Sign in
Sign in
or
Create a new account
Categories
Your Saved List Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

Snyk: Developer Security Platform

Snyk | 1

Reviews from AWS Marketplace

0 AWS reviews
  • 5 star
    0
  • 4 star
    0
  • 3 star
    0
  • 2 star
    0
  • 1 star
    0

External reviews

120 reviews
from G2

External reviews are not included in the AWS star rating for the product.

    Nandakumar G.

Must needed tool for software supply chain security

  • December 02, 2022
  • Review provided by G2

What do you like best about the product?
Easy to use cli and native integration with "docker scan" command.
What do you dislike about the product?
Sometimes synk cannot identify/scan binaries that were copied into the container image
What problems is the product solving and how is that benefiting you?
Synk helps us scan the codebase with SAST to find any security issues and does an excellent job of scanning container images for vulnerabilities.

    Terry M.

Helpful tool for recognizing vulnerabilities in supply chain / dependencies

  • December 01, 2022
  • Review verified by G2

What do you like best about the product?
Fast response time to at least notify of a vulnerability and, when available, version details of a package to resolve it. Also useful in that it creates PRs to fix those vulnerabilities.
What do you dislike about the product?
The static analysis still has some ways to go, for now it can be useful but depending on the language can often show false positives - not something unique to Snyk, it's a common problem for any static analysis tool.
What problems is the product solving and how is that benefiting you?
Mediate vulnerabilities quickly and before they may cause any issues for customers, both external and internal. Saves time in having to review CVE's manually and often times in formulating a fix.

    Rural A.

snyk review

  • November 30, 2022
  • Review verified by G2

What do you like best about the product?
Snyk is very good at finding vulnerabilities in my code (even if it's just that I forgot to update a package to the latest secure version c: )
Snyk works a lot like dependabot, but from my experience, it's much better and much more fleshed out (so to speak). Snyk will give you a detailed analysis of your code and any vulnerabilities found, how to fix them, and even how to exploit them with proofs of concept, etc.

and to think I found out about it from a youtube ad!
What do you dislike about the product?
nothing at the moment
although I suppose I'd just contact support about the disliked features/bugs in question if I ever found any...
the website overhaul looks really nice, I honestly thought there'd be something I didn't like about it, but it's pretty good :)
What problems is the product solving and how is that benefiting you?
The only problems it's supposed to: finding vulnerabilities in mine (and others') code, which it does an incredible job of doing.

    Artur K.

Does not allow you making mistakes you did not know you make

  • November 21, 2022
  • Review verified by G2

What do you like best about the product?
It is easy to use and developer friendly. You can easily test a project locally or let snyk monitor the project from the ci. The quality gate makes sure, you do not introduce new mistakes in your merge requests.
What do you dislike about the product?
The need for a Snyk Broker when working with a self hosted Gitlab instance. We recently moved from the Gitlab SaaS service to a self hosted environment. It was partly our mistake for not reading the Snyk documentation well enough, but now we need a broker for it to monitor our projects
What problems is the product solving and how is that benefiting you?
Snyk monitors our projects for security mistakes in the dependencies. Some projects are on a security only maintenance mode, which is a lot easier with Snyk. But it also monitors the main projects and makes it easy to fix security issues

    Andy G.

Extremely versatile vulnerability scan

  • November 16, 2022
  • Review verified by G2

What do you like best about the product?
Snyk provides a highly versatile scan of code to expose common vulnerabilities in code, not only by recognising vulnerable blocks of code but also by following the path of user-submitted variables through the code to ensure proper validation has been performed. Its integration with Github and pricing model are also exceptional.
What do you dislike about the product?
The downside of Snyk is that not enough people are using it and making the internet a better place.
What problems is the product solving and how is that benefiting you?
Code standards and vulnerability scanning.

    Huseyin S.

Easy to use

  • November 10, 2022
  • Review verified by G2

What do you like best about the product?
I don't know much about DevOps, but sometimes I forget to update packages when doing many projects. Since Synk opens PR for all of them, I can directly merge to the main branch.
What do you dislike about the product?
maybe reports can be made available to free users at a certain rate so we can see what kind of thing can happen.
What problems is the product solving and how is that benefiting you?
I usually try to update NPM packages after pushing the application to git.

    Sean P.

Powerful analysis to reduce risk in your applications

  • November 08, 2022
  • Review verified by G2

What do you like best about the product?
I like the comprehensive and detailed reporting structure that Synk provides. When possible, Snyk will provide remediations to issues it finds and allows me to integrate with JIRA or other management tools to ensure I don't lose track of important updates. Setup of Snyk is surprisingly easy and I really appreciate the integrations it provides with Bitbucket to make sure all my code is secure. Beyond third party library scanning, the license, container, and live code tracking features are things that look powerful but haven't had a chance to fully try out yet. Given the quality I've seen in most of the tools, I'm sure they are equally great.
What do you dislike about the product?
The biggest downside to Snyk is the pricing point for medium sized businesses. The free tier does a lot and can be used by most small businesses. However, when you are scaling up to that medium tier, the pricing became cost prohibitive to us, so we are remaining on the free plan for the time being.
What problems is the product solving and how is that benefiting you?
As a consulting firm, we often build custom software solutions for clients that rely upon third party libraries to speed up development. Since these libraries are open source, there does arise the risk that a library will have security vulnerabilities that we are not aware of, particularly if the library is a dependency of another library being used. Snyk helps us identify these risks, assess the severity and impact of them, and make a plan to resolve them in an effective manner.

    Magno L.

Great tool, easy to use, developer-friendly and free for open source projects

  • November 08, 2022
  • Review verified by G2

What do you like best about the product?
It is free for public repositories, and it is easy to create an account and integrate it with your GitHub repositories. It scans your dependencies very quickly and provides accurate and actionable results to fix those vulnerabilities. Even having a way to automatically submit PRs directly to fix the issues found.
What do you dislike about the product?
Sometimes the error messages are not very clear, like with the IDE plugin, and it is challenging to understand why the project wasn't imported or scanned. But overall it works seamlessly.
What problems is the product solving and how is that benefiting you?
Snyk is helping protect the security of libraries and dependencies, which are mostly open-source projects created by independent developers that require help with the security of their applications.

    Todd T.

It's foundational to the industry

  • November 07, 2022
  • Review verified by G2

What do you like best about the product?
Snyk has always pushed further than npm audit and provides the checks I need to feel comfortable deploying my changes or catching new zero days in a timely manner.
What do you dislike about the product?
Like any tool where people work on it in a 9-5, Snyk costs money. Npm audit is getting better and is free. That said, NodeJS is the package injection ecosystem, so I don't mind going a bit premium for a sense of safety on my projects. Additionally, the static analysis is pretty nice as well.
What problems is the product solving and how is that benefiting you?
Keeping abreast of vulnerabilities in my dependency tree. Security is the lifeblood of a company, so having more static analysis and dependency tree checking will benefit any company.

    Computer & Network Security

Snyk is truly developer friendly

  • November 03, 2022
  • Review verified by G2

What do you like best about the product?
I have followed the Snyk team's work since my first year in graduate school; I researched 3rd party packages and their security on open-source GitHub projects. I have always been impressed by the approach they've taken to security. They were not afraid to offer off-beat (yet very much needed) solutions. Snyk has evolved exponentially since then with a variety of features, and offering docker security excites me. I can't wait for them to grow into web3 and the WebAssembly space soon as well.
What do you dislike about the product?
Snyk is more expensive than the competition, significantly so. However, I'd say the price difference is potentially worth it considering, you may have to hire an Engineer to hack workarounds for other solutions out there. Depends on your risk factor for future work.
What problems is the product solving and how is that benefiting you?
Snyk reduces the complexity of managing security in an enterprise; it is not a simple feat by any means. The multitude of features, integrations and advice snyk offers is unparalleled in my opinion.

showing 31 - 40