AWS Config vs. Lacework vs. Snyk

Snyk

Overview
Product	Rating	Most Used By	Product Summary	Starting Price
AWS Config	Score 7.0 out of 10	N/A	Amazon Web Services offers AWS Config, a service that provides monitoring and assessment of AWS resource configurations to support compliance auditing, change management and troubleshooting, with resource histories and comparison of historical configurations against planned configurations.	N/A
Lacework	Score 6.0 out of 10	N/A	Lacework is a cloud-native application protection platform offered as-a-Service; delivering build-time to run-time threat detection, behavioral anomaly detection, and cloud compliance across multicloud environments, workloads, containers, and Kubernetes.	N/A
Snyk	Score 8.8 out of 10	N/A	Snyk’s Developer Security Platform automatically integrates with a developer’s workflow and helps security teams to collaborate with their development teams. It boasts a developer-first approach that ensures organizations can secure all of the critical components of their applications from code to cloud, driving developer productivity, revenue growth, customer satisfaction, cost savings and an improved security posture. The vendor states Snyk is used by 1,200 customers worldwide today, including…	$0

Pricing

AWS Config

Lacework

Snyk

Editions & Modules

No answers on this topic

Free: $0
Team (Snyk Open Source or Snyk Container or Snyk Infrastructure as Code): $23
per month per user
Business (Snyk Open Source or Snyk Container or Snyk Infrastructure as Code): $42
per month per user
Team (Snyk Open Source + Snyk Container + Snyk Code + Snyk Infrastructure as Code): $98
per month per user
Business (Snyk Open Source + Snyk Container + Snyk Code + Snyk Infrastructure as Code): $178
per month per user
Enterprise: Contact Sales

Offerings

Pricing Offerings
AWS Config	Lacework	Snyk
Free Trial
No	No	Yes
Free/Freemium Version
No	No	Yes
Premium Consulting/Integration Services
Yes	No	No

Entry-level Setup Fee

No setup fee

Additional Details

With AWS Config, you are charged based on the number of configuration items recorded, the number of active AWS Config rule evaluations and the number of conformance pack evaluations in your account. A configuration item is a record of the configuration state of a resource in your AWS account. An AWS Config rule evaluation is a compliance state evaluation of a resource by an AWS Config rule in your AWS account, and a conformance pack evaluation is the evaluation of a resource by an AWS Config rule within the conformance pack.

—

Pricing is dependent on the number of developers selected, the number of products selected, and the payment term selected. Please visit the Snyk plans page for an interactive pricing calculator.

More Pricing Information

Community Pulse
	AWS Config	Lacework	Snyk

Best Alternatives
	AWS Config	Lacework	Snyk
Small Businesses	HashiCorp Vagrant Score 10.0 out of 10	No answers on this topic	No answers on this topic
Medium-sized Companies	Ansible Score 9.2 out of 10	CrowdStrike Falcon Score 9.1 out of 10	Veracode Score 8.8 out of 10
Enterprises	Ansible Score 9.2 out of 10	CrowdStrike Falcon Score 9.1 out of 10	Veracode Score 8.8 out of 10
All Alternatives	View all alternatives	View all alternatives	View all alternatives

User Ratings
	AWS Config	Lacework	Snyk
Likelihood to Recommend	8.8 (6 ratings)	7.1 (7 ratings)	8.5 (6 ratings)
Usability	- (0 ratings)	- (0 ratings)	9.0 (2 ratings)
Performance	9.6 (2 ratings)	- (0 ratings)	- (0 ratings)
Ease of integration	6.2 (2 ratings)	- (0 ratings)	- (0 ratings)

User Testimonials
	AWS Config	Lacework	Snyk
Likelihood to Recommend	Amazon AWS It's really good if your infrastructure services is all in AWS, that means everything could be audited and monitored using AWS config. You also can create alarms to notify you or your team about any changes on your AWS resources which is very useful to prevent abuse if you have a fairly large team. It's also very useful whenever some third party wants to audit your AWS resources, if you have a fairly comprehensive AWS config configured, the auditing process will be easy since they only need to look at your AWS config setup. Incentivized Verified User Anonymous Read full review	Lacework Lacework is well suited for behavioral analysis. One thing to consider thought is in the early stages there will be quite a bit of noise generated by Lacework. There will be a higher volume alerts generated initially - until a good baseline is generated. Overall Lacework is good with alert handling - integration with Slack is good. Incentivized DS Dan Soble VP Engineering Read full review	Snyk Scenarios Where Snyk Is Well-Suited CI/CD Pipeline Integration (Node.js, Python, etc.) Container Security Open Source License Compliance Infrastructure as Code (IaC) SecurityScenarios Where Snyk May Be Less Appropriate Scanning Proprietary or Custom Code for Unknown Vulnerabilities Complex Monorepos with Custom Build Tools Organizations Requiring Custom Security Rules Advanced Security Teams Needing Correlation and Deep Triage. Incentivized Verified User Anonymous Read full review
Pros	Amazon AWS The ability to track changes in AWS is paramount, AWS config allows you to do this Allows the auditing of an AWS account Can view history of an account that has AWS config enabled Incentivized Verified User Anonymous Read full review	Lacework Easy to set-up the agent in cloud workloads. Easy integration with ticketing and messaging tools. Detailed visibility of all our container workloads across multiple accounts. Incentivized Verified User Anonymous Read full review	Snyk Helps in dependency management SAST - Static Application Security Testing Infra Code Scan ( Terraform , Cloud Formation , Docker image scan) OSSG Incentivized MS Manas Singh IT Architect Read full review
Cons	Amazon AWS It's only AWS, no third party. Not the most intuitive interface, but with a little getting used to it is OK. Incentivized Verified User Anonymous Read full review	Lacework UI can be complicated and hard to know where to click to find information. Ability to create and manage cases or tickets from events that trigger. Verified User Anonymous Read full review	Snyk The tool itself has many capabilities but using them operationally within the platform on a day to day basis for managing vulnerabilities is not a good experience. Our company was in desparate need of a tool to help us manage vulnerabilities so we could achieve a SOC 2 assurance report without findings. Incentivized Verified User Anonymous Read full review
Usability	Amazon AWS No answers on this topic	Lacework No answers on this topic	Snyk Developer-Centric Design - Snyk integrates directly into IDEs (like VS Code and IntelliJ), CI/CD pipelines, GitHub/GitLab, and container registries. Clear, Actionable Vulnerability report issues are categorized by severity. Reports include fix recommendations, pull request suggestions, and links to remediation advice. Incentivized Verified User Anonymous Read full review
Performance	Amazon AWS Would rate lower for other workloads but for AWS workloads its simple to set up, cost effective and customisable. Primary use case is compliance from a governance perspective. Incentivized Verified User Anonymous Read full review	Lacework No answers on this topic	Snyk No answers on this topic
Alternatives Considered	Amazon AWS I do not know or have used any other product in AWS cloud space that matches what AWS Config provides. We have some custom built monitoring and governance, however that is there because AWS Config does not provide it currently. Incentivized Verified User Anonymous Read full review	Lacework Compared to Sysdig Falco (the free open-source IDS), Lacework helps security teams by providing actionable alerts and a user-friendly interface that gives you an overview of all workloads being monitored, and detailed insights into these workloads if needed. Falco requires you to build your own integration and interface around it, including a mechanism to whitelist certain alerts. This made it harder for the security team to focus their time on potential intrusions. Incentivized Verified User Anonymous Read full review	Snyk Unfortunately, neither cover all of the use cases that we would like so we need to use both but they are both excellent tools as part of our vulnerability management. We find that Snyk helps us better with improving our MTTR of identified vulnerabilities when compared to inspector but that may be more based on how we have implemented both tools Incentivized Verified User Anonymous Read full review
Return on Investment	Amazon AWS Enforcing audit requirements Easy to set up alerting when there are rule breaches Auto remediation reduces the manual policing of such breaches Incentivized Verified User Anonymous Read full review	Lacework Being a FinTech company, financial institutions who partner with us want to know that we are appropriately maintaining a Security, Risk and Compliance program that maintains a level of comfort for their vendor management. Lacework gives us the ability to monitor and maintain a level of security for our infrastructure that puts our partners at ease, reduces the revenue cycle for new partners and opens doors to the future. Richard Russell Director of Information Security & IT Infrastructure Read full review	Snyk Increased developer experience Better productivity due to shift left as Vulnerabilities are caught earlier in the SDLC process Improved Vulnerability Management Common dashboard for various stages in CI/CD Incentivized MS Manas Singh IT Architect Read full review
ScreenShots