Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Simplest way to improve application security is using Snyk
What do you like best about the product?
Easy to set-up and to use, without compromising on custom use-cases with the API and CLI features.
Very exceptional coverage in terms of security database, and works with the vast majority of the different programming languages we implement.
Great Features already in place and more are coming with Snyk Code (SAST) that was recently announced.
Very exceptional coverage in terms of security database, and works with the vast majority of the different programming languages we implement.
Great Features already in place and more are coming with Snyk Code (SAST) that was recently announced.
What do you dislike about the product?
The way the different projects are grouped and presented in the UI could be improved (especially if you have a lot of them, and are using multiple features, it can get confusing quickly)
Documentation: It can be troublesome to find how to use a specific feature, as the documentation is often hard to navigate.
Documentation: It can be troublesome to find how to use a specific feature, as the documentation is often hard to navigate.
What problems is the product solving and how is that benefiting you?
Give visibility on licence usage, and helps compliance on those
Gave visibility on all the issues that could arise from Open Source Vulnerabilities, and gave us a great way to prioritize and tackle the issues.
The Snyk Score displayed by the application is particularly interesting to let users prioritize what issue should be tackled first, as it takes into account Exploit maturity and impact of the vulnerability.
Gave visibility on all the issues that could arise from Open Source Vulnerabilities, and gave us a great way to prioritize and tackle the issues.
The Snyk Score displayed by the application is particularly interesting to let users prioritize what issue should be tackled first, as it takes into account Exploit maturity and impact of the vulnerability.
Recommendations to others considering the product:
Take the time to properly understand and use the functionality provided by Snyk. Trying to implement it too fast simply for compliance can make you miss out on a lot of very useful features.
- Leave a Comment |
- Mark review as helpful
Easy to integrate into your build process
What do you like best about the product?
It was very easy for us to integrate snyk into out build pipeline
What do you dislike about the product?
Sometimes you get false positives and when you check the developers website it says that it's not an actual vulnerability
What problems is the product solving and how is that benefiting you?
finding vulnerabilities in our dependencies
Engineer friendly and trust worthy.
What do you like best about the product?
Quality of results which are available in a short period of time and on top of it, the integration options.
What do you dislike about the product?
I would like to have an automatic integration with Jira when a vulnerability is discovered, not a manual process. And ability to create Jira tickets per project not in a general project.
What problems is the product solving and how is that benefiting you?
OSA and licensing. Safer usage of libs and shorter due diligence cycles.
Recommendations to others considering the product:
A top vendor to rely on!
So useful and so easy to integrate in the Dev pipelines. Love the automation capabilities!
What do you like best about the product?
The CLI is great, and the different integrations provided out of the box make it even better! We migrated from a tool that had very poor UX when trying to integrate with CI pipelines, not to mention the lack of integrations.
What do you dislike about the product?
That sometimes the CLI results and the GitHub integration results are different We've had that problem in the past several times and we were told to prefer the CLI results instead of the Github ones.
What problems is the product solving and how is that benefiting you?
Removing the 3rd party vulnerabilities from our products, thus making a more secure supply chain. This helped us removing vulnerabilities from components that we ship on-prem to clients and no more having releases rejected by our clients.
Also, the GoLang scanning is not as comprehensive as the one for Java/C#
Also, the GoLang scanning is not as comprehensive as the one for Java/C#
Recommendations to others considering the product:
If you're looking to automate the OSS scanning and integrate it into the pipelines (as part of a DevSecOps initiative), Snyk is by far the best tool I've seen.
Scalable tool, it was easy to integrate multiple projects in no time.
What do you like best about the product?
I believe that we had very good communication with Snyk representatives. We received support whenever it was needed, discussions were always professional and the actions were followed up on Snyk part.
Another thing that helped us a lot was the scalability of the product. Very fast scans and easy to onboard new projects helped us speed the development process and let our developers focus on business aspects rather than integration concerns. With trusted partners like Snyk, we were able to automate and enforce a lot of SDLC practices and decrease the release frequency from once in 6 months to multiple per week.
Another thing that helped us a lot was the scalability of the product. Very fast scans and easy to onboard new projects helped us speed the development process and let our developers focus on business aspects rather than integration concerns. With trusted partners like Snyk, we were able to automate and enforce a lot of SDLC practices and decrease the release frequency from once in 6 months to multiple per week.
What do you dislike about the product?
I cannot say I found something that I disliked. All feedback was received and addressed.
What problems is the product solving and how is that benefiting you?
We are developing banking software and security for us is not optional. We are using snyk for automatic OSA checks as part of our secure development life cycle. Every new merge is checked and this helps us to have a continuous delivery approach on a monolith of 1.5 millions of line of code where more than 50 developers are working on it.
Address your open source coverage concerns with Snyk OSS Scanner
What do you like best about the product?
Snyk was onboarded to help with security vulnerability and license spread visibility across the open source frameworks that are used across the company. It has truly been a groundbreaking service that we start utilizing from the get go both in terms of identifying risk as well as enabling pathways to remediation. I strongly feel the tool was targeted towards developers to help with cross-functional collaboration and visibility into both the dependencies and the defects they contain.
What do you dislike about the product?
Business Metrics and reports could be better
What problems is the product solving and how is that benefiting you?
Coverage across OSS projects and frameworks, while embedding security into CI/CD pipelines
works great for us with mainly being a javascript and python shop.
What do you like best about the product?
developer-first and integrations work well with popular services like GitHub. CLI is also great as well.
What do you dislike about the product?
UI can sometime clunky and difficult to navigate. The API is good, but the Reporting API could use some improvements regarding getting stats on a group-level.
What problems is the product solving and how is that benefiting you?
Figuring out what our software is made of and the vulnerabilities within. Some benefits include seeing the amount of not-supported or abandoned projects we use and being able to report on it.
Great Reports
What do you like best about the product?
Able to view an organisation wide report on all the vulnerabilities of each package in the repos.
What do you dislike about the product?
I'm not sure if this is a feature, but maybe more automation like github dependency issues where a PR can be submitted with the click of a button from snyk.
What problems is the product solving and how is that benefiting you?
We are a security company and our customers security are highest priority, having snyk be proactive for us to jump on vulnerabilities in packages are critical.
Great tool for tracking vulnerabilities
What do you like best about the product?
It’s completely automated eliminates lots of manual intervention for fixing the vulnerability with different versions of repository.
What do you dislike about the product?
Sometimes the vulnerability alerts might not be genuine.
What problems is the product solving and how is that benefiting you?
Identify secure vulnerability versions.
Recommendations to others considering the product:
It's a great automated software for detecting vulnerabilities.
First-class cloud compliance platform, wonderful to use
What do you like best about the product?
Ability to visualize and easily navigate our cloud infrastructure, getting a birds-eye view of our configuration items and policies, with custom rules, alerts, and exceptions as needed. The policy enforcement is a powerful tool for correcting baseline drift. The front-end of the app is very well made so there are no UX problems in my view. I use a lot of tools, and am not shy about delivering the news when it is painful to use- Fugue is great to use.
What do you dislike about the product?
If I had to pick something annoying, I guess the visualizer could render faster.
What problems is the product solving and how is that benefiting you?
Change/ configuration management and visibility into our cloud security posture, with the ability to enforce policy. Provides a key component for DevSecOps.
showing 101 - 110