right from the tools and workflows they already use.

    Cloud security right from the start: Design, deploy, and operate securely using tools built for engineers backed by policy as code automation.

    Vuln remediation advice in real time: Get fix recommendations right from your workflows, backed by industry leading security intelligence.

    Security from code to cloud and back: Catch issues at runtime in your cloud and containers, detect infrastructure drift, and fix issues at their source.

    Secure AI generated code as it is written: Pair AI coding tools with Snyk to ensure that code is written quickly and securely from the start, decreasing the security teams workload.

    Please reach out today for customized solutions, Enterprise tier pricing, Multi year pricing and private offers.

    Sales@Snyk.io 

    Highlights

    • Helios acquisition Turbocharges Snyk's ASPM Vision and Solutions with Customers Gaining Runtime Context. Many enterprises aspire, but struggle, to have a deep understanding of their apps from cloud-to-code, in order to get a full picture of their overall risk. In direct response, Snyk will now combine Helios' full-stack runtime data collection and insights with the power of the Snyk Developer Security Platform.
    • Snyk Team Plan: For development teams looking to build security into their development process and automate security without running into testing limits. Minimum 5 developers required per plan, up to 10 contributing developers. STARTING AT $25 per product/monthly, minimum 5 devs / $1,375 annually Unlimited tests License compliance Jira integration
    • Enterprise Plan: Standardize developer-first security across an organization, with centralized policy governance. Unlimited tests per product purchased License compliance Jira integration Rich API Reports Custom user roles Security policy management *Contact Snyk sales for a customized solution and Enterprise pricing

    Details

    Sold by
    Snyk 
    Categories
    Application Development 
    Security 
    Delivery method

    Features and programs

    Financing for AWS Marketplace purchases

    AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
    Financing for AWS Marketplace purchases
    View financing details

    Pricing

    Snyk: Developer Security Platform

     Info
    View purchase options
    Pricing is based on contract duration. You pay upfront or in installments according to your contract terms with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.

    12-month contract (2)

     Info
    Dimension
    Description
    Cost/12 months
    Application Security Bundle QTY 10
    Includes Snyk Open Source, Code and Container QTY 10
    $12,100.00
    Supply Chain Bundle QTY 20
    Snyk Open Source + container for 20 contributing developers
    $12,350.00

    Vendor refund policy

    All fees are non-cancellable and non-refundable except as required by law.

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    Software as a Service (SaaS)

    SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.

    Resources

    Vendor resources

    Additional support 

    Support

    Vendor support

    Standard Support: Self-serve resources designed to help you quickly and successfully derive value throughout your security journey with Snyk. As part of any Snyk plan, we offer live sessions, on-demand videos, downloadable content, hands-on practice and other self-serve resources designed to help you quickly and successfully derive value throughout your security journey with Snyk. Find all of this content in the Snyk User Hub. https://snyk.io/user-hub/ 

    Submit a ticket:

    Get support

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Get support

    Product comparison

     Info
    Updated weekly
    Snyk: Developer Security Platform
    By Snyk
    JFrog Software Supply Chain Platform
    By JFrog
    Digital.ai
    By Digital.ai

    Accolades

     Info
    Top
    10
    In Application Development
    Top
    10
    In Continuous Integration and Continuous Delivery
    Top
    25
    In Agile Lifecycle Management

    Customer reviews

     Info
    AI generated sentiment from actual customer reviews on AWS and G2
    Reviews
    Functionality
    Ease of use
    Customer service
    Cost effectiveness
    120 reviews 
    Positive
    Positive
    Mixed
    Positive
    86 reviews 
    Positive
    Positive
    Mixed
    Mixed
    0 reviews
    Insufficient data
    Insufficient data
    Insufficient data
    Insufficient data
    Positive reviews
    Mixed reviews
    Negative reviews

    Overview

     Info
    AI generated from product descriptions
    Vulnerability Scanning
    Scan applications for vulnerabilities in code, open source dependencies, containers and IaC configurations
    Vulnerability Remediation
    Provide remediation advice and automatically generate fix pull requests right from the tools teams use
    Software Composition Analysis
    Uncover and prioritize open source vulnerabilities
    Infrastructure as Code Security
    Help developers write secure IaC configurations
    Application Security Posture Management
    Empower application security teams with a comprehensive workbench to govern and scale their security programs, and minimize risk arising from applications
    Universal Artifact Management
    Supports over 30 natively supported package and file types, including ML models and generic repositories.
    Comprehensive Security
    Provides an enterprise-grade security solution integrated across the entire software development lifecycle, eliminating tool sprawl and alert fatigue. Includes contextual analysis, vulnerability prioritization, anti-tampering mechanisms, and signed provenance to ensure best practices and compliance.
    Secure Distribution
    Enables fast, secure distribution of verified, multi-repository release bundles to sync large-scale geo-distributed teams and accelerate deployments to any target: on-premises, cloud, or connected devices.
    Traceability
    Provides full traceability to any type of release and deployment environment, including ML models, software that runs on the edge, and software deployed in production data centers.
    Scalability
    Offers a massively scalable, hybrid platform on AWS that is flexible and integrated with all the software package technologies and tools comprising the modern software supply chain.
    Unified DevOps Platform
    Integrate DevOps and Security capabilities to enable continuous delivery of software.
    AI-Powered Analytics
    Generate predictive insights that provide the intelligence to make smarter investments.
    Enterprise Connectivity
    Connect to existing processes, applications and infrastructure to propel innovation that find new market opportunities.
    Agile Planning
    An industry-leading enterprise agile planning solution that drives consistency and efficiency by scaling agile practices across all levels, from teams to the entire product portfolio.
    Application Security
    Build secure software as part of your DevSecOps practice by inserting protections as part of your build. These new protections prevent bad actors from tampering with or reverse-engineering your applications, thus preventing your applications from becoming attack vectors for back-office breaches, credential theft, cryptojacking, script injection, keylogging, or IP theft.

    Contract

     Info
    Standard contract
    No
    No
    No

    Customer reviews

    Write a review

    Ratings and reviews

     Info
    0 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    0%
    0%
    0%
    0%
    0%
    0 AWS reviews
    |
    120 external reviews
    External reviews are sourced from G2  and are not included in the star rating for this product.
    Computer & Network Security

    Bad Customer support, Lots of bugs and a non-working product

    Reviewed on Aug 21, 2024
    Review provided by G2
    What do you like best about the product?
    Integrate with most major code repo's. but the integration is not amazing.
    What do you dislike about the product?
    Customer support is slow to respond, usually not helpful and ended up escalating to a developer, that's when we lost all contact and did not get a solution to a clear bug that prevents us from using the product.
    Another really important note around SBOM, the CLI does not provide all the information that you get from the UI, the solution provided was to use another tool to extract data. not sure why we pay for a product if we need to use outside, 3rd party tools to get the information we need.
    What problems is the product solving and how is that benefiting you?
    Security scanning, SBOM.
    Leave a comment0 comments
    Nitish U.

    Very Good SAST tool to begin with

    Reviewed on Aug 19, 2024
    Review provided by G2
    What do you like best about the product?
    Integration with both Bitbucket and Github, policy as a code,
    What do you dislike about the product?
    Too much unnecessary false positives, policy overrides, hard and complex to manage and track alerts
    What problems is the product solving and how is that benefiting you?
    Help in reducing efforts on Manual VAPT, helps in identifying muliple vuln in a single package thus reduces effort to mitigate vuln with minimum number of upgrades and patches
    Leave a comment0 comments
    Information Technology and Services

    Very helpful and feature rich tool

    Reviewed on Jul 13, 2024
    Review provided by G2
    What do you like best about the product?
    Great integration with version control tools like Github and Bitbucket
    What do you dislike about the product?
    Initially when using Snyk it was a bit confusing, but since then they have improved all the UX and features.
    What problems is the product solving and how is that benefiting you?
    Using Snyk as our primary security tool offers us a lot of benefits from SAST to vulnerabiltiy scanning.
    Leave a comment0 comments
    Ryan C.

    Very quick to find security issues with code bases

    Reviewed on Mar 20, 2024
    Review provided by G2
    What do you like best about the product?
    I think it is so easy to use. I like that it includes solutions to the issues I have, it can quickly scan a codebase and will constantly scan it. We had no issues including it into our code base.
    What do you dislike about the product?
    The solutions sometimes overlap and don't coincide. Another issue I could say would be pricing.
    What problems is the product solving and how is that benefiting you?
    We have had some security issues in the code base we never would have realized without it.
    Leave a comment0 comments
    Import and Export

    Great vulnerability scanning tool

    Reviewed on Feb 03, 2024
    Review provided by G2
    What do you like best about the product?
    -Easy integration available for GIthub
    -Vulenrabilities false positive rate is slightly better than other tools
    -Can be easily integrated within CI/Cd pipline.
    -Automatic code scanning and report generation available
    -Works with almost all languages
    -Very straightforward to use
    What do you dislike about the product?
    -Sometimes vulenrability reported are false positive and also rarely misses some of the genuine vulnerabilities.
    What problems is the product solving and how is that benefiting you?
    Snyk is a part of the CI/CD pipleline and performs static code scanning and basic sanity check of the code as a first level of testing. Snyk also provides remedition which is very useful. It has built in support for Github so we leverage snyk to perform regular scans on our codebase.
    Leave a comment0 comments
    View all reviews