Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Brief review on Snyk
What do you like best about the product?
The dashboard showing general information about security issues found and the experienced it brings up
What do you dislike about the product?
The way creating new Jira tickets. Somehow, it can make overabundant
What problems is the product solving and how is that benefiting you?
I would like to create one Jira ticket for one project or by priority. I wish Snyk would help me found more issues on the container in the Cloud-based environment (AWS, GCP...) the export report with details were found, the severity, recommendation, and auto raise notification and tickets.
I also wish to have got support when issues come up.
I also wish to have got support when issues come up.
Recommendations to others considering the product:
Snyk is an interesting software that supports you in SCA area. It easies to tracks, manages, and integrates.
- Leave a Comment |
- Mark review as helpful
Essential in understanding our vulnerability landscape
What do you like best about the product?
Snyk's UI and tooling present complex information in a straightforward, easy-to-digest manner. These qualities make it easy for teams to spin up and start acting on the information given. With new services supported and other quality of life upgrades happening frequently, it makes using the tool a breeze. The number of supported services Snyk offers ensures we only need one tool for the many environments we have.
What do you dislike about the product?
With our on-prem requirements, we've spent several cycles performing upgrades and transitioning to the brand new CNA offering. There have been some hiccups here and there, and sometimes it means we're not always on the latest version to utilize all the available features advertised. The team has been working hard to improve this aspect of the tool of the non-SaaS offering and I believe will no longer be a pain point very soon!
What problems is the product solving and how is that benefiting you?
From scanning docker images to dozens of team projects, we're able to aggregate and act on lots of information in a speedy way. This allows us to ship more secure code and environments, giving us better peace of mind we're staying secure with the latest package updates.
A robust platform to oversight from dev to prod
What do you like best about the product?
A robust platform to give you an immediate view of your security posture in from development to production. Strong API support. Very good customer support.
What do you dislike about the product?
Lack of flexibility in data extraction for further reporing customization
What problems is the product solving and how is that benefiting you?
To ensure the development is clean before moving production not limited only to code but also container image, infra deployment..
Recommendations to others considering the product:
Try it immediately
Best automated vulnerability scanner for code!
What do you like best about the product?
Reporting structure is fantastic. Ease of implementation and how fast the scanning is of the codebase.
What do you dislike about the product?
No trending in the dashboard. xxxxxxxxxx
What problems is the product solving and how is that benefiting you?
The ability to capture vulnerabilities before deployment. Gamifying the reporting between our dev teams. Seeing ROI straight away.
Recommendations to others considering the product:
If you are a Dev focused company, this is a must for security!
Snyk is a developer-focused, one-stop shop for our cloud & application security!
What do you like best about the product?
Snyk keeps on expanding its offering to cover all aspects of cloud and application security (IAC, kubernetes, containers, ...), and listens to customer input while doing that. The automation capabilities & integrations with SCMs such as Github & Gitlab greatly help to roll-out the tool for hundreds of projects.
What do you dislike about the product?
Some languages don't have all features (yet). New features are usually focused on Node.js.
What problems is the product solving and how is that benefiting you?
Snyk gives us full visibility on licensing issues, vulnerabilities & insecure cloud configurations within our repositories. The rich metadata attached to vulnerabilities allow us to focus our efforts on the most important & exploitable vulnerabilities. Since it easily integrates with our CI/CD pipelines, all developers working on a repository have instant feedback on potential vulnerabilities added in their merge requests.
The best cybersecurity solutions for modern applications
What do you like best about the product?
It's really amazing when you find a company that truly understated your needs and provide the best tools for dealing with cybersecurity with modern applications. Snyk is the best tool for cybersecurity professional to deal with the DevSecOps and the shift-left.
What do you dislike about the product?
I don't see any downsides using Snyk right now
What problems is the product solving and how is that benefiting you?
We're using snyk for dealing with open source vulnerabilities and also Snyk code for our code base vulnerabilities
Best-in-class, developer-focused security scanner
What do you like best about the product?
It is very simple to to integrate the CLI to both scan and continually monitor projects inside CI/CD pipelines and against PRs. On our Javascript, Python and Go projects, scanning is very fast and natively supports the Poetry and Yarn package managers.
The vulnerability database is very comprehensive and timely and contains a wealth of information beyond a severity score, often including PoC code, links to outstanding Github issues or PRs, HackerOne reports etc, as well as an indication of the maturity of any exploits out-in-the-wild. We have found that competing solutions tend to lag in this regard.
Snyk Advisor assists our developers when introducing new third party dependencies to go beyond popularity and consider other factors such as their license, security history and maintenance status.
The combination of the Open Source, Container and IaaC products is a very powerful combination of tools to assess security across the entire stack at the app, OS, and infra levels.
The vulnerability database is very comprehensive and timely and contains a wealth of information beyond a severity score, often including PoC code, links to outstanding Github issues or PRs, HackerOne reports etc, as well as an indication of the maturity of any exploits out-in-the-wild. We have found that competing solutions tend to lag in this regard.
Snyk Advisor assists our developers when introducing new third party dependencies to go beyond popularity and consider other factors such as their license, security history and maintenance status.
The combination of the Open Source, Container and IaaC products is a very powerful combination of tools to assess security across the entire stack at the app, OS, and infra levels.
What do you dislike about the product?
The CLI, main dashboard and reports are great, but some of the other integrations are not quite as good.
The native ECR scanner in the dashboard requires you to opt-in on a tag-basis, you can’t scan all images pushed by default without using the CLI. Snyk can automatically open PRs in Github to upgrade dependencies, but if you'd prefer to create Jira tickets that appears to be a manual process. Out-of-the-box notification support is currently limited to Slack as well.
The native ECR scanner in the dashboard requires you to opt-in on a tag-basis, you can’t scan all images pushed by default without using the CLI. Snyk can automatically open PRs in Github to upgrade dependencies, but if you'd prefer to create Jira tickets that appears to be a manual process. Out-of-the-box notification support is currently limited to Slack as well.
What problems is the product solving and how is that benefiting you?
Security is a non-negotiable part of any SDLC but we work in an industry where it is particularly paramount. Surfacing security information to our developers directly on each PR and code push allows us to shorten the feedback loop and be as proactive as possible when it comes to addressing security vulnerabilities.
Snyk also ensures we receive timely information on newly-disclosed vulnerabilities to better assess and plan mitigation work, and that we are license-compliant.
Snyk also ensures we receive timely information on newly-disclosed vulnerabilities to better assess and plan mitigation work, and that we are license-compliant.
Recommendations to others considering the product:
Consider how comprehensive and timely Snyk is in reporting vulnerabilities for your particular languages -- some may not be as comprehensive as others.
Consider whether the out-of-the-box integrations are suitable for your needs or if you will be heavily CLI-based.
Consider whether the out-of-the-box integrations are suitable for your needs or if you will be heavily CLI-based.
Security
What do you like best about the product?
Easy to use & maintain
Effective
Free for open repos
Effective
Free for open repos
What do you dislike about the product?
Pricing model
Customer support (some are really good)
Customer support (some are really good)
What problems is the product solving and how is that benefiting you?
Early security defect discovery
Easy to monitor
Easy to plan mitigation effort
Easy to monitor
Easy to plan mitigation effort
Recommendations to others considering the product:
Snyk is:
Simple to use
Cost effective
Easy to integrate
Easy to monitor
Simple to use
Cost effective
Easy to integrate
Easy to monitor
I use Snyk and maybe you should also
What do you like best about the product?
It is really easy to use. It gives good insights. It does a thorough scan. Many integrations. Responsive support team eager and available to help.
What do you dislike about the product?
It has many integrations but it can be hard to know which one to use. For example you can have it scan your repositories and you can have it scan as part of your build pipeline. I'm not sure why we decided to use the one that we did.
What problems is the product solving and how is that benefiting you?
It reports on the vulnerabilities in the open source projects I use and reminds me to upgrade them in a timely fashion. I know if I don't upgrade regularly I will see a large number of vulnerabilities.
Recommendations to others considering the product:
It is certainly worth giving it a try. The team was very generous with the trial.
Recommend to use it 👍
What do you like best about the product?
It's really easy to use and provides a perfect quality.
What do you dislike about the product?
Limit of tests run for free plan 😅But that's understandable.
What problems is the product solving and how is that benefiting you?
I find vulnerabilities in my source code on early stage.
showing 91 - 100