Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Snyk is a great tool
What do you like best about the product?
Integrations with Bitbucket and Jira
Clean user interface
Clean user interface
What do you dislike about the product?
Unable to mass delete CLI projects must like imported repos
What problems is the product solving and how is that benefiting you?
Software vulnerabilities and potential licensing issues
- Leave a Comment |
- Mark review as helpful
Great and versatile SCA tool for dev and ops.
What do you like best about the product?
We can finally identify security vulnerabilities during the development and fix them before we move forward.
The result is clear and can save you time with proactive feedback and money by saving computational resources used by CI pipelines.
The result is clear and can save you time with proactive feedback and money by saving computational resources used by CI pipelines.
What do you dislike about the product?
Snyk Portal may require some attention to UX as many have already mentioned.
There are many settings enabled by default that should be asked before starting using the service.
I would suggest some sort of skippable pre-configuration view (like a wizard), so users can have an idea of what features are available/enabled.
There are many settings enabled by default that should be asked before starting using the service.
I would suggest some sort of skippable pre-configuration view (like a wizard), so users can have an idea of what features are available/enabled.
What problems is the product solving and how is that benefiting you?
I can shift sec during the development process, which decreases the roundtrip when discovering new vulnerabilities during releases.
I am in the process of bringing SNYK into our organization in order to secure code
What do you like best about the product?
IDE integration
Scanning for vulns and misconfiguration with details and remediation suggestions as well as references.
Scanning for vulns and misconfiguration with details and remediation suggestions as well as references.
What do you dislike about the product?
Bundle Pricing can be a bit high. More options outside of bundles for pricing would be appreciated.
What problems is the product solving and how is that benefiting you?
SNYK is bringing security right to the IDE and containers where DevOps perform their work and helping integrate Sec in DevSecOps.
Recommendations to others considering the product:
Take a look at the demo and try the community version. I already have developer friends that are really enjoying the community version.
Constant security and shifting left with Snyk
What do you like best about the product?
Snyk can integrate with GitHub and constantly scan certain repositories for vulnerabilities and not just when new code is pushed to the repository, allowing the application to be secure even when it is not being worked upon. Excellent UI with great reporting and filtering capabilities, that is easy and intuitive to use. Snyk can automatically create pull requests for fixing fixable vulnerabilities and allowing the code owner to fix issues fast and easily.
What do you dislike about the product?
Snyk lacks the ability to export the data regarding the vulnerabilities to an external vendor such as Datadog, allowing the customer to graph, alert and process the data. Another great addition to a great tool would be the ability to know when the vulnerability was introduced or the release affecting the vulnerability.
What problems is the product solving and how is that benefiting you?
We use the GitHub integration and scan our Docker images during CI to find vulnerabilities before pushing to production. We also receive weekly emails regarding the security posture of our applications. Using Snyk, we are able to catch vulnerabilities and fix them easily with the help of Snyk's integrations.
Inconsistent reports, odd UX, incorrect documentation, time-sink for developers
What do you like best about the product?
Not sure I can think of anything nice to say here.
What do you dislike about the product?
The reports are often flat-out incorrect (particularly w/ licensing detections). Between that and the incredible inconsistencies between what the web app and CLI reports (the docs say the CLI should be more accurate/show more, but the opposite is true), and some very annoying/insanely unintuitive UX design choices, I have zero trust in what Snyk reports, and it's a complete pain to work with. And I know I'm not alone in this opinion, as I've tried before to assume that it's just my own experience, yet time and again I'm proven wrong on this point.
What problems is the product solving and how is that benefiting you?
To be fair, it has accurately reported on a couple of actual security vulnerabilities which we were able to address. Otherwise, it seems to cause more problems than it solves (and wastes both my own and the company's time and money as a result).
Snyk Anytime... Any Day !!!
What do you like best about the product?
Snyk is the single source of truth for Vulnerabilities in the composition of your software . The easy to use interface , the depth of information and the reach of scans simply make it Awesome...
What do you dislike about the product?
IT should list out issues under two categories , one which are fixable and the other group for which no fix is available , this will improve the user focus to a much larger extent.
What problems is the product solving and how is that benefiting you?
With Snyk we are providing a level of transparency on the vulnerability profile of software composition , this information is provided with evidence and with all the technical information related to the vulnerability. This improves the decision-making ability of the product owners to prioritize fixes when the resource bucket is limited.
Recommendations to others considering the product:
All i will say is that it is the best in the market today and is a one-stop solution to all your needs around supply chain security and software composition analysis.
Best tool for DevSecOps
What do you like best about the product?
Simple and straightforward.
Easy to use.Simple way integration clearly mention source and sink and give proper remediation.
It is helpful for developer and security engineer
Easy to use.Simple way integration clearly mention source and sink and give proper remediation.
It is helpful for developer and security engineer
What do you dislike about the product?
Need improvement in report creation.
Proper executive and technical report needed.
Some time getting problem in ci/cd pipelines from Jenkin.
Need proper step by step guide
Proper executive and technical report needed.
Some time getting problem in ci/cd pipelines from Jenkin.
Need proper step by step guide
What problems is the product solving and how is that benefiting you?
Easy to find accurate bugs from code and dependency.
Now it is compatible for containers orchestration cloud.
Problem solve like fixed lots of dependency issue and upgrade lots of code after Snyk scan.
Now it is compatible for containers orchestration cloud.
Problem solve like fixed lots of dependency issue and upgrade lots of code after Snyk scan.
Recommendations to others considering the product:
This is the best tool for DevSecOps. Easy to use and iron this out by analysis.
We are completely satisfied with services.
We love to use and give efficient result .
Our client also happy due to Snyk. Now Snyk our family.
This is our original feeling for Snyk.
We are completely satisfied with services.
We love to use and give efficient result .
Our client also happy due to Snyk. Now Snyk our family.
This is our original feeling for Snyk.
Snyk provides the informed and actionable results that others do not
What do you like best about the product?
Beyond the CLI and VS Code integration, seeing the exploit maturity and quick fixes right inline makes speedy work of fixing problems. Additionally, the ability to ignore certain findings and the rich filtering can help adjust the signal-to-noise to zero in on the most urgent problems.
What do you dislike about the product?
Perhaps due to my own ignorance as a newer user, it is disheartening to hit a wall with a vulnerability with "No remediation path available". But I doubt that is a failing of the Snyk tool and system.
What problems is the product solving and how is that benefiting you?
I started with my own personal site, and now progressing to other projects. I'm also introducing Snyk as an offering to my clients, and sincerely hope they adopt it so that we can all sleep better at night.
Recommendations to others considering the product:
The initial trial should be good enough to kick the tires on some low hanging fruit on a project, and get a feel for the experience. Beyond that, try the VS Code integration and CLI tool in a Ci/Cd pipeline to further test out the features and benefits.
A Great service for Source code analysis and vulnerability detection
What do you like best about the product?
Snyk offers automatic vulnerability detection for our GitHub repos, also it warns about the vulnerability impact, direct PR to our GitHub repo is another nice feature
What do you dislike about the product?
A few false positives in the code itself which nothing to do with security, most of the time the middleware that is not public and written by us
What problems is the product solving and how is that benefiting you?
Some critical vulnerabilities in our web application, where we are not aware of it, and most of the time we ignore to think about the vulnerability impact
Recommendations to others considering the product:
Snyk is a good service I have used. As a Web Developer, I know how hackers can break into our applications, though I develop websites keeping owasp in mind. Still, I am not sure of the third-party packages like npm. We should appreciate Snyk's work before using an outdated package we can see if that nmp package has any known vulnerabilities and avoid risks at the first stage
Snyk, your best friend to fix the vulnerability
What do you like best about the product?
Easy to use, even a beginner can use it without problem. Fast, the process very fast.
What do you dislike about the product?
some vulnerable cannot be fixed automatically
What problems is the product solving and how is that benefiting you?
some vulnerables related to docker image.
I can fix all critical and high severity issues in minutes
I can fix all critical and high severity issues in minutes
showing 61 - 70