Checkmarx vs. ManageEngine Application Control Plus vs. Snyk

If you are going with SAST process or want to improve overall security posture then go for it like integrating it with post deployment steps. If you are more concerned about proactive controls better choose other options such as pee-commit hooks and CI security. Also choose other tools for DAST and API scans.

Incentivized

It works great if you want to run an application as an admin. We did find out that it will not work, or at least we cannot get it to work for users that need to change the IP address on their endpoint to connect to a traffic light. So far those users are still admins until we can figure it out

Incentivized

Scenarios Where Snyk Is Well-Suited CI/CD Pipeline Integration (Node.js, Python, etc.) Container Security Open Source License Compliance Infrastructure as Code (IaC) SecurityScenarios Where Snyk May Be Less Appropriate Scanning Proprietary or Custom Code for Unknown Vulnerabilities Complex Monorepos with Custom Build Tools Organizations Requiring Custom Security Rules Advanced Security Teams Needing Correlation and Deep Triage.

Incentivized

• Detects security vulnerabilities in source code with accuracy and detail.
• Integrates seamlessly with CI/CD pipelines, IDEs, and repositories.
• Provides clear reports and actionable fix recommendations for developers.

Incentivized

• Console built well and easy to understand
• Support is awesome
• Pulls in the exe information so that it is easy to allow the application to be ran as an admin

Incentivized

• Helps in dependency management
• SAST - Static Application Security Testing
• Infra Code Scan ( Terraform , Cloud Formation , Docker image scan)
• OSSG

Incentivized

• Scan duration
• False positives
• Integration with other tools like Jenkins comes with some inconveniences.

Incentivized

• The agent on the endpoint will sometimes fail to install or it will get corrupted. Nothing in the console that we can find tells us that there is an issue
• Create an agent that also works with the other products that you sell. If we have more than one product there is a chance that it may not work
• I really do not have a 3rd. This is a really good product

Incentivized

• The tool itself has many capabilities but using them operationally within the platform on a day to day basis for managing vulnerabilities is not a good experience.
• Our company was in desparate need of a tool to help us manage vulnerabilities so we could achieve a SOC 2 assurance report without findings.

Incentivized

Their API based customizations which I leveraged to create an ASPM package, which is developer friendly and can extend above the dashboard features, other ones are UI which is great and feels clutter free. Menu and navigation is also good so as support. Only drawback is sometimes scan takes longer which I feel so can be reduced

Incentivized

Extremely easy to use. Once we had a good idea of how it worked we had it up and running in about 2 weeks. It did take us nearly 9 months to get it installed and fully operational on all users endpoints that needed it. My admin on the team that runs the software loves it.

Incentivized

Developer-Centric Design - Snyk integrates directly into IDEs (like VS Code and IntelliJ), CI/CD pipelines, GitHub/GitLab, and container registries. Clear, Actionable Vulnerability report issues are categorized by severity.


Reports include fix recommendations, pull request suggestions, and links to remediation advice.

Incentivized

Checkmarx is easier to integrate with development tools and gives quick feedback during coding, which is helpful for developers. Veracode is more focused on scanning and reporting for compliance, but it’s more complex to set up. We chose Checkmarx because it fits better into our development process, offering faster scans and more useful suggestions for fixing problems

Incentivized

ME has many more applications that are in the database that will work. The cost was also much cheaper that is until we confronted the other vendor about us finding another product. At that point it was too late. We own other ME products and have found success in all of them

Incentivized

Unfortunately, neither cover all of the use cases that we would like so we need to use both but they are both excellent tools as part of our vulnerability management. We find that Snyk helps us better with improving our MTTR of identified vulnerabilities when compared to inspector but that may be more based on how we have implemented both tools

Incentivized

• Improved ability to provide high level of IA confidence
• Improved confidence in application-level security

Incentivized

• This product will help us better secure our environment. That alone is a huge cost savings
• We have allowed users that were admins to still be able to install some software on their endpoints without having admin rights on the whole endpoint
• This product has woke up some in the department to look for applications that do not require admin rights.

Incentivized

• Increased developer experience
• Better productivity due to shift left as Vulnerabilities are caught earlier in the SDLC process
• Improved Vulnerability Management
• Common dashboard for various stages in CI/CD

Incentivized