Checkmarx, an Israeli headquartered company with US offices, provides a suite of application security software delivered via the Checkmarx Software Security Platform. Individual modules and capabilities include Checkmarx Static Application Security Testing, Checkmarx Software Composition Analysis, Checkmarx Interactive Application Security Testing (CxIAST)
N/A
Snyk
Score 8.6 out of 10
N/A
Snyk’s Developer Security Platform automatically integrates with a developer’s workflow and helps security teams to collaborate with their development teams. It boasts a developer-first approach that ensures organizations can secure all of the critical components of their applications from code to cloud, driving developer productivity, revenue growth, customer satisfaction, cost savings and an improved security posture. The vendor states Snyk is used by 1,200 customers worldwide today, including…
$0
Trend Micro Deep Security
Score 8.4 out of 10
N/A
Trend Micro™ Deep Security™ software provides comprehensive security for virtual, cloud, and container environments. Deep Security allows for consistent security regardless of the workload. It also provides a rich set of application programming interfaces (APIs) so security can be automated.
N/A
Pricing
Checkmarx
Snyk
Trend Micro Deep Security
Editions & Modules
No answers on this topic
Free
$0
Team (Snyk Open Source or Snyk Container or Snyk Infrastructure as Code)
$23
per month per user
Business (Snyk Open Source or Snyk Container or Snyk Infrastructure as Code)
$42
per month per user
Team (Snyk Open Source + Snyk Container + Snyk Code + Snyk Infrastructure as Code)
$98
per month per user
Business (Snyk Open Source + Snyk Container + Snyk Code + Snyk Infrastructure as Code)
$178
per month per user
Enterprise
Contact Sales
No answers on this topic
Offerings
Pricing Offerings
Checkmarx
Snyk
Trend Micro Deep Security
Free Trial
No
Yes
No
Free/Freemium Version
No
Yes
No
Premium Consulting/Integration Services
No
No
No
Entry-level Setup Fee
No setup fee
No setup fee
No setup fee
Additional Details
—
Pricing is dependent on the number of developers selected, the number of products selected, and the payment term selected. Please visit the Snyk plans page for an interactive pricing calculator.
If you are going with SAST process or want to improve overall security posture then go for it like integrating it with post deployment steps. If you are more concerned about proactive controls better choose other options such as pee-commit hooks and CI security. Also choose other tools for DAST and API scans.
Scenarios Where Snyk Is Well-Suited CI/CD Pipeline Integration (Node.js, Python, etc.) Container Security Open Source License Compliance Infrastructure as Code (IaC) SecurityScenarios Where Snyk May Be Less Appropriate Scanning Proprietary or Custom Code for Unknown Vulnerabilities Complex Monorepos with Custom Build Tools Organizations Requiring Custom Security Rules Advanced Security Teams Needing Correlation and Deep Triage.
Hypervisor based agentless security this product excels at. It provides thorough protection for your VM's. The web filtering product that comes with it also does a great job filtering out malicious websites from being accessed by users with a very user friendly prompt that they are going to a website which has been found to be malicious. This is particularly useful when it comes to VDI.
The tool itself has many capabilities but using them operationally within the platform on a day to day basis for managing vulnerabilities is not a good experience.
Our company was in desparate need of a tool to help us manage vulnerabilities so we could achieve a SOC 2 assurance report without findings.
Trend Micro has very little room for improvement. I am using version 9.6 at this time and it is extremely reliable. Some of the upgrades were not completely intuitive, but in those cases Deep Security support came through with documentation that covered all the bases.
Their API based customizations which I leveraged to create an ASPM package, which is developer friendly and can extend above the dashboard features, other ones are UI which is great and feels clutter free. Menu and navigation is also good so as support. Only drawback is sometimes scan takes longer which I feel so can be reduced
Developer-Centric Design - Snyk integrates directly into IDEs (like VS Code and IntelliJ), CI/CD pipelines, GitHub/GitLab, and container registries. Clear, Actionable Vulnerability report issues are categorized by severity.
Reports include fix recommendations, pull request suggestions, and links to remediation advice.
Trend Micro's support is pretty decent, we have had issues in the past and they have been fairly responsive to us and our complaints. Depending on how severe the issue was. Any ticket that had a high priority was handled very shortly especially when we contacted our account rep even if it was after hours, we were still able to get support within a short time period.
Checkmarx is easier to integrate with development tools and gives quick feedback during coding, which is helpful for developers. Veracode is more focused on scanning and reporting for compliance, but it’s more complex to set up. We chose Checkmarx because it fits better into our development process, offering faster scans and more useful suggestions for fixing problems
Unfortunately, neither cover all of the use cases that we would like so we need to use both but they are both excellent tools as part of our vulnerability management. We find that Snyk helps us better with improving our MTTR of identified vulnerabilities when compared to inspector but that may be more based on how we have implemented both tools
We selected trend micro to take the AV scans and filtering out of the hands of the Windows and Linux vm's we have deployed and move it to the hypervisor level. This has led us to be able to deploy only a single DSVA per host and can protect all VM"s that are on that hosts. This has allowed for more time being spent on other priority security tasks.
100% positive ROI. Without Deep Security we would have to leverage and endpoint protection management solution like Sophos or SEPM (Symantec). Although both are good products, from a cost perspective it would have hit us much harder. Trend Micro Deep Security scales very nicely.
Since Deep Security actually has zero (or at least unnoticeable) resource footprint on monitored VMs, it is a huge cost benefit for us. As previously mentioned, actual antivirus clients installed on each virtual machine (VM) would have significantly affected performance. This would have cost us much more additionally in paying for additional resources to allocate over VMs in the VMware environment. Deep Security is almost completely unintrusive from a resource perspective.
Also, from a layered security perspective, it helps us meet our goals; and since the price of Trend Micro Deep Security quite reasonable, it is that much easier to get approval for this specific internal layer of security.