Snyk (sneek)
January 20, 2023

Snyk (sneek)

Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User

Software Version

Snyk Enterprise

Overall Satisfaction with Snyk

We use Snyk as a mandatory pre-deployment test that is run on all pipelines before code can be sent to production. Any vulnerabilities identified are raised as tickets in Jira and assigned to the relevant team for remediation with a link to the relevant Synk page for more details on the vulnerability and how it can be fixed.This is then linked to our internal processes on how quickly the vulnerability needs to be remediated based on the CVSS score.

Pros

  • Reliable
  • Up to date
  • Easy to use
  • Clear guidance

Cons

  • Its a bit costly
  • Mapping CVSS
  • integrations with other tools
  • Security it hard to quantify but it regularly highlights vulnerabilities that need to be fixed.
  • We would not be able to successfully perform CICD without Snyk
Unfortunately, neither cover all of the use cases that we would like so we need to use both but they are both excellent tools as part of our vulnerability management. We find that Snyk helps us better with improving our MTTR of identified vulnerabilities when compared to inspector but that may be more based on how we have implemented both tools.

Do you think Snyk delivers good value for the price?

Yes

Are you happy with Snyk's feature set?

Yes

Did Snyk live up to sales and marketing promises?

I wasn't involved with the selection/purchase process

Did implementation of Snyk go as expected?

I wasn't involved with the implementation phase

Would you buy Snyk again?

Yes

Snyk is great for monitoring library vulnerabilities which would be very difficult to keep on top of without a tool like this. We integrate it with our deployment pipelines in Gitlab to run on all the applications that are then deployed to AWS.

There is some overlap with the SAST checks that are performed by Amazon Inspector but neither covers the whole spectrum of what we need so we currently need to use both but Snyk is a key part of our defence in depth strategy.

Comments

More Reviews of Snyk