Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Best automated vulnerability scanner for code!
What do you like best about the product?
Reporting structure is fantastic. Ease of implementation and how fast the scanning is of the codebase.
What do you dislike about the product?
No trending in the dashboard. xxxxxxxxxx
What problems is the product solving and how is that benefiting you?
The ability to capture vulnerabilities before deployment. Gamifying the reporting between our dev teams. Seeing ROI straight away.
Recommendations to others considering the product:
If you are a Dev focused company, this is a must for security!
- Leave a Comment |
- Mark review as helpful
Snyk is a developer-focused, one-stop shop for our cloud & application security!
What do you like best about the product?
Snyk keeps on expanding its offering to cover all aspects of cloud and application security (IAC, kubernetes, containers, ...), and listens to customer input while doing that. The automation capabilities & integrations with SCMs such as Github & Gitlab greatly help to roll-out the tool for hundreds of projects.
What do you dislike about the product?
Some languages don't have all features (yet). New features are usually focused on Node.js.
What problems is the product solving and how is that benefiting you?
Snyk gives us full visibility on licensing issues, vulnerabilities & insecure cloud configurations within our repositories. The rich metadata attached to vulnerabilities allow us to focus our efforts on the most important & exploitable vulnerabilities. Since it easily integrates with our CI/CD pipelines, all developers working on a repository have instant feedback on potential vulnerabilities added in their merge requests.
The best cybersecurity solutions for modern applications
What do you like best about the product?
It's really amazing when you find a company that truly understated your needs and provide the best tools for dealing with cybersecurity with modern applications. Snyk is the best tool for cybersecurity professional to deal with the DevSecOps and the shift-left.
What do you dislike about the product?
I don't see any downsides using Snyk right now
What problems is the product solving and how is that benefiting you?
We're using snyk for dealing with open source vulnerabilities and also Snyk code for our code base vulnerabilities
Best-in-class, developer-focused security scanner
What do you like best about the product?
It is very simple to to integrate the CLI to both scan and continually monitor projects inside CI/CD pipelines and against PRs. On our Javascript, Python and Go projects, scanning is very fast and natively supports the Poetry and Yarn package managers.
The vulnerability database is very comprehensive and timely and contains a wealth of information beyond a severity score, often including PoC code, links to outstanding Github issues or PRs, HackerOne reports etc, as well as an indication of the maturity of any exploits out-in-the-wild. We have found that competing solutions tend to lag in this regard.
Snyk Advisor assists our developers when introducing new third party dependencies to go beyond popularity and consider other factors such as their license, security history and maintenance status.
The combination of the Open Source, Container and IaaC products is a very powerful combination of tools to assess security across the entire stack at the app, OS, and infra levels.
The vulnerability database is very comprehensive and timely and contains a wealth of information beyond a severity score, often including PoC code, links to outstanding Github issues or PRs, HackerOne reports etc, as well as an indication of the maturity of any exploits out-in-the-wild. We have found that competing solutions tend to lag in this regard.
Snyk Advisor assists our developers when introducing new third party dependencies to go beyond popularity and consider other factors such as their license, security history and maintenance status.
The combination of the Open Source, Container and IaaC products is a very powerful combination of tools to assess security across the entire stack at the app, OS, and infra levels.
What do you dislike about the product?
The CLI, main dashboard and reports are great, but some of the other integrations are not quite as good.
The native ECR scanner in the dashboard requires you to opt-in on a tag-basis, you can’t scan all images pushed by default without using the CLI. Snyk can automatically open PRs in Github to upgrade dependencies, but if you'd prefer to create Jira tickets that appears to be a manual process. Out-of-the-box notification support is currently limited to Slack as well.
The native ECR scanner in the dashboard requires you to opt-in on a tag-basis, you can’t scan all images pushed by default without using the CLI. Snyk can automatically open PRs in Github to upgrade dependencies, but if you'd prefer to create Jira tickets that appears to be a manual process. Out-of-the-box notification support is currently limited to Slack as well.
What problems is the product solving and how is that benefiting you?
Security is a non-negotiable part of any SDLC but we work in an industry where it is particularly paramount. Surfacing security information to our developers directly on each PR and code push allows us to shorten the feedback loop and be as proactive as possible when it comes to addressing security vulnerabilities.
Snyk also ensures we receive timely information on newly-disclosed vulnerabilities to better assess and plan mitigation work, and that we are license-compliant.
Snyk also ensures we receive timely information on newly-disclosed vulnerabilities to better assess and plan mitigation work, and that we are license-compliant.
Recommendations to others considering the product:
Consider how comprehensive and timely Snyk is in reporting vulnerabilities for your particular languages -- some may not be as comprehensive as others.
Consider whether the out-of-the-box integrations are suitable for your needs or if you will be heavily CLI-based.
Consider whether the out-of-the-box integrations are suitable for your needs or if you will be heavily CLI-based.
Security
What do you like best about the product?
Easy to use & maintain
Effective
Free for open repos
Effective
Free for open repos
What do you dislike about the product?
Pricing model
Customer support (some are really good)
Customer support (some are really good)
What problems is the product solving and how is that benefiting you?
Early security defect discovery
Easy to monitor
Easy to plan mitigation effort
Easy to monitor
Easy to plan mitigation effort
Recommendations to others considering the product:
Snyk is:
Simple to use
Cost effective
Easy to integrate
Easy to monitor
Simple to use
Cost effective
Easy to integrate
Easy to monitor
I use Snyk and maybe you should also
What do you like best about the product?
It is really easy to use. It gives good insights. It does a thorough scan. Many integrations. Responsive support team eager and available to help.
What do you dislike about the product?
It has many integrations but it can be hard to know which one to use. For example you can have it scan your repositories and you can have it scan as part of your build pipeline. I'm not sure why we decided to use the one that we did.
What problems is the product solving and how is that benefiting you?
It reports on the vulnerabilities in the open source projects I use and reminds me to upgrade them in a timely fashion. I know if I don't upgrade regularly I will see a large number of vulnerabilities.
Recommendations to others considering the product:
It is certainly worth giving it a try. The team was very generous with the trial.
Recommend to use it 👍
What do you like best about the product?
It's really easy to use and provides a perfect quality.
What do you dislike about the product?
Limit of tests run for free plan 😅But that's understandable.
What problems is the product solving and how is that benefiting you?
I find vulnerabilities in my source code on early stage.
Simplest way to improve application security is using Snyk
What do you like best about the product?
Easy to set-up and to use, without compromising on custom use-cases with the API and CLI features.
Very exceptional coverage in terms of security database, and works with the vast majority of the different programming languages we implement.
Great Features already in place and more are coming with Snyk Code (SAST) that was recently announced.
Very exceptional coverage in terms of security database, and works with the vast majority of the different programming languages we implement.
Great Features already in place and more are coming with Snyk Code (SAST) that was recently announced.
What do you dislike about the product?
The way the different projects are grouped and presented in the UI could be improved (especially if you have a lot of them, and are using multiple features, it can get confusing quickly)
Documentation: It can be troublesome to find how to use a specific feature, as the documentation is often hard to navigate.
Documentation: It can be troublesome to find how to use a specific feature, as the documentation is often hard to navigate.
What problems is the product solving and how is that benefiting you?
Give visibility on licence usage, and helps compliance on those
Gave visibility on all the issues that could arise from Open Source Vulnerabilities, and gave us a great way to prioritize and tackle the issues.
The Snyk Score displayed by the application is particularly interesting to let users prioritize what issue should be tackled first, as it takes into account Exploit maturity and impact of the vulnerability.
Gave visibility on all the issues that could arise from Open Source Vulnerabilities, and gave us a great way to prioritize and tackle the issues.
The Snyk Score displayed by the application is particularly interesting to let users prioritize what issue should be tackled first, as it takes into account Exploit maturity and impact of the vulnerability.
Recommendations to others considering the product:
Take the time to properly understand and use the functionality provided by Snyk. Trying to implement it too fast simply for compliance can make you miss out on a lot of very useful features.
Easy to integrate into your build process
What do you like best about the product?
It was very easy for us to integrate snyk into out build pipeline
What do you dislike about the product?
Sometimes you get false positives and when you check the developers website it says that it's not an actual vulnerability
What problems is the product solving and how is that benefiting you?
finding vulnerabilities in our dependencies
Engineer friendly and trust worthy.
What do you like best about the product?
Quality of results which are available in a short period of time and on top of it, the integration options.
What do you dislike about the product?
I would like to have an automatic integration with Jira when a vulnerability is discovered, not a manual process. And ability to create Jira tickets per project not in a general project.
What problems is the product solving and how is that benefiting you?
OSA and licensing. Safer usage of libs and shorter due diligence cycles.
Recommendations to others considering the product:
A top vendor to rely on!
showing 91 - 100