# Semgrep, Snyk vs GitHub Comparison | | Semgrep | Snyk | GitHub | |---|---|---|---| | **Star Rating** | 4.6 out of 5 | 4.5 out of 5 | 4.7 out of 5 | | **Total Reviews** | 55 | 133 | 2,366 | | **Largest Market Segment** | Enterprise (46.3% of reviews) | Mid-Market (45.0% of reviews) | Small-Business (45.4% of reviews) | | **Entry Level Price** | Starting at $40.00 1 contributor Per Month | Free | $0.00 1 users | --- ## Top Pros & Cons ### Semgrep Pros: - Ease of Use (16 reviews) - Features (14 reviews) Cons: - Not User-Friendly (7 reviews) - Limited Features (6 reviews) ### Snyk Pros: - Easy Integrations (5 reviews) - Vulnerability Detection (5 reviews) Cons: - Expensive (3 reviews) - False Positives (3 reviews) ### GitHub Pros: - Features (124 reviews) - Ease of Use (111 reviews) Cons: - Complexity (47 reviews) - Learning Curve (45 reviews) --- ## Ratings Comparison | Rating | Semgrep | Snyk | GitHub | |---|---|---|---| | **Meets Requirements** | 8.8 (49 reviews) | 8.7 (95 reviews) | 9.3 (2043 reviews) | | **Ease of Use** | 9.1 (50 reviews) | 8.8 (96 reviews) | 8.7 (2065 reviews) | | **Ease of Setup** | 9.4 (37 reviews) | 9.1 (59 reviews) | 9.0 (676 reviews) | | **Ease of Admin** | 9.1 (22 reviews) | 8.9 (51 reviews) | 8.7 (457 reviews) | | **Quality of Support** | 8.8 (44 reviews) | 8.7 (80 reviews) | 8.7 (1634 reviews) | | **Has the product been a good partner in doing business?** | 9.6 (22 reviews) | 8.8 (48 reviews) | 8.9 (393 reviews) | | **Product Direction (% positive)** | 9.2 (45 reviews) | 8.8 (85 reviews) | 8.9 (1985 reviews) | --- ## Pricing ### Semgrep #### Entry-Level Pricing Plan: Semgrep Code, Supply Chain, and Secrets Detection Price: Starting at $40.00 1 contributor Per Month Description: Extensible AppSec for growing teams. Choose from Code (SAST), Supply Chain (SCA), and Secrets Detection to eliminate noise out of the box, streamline developer workflows, and give security teams full visibility. Key Features: - Choose from SAST, SCA, and Secrets Detection - Pro Rules and cross-file analysis - AI Assistant [Learn more about Semgrep](https://www.g2.com/products/semgrep/reviews) #### Free Trial Yes ### Snyk #### Entry-Level Pricing Plan: FREE - Limited Tests, Unlimited Developers Price: Free Description: For individual developers and small teams looking to secure while they build. Unlimited Developers. Key Features: - 200 Open Source tests per month - 100 Container tests per month - 300 IaC tests per month [Browse all 3 editions](https://www.g2.com/products/snyk/pricing) #### Free Trial No ### GitHub #### Entry-Level Pricing Plan: Free for Individuals and Organizations Price: $0.00 1 users Description: Basics for teams and developers Key Features: - Unlimited public/private repositories - Unlimited collaborators - 2,000 Actions minutes/month (Free for public repositories) [Browse all 3 editions](https://www.g2.com/products/github/pricing) #### Free Trial Yes --- ## Features Comparison By Category ### Application Release Orchestration | Product | Score | Reviews | |---|---|---| | **Semgrep** | N/A | N/A | | **Snyk** | N/A | N/A | | **GitHub** | 8.7/10 | 180 | #### Administration | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Configuration Management** | Not enough data | Not enough data | 8.9 (143 reviews) | | **Access Control** | Not enough data | Not enough data | 9.1 (151 reviews) | | **Dashboards** | Not enough data | Not enough data | 8.6 (142 reviews) | #### Functionality | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Deployment Automation** | Not enough data | Not enough data | 8.9 (145 reviews) | | **Process Analytics** | Not enough data | Not enough data | 8.5 (127 reviews) | | **Plugins** | Not enough data | Not enough data | 8.8 (132 reviews) | | **APIs / Integrations** | Not enough data | Not enough data | 9.0 (147 reviews) | | **Feature Flags** | Not enough data | Not enough data | 8.2 (128 reviews) | #### Processes | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Pipelines** | Not enough data | Not enough data | 9.0 (144 reviews) | | **Orchestration** | Not enough data | Not enough data | 8.7 (138 reviews) | | **Workflow Visualization** | Not enough data | Not enough data | 8.6 (140 reviews) | ### Static Application Security Testing (SAST) | Product | Score | Reviews | |---|---|---| | **Semgrep** | 8.4/10 | 22 | | **Snyk** | 7.8/10 | 25 | | **GitHub** | 8.6/10 | 67 | #### Administration | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **API / Integrations** | 9.0 (18 reviews) | 8.6 (22 reviews) | 9.0 (41 reviews) | | **Extensibility** | 8.2 (17 reviews) | 8.1 (18 reviews) | 8.8 (38 reviews) | #### Analysis | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Reporting and Analytics** | 8.4 (19 reviews) | 8.5 (23 reviews) | 8.3 (40 reviews) | | **Issue Tracking** | 9.2 (22 reviews) | 8.3 (22 reviews) | 8.7 (44 reviews) | | **Static Code Analysis** | 9.4 (22 reviews) | 8.7 (24 reviews) | 8.6 (41 reviews) | | **Code Analysis** | 9.2 (22 reviews) | 8.9 (21 reviews) | 8.9 (47 reviews) | #### Testing | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Command-Line Tools** | 8.7 (20 reviews) | 7.8 (18 reviews) | 9.0 (42 reviews) | | **Manual Testing** | Feature Not Available | 6.5 (14 reviews) | 8.3 (35 reviews) | | **Test Automation** | Feature Not Available | 7.8 (19 reviews) | 8.4 (37 reviews) | | **Compliance Testing** | 7.7 (17 reviews) | 8.1 (15 reviews) | 8.5 (33 reviews) | | **Black-Box Scanning** | 7.5 (18 reviews) | 6.2 (13 reviews) | 8.3 (32 reviews) | | **Detection Rate** | 8.1 (19 reviews) | 7.5 (19 reviews) | 8.6 (34 reviews) | | **False Positives** | 7.3 (21 reviews) | 6.4 (17 reviews) | 8.0 (32 reviews) | #### Agentic AI - Static Application Security Testing (SAST) | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Autonomous Task Execution** | 7.9 (11 reviews) | Not enough data | Not enough data | ### Dynamic Application Security Testing (DAST) | Product | Score | Reviews | |---|---|---| | **Semgrep** | N/A | N/A | | **Snyk** | N/A | N/A | | **GitHub** | N/A | N/A | #### Administration | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **API / Integrations** | Feature Not Available | Not enough data | Not enough data | | **Extensibility** | Feature Not Available | Not enough data | Not enough data | #### Analysis | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Reporting and Analytics** | Not enough data | Not enough data | Not enough data | | **Issue Tracking** | Not enough data | Not enough data | Not enough data | | **Static Code Analysis** | Not enough data | Not enough data | Not enough data | | **Vulnerability Scan** | Not enough data | Not enough data | Not enough data | | **Code Analysis** | Not enough data | Not enough data | Not enough data | #### Testing | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Manual Testing** | Feature Not Available | Not enough data | Not enough data | | **Test Automation** | Feature Not Available | Not enough data | Not enough data | | **Compliance Testing** | Feature Not Available | Not enough data | Not enough data | | **Black-Box Scanning** | Not enough data | Not enough data | Not enough data | | **Detection Rate** | Not enough data | Not enough data | Not enough data | | **False Positives** | Not enough data | Not enough data | Not enough data | ### Container Security | Product | Score | Reviews | |---|---|---| | **Semgrep** | N/A | N/A | | **Snyk** | 7.5/10 | 32 | | **GitHub** | N/A | N/A | #### Administration | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Risk Scoring** | Not enough data | 8.4 (29 reviews) | Not enough data | | **Secrets Management** | Not enough data | Feature Not Available | Not enough data | | **Security Auditing** | Not enough data | 7.9 (26 reviews) | Not enough data | | **Configuration Management** | Not enough data | 7.5 (19 reviews) | Not enough data | #### Monitoring | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Continuous Image Assurance** | Not enough data | 8.0 (17 reviews) | Not enough data | | **Behavior Monitoring** | Not enough data | 6.5 (13 reviews) | Not enough data | | **Observability** | Not enough data | 7.1 (15 reviews) | Not enough data | #### Protection | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Dynamic Image Scanning** | Not enough data | 7.4 (16 reviews) | Not enough data | | **Runtime Protection** | Not enough data | 7.5 (17 reviews) | Not enough data | | **Workload Protection** | Not enough data | 7.4 (14 reviews) | Not enough data | | **Network Segmentation** | Not enough data | 6.9 (12 reviews) | Not enough data | ### Cloud Infrastructure Automation | Product | Score | Reviews | |---|---|---| | **Semgrep** | N/A | N/A | | **Snyk** | N/A | N/A | | **GitHub** | 8.8/10 | 122 | #### Administration | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Administration Console** | Not enough data | Not enough data | 9.0 (91 reviews) | | **Task Management** | Not enough data | Not enough data | 8.9 (91 reviews) | | **Dashboards and Visualizations** | Not enough data | Not enough data | 8.6 (91 reviews) | | **Access Control** | Not enough data | Not enough data | 9.1 (97 reviews) | #### Automation | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Test Automation** | Not enough data | Not enough data | 8.8 (90 reviews) | | **Intelligent Automation** | Not enough data | Not enough data | 8.6 (83 reviews) | | **Release Automation** | Not enough data | Not enough data | 8.7 (91 reviews) | | **Automated Provisioning** | Not enough data | Not enough data | 8.8 (83 reviews) | #### IT Management | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Workflow Management** | Not enough data | Not enough data | 8.9 (94 reviews) | | **Infrastructure Management** | Not enough data | Not enough data | 8.8 (84 reviews) | | **IT Discovery** | Not enough data | Not enough data | 8.7 (79 reviews) | ### Vulnerability Scanner | Product | Score | Reviews | |---|---|---| | **Semgrep** | 8.1/10 | 12 | | **Snyk** | 8.1/10 | 43 | | **GitHub** | N/A | N/A | #### Performance | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Issue Tracking** | 8.2 (12 reviews) | 8.5 (36 reviews) | Not enough data | | **Detection Rate** | 8.0 (11 reviews) | 8.5 (40 reviews) | Not enough data | | **False Positives** | 8.0 (11 reviews) | 6.7 (32 reviews) | Not enough data | | **Automated Scans** | 9.0 (10 reviews) | 9.1 (41 reviews) | Not enough data | #### Network | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Compliance Testing** | 8.5 (10 reviews) | 8.1 (25 reviews) | Not enough data | | **Perimeter Scanning** | 7.8 (10 reviews) | 7.9 (19 reviews) | Not enough data | | **Configuration Monitoring** | 8.0 (10 reviews) | 8.2 (20 reviews) | Not enough data | #### Application | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Manual Application Testing** | Feature Not Available | 7.8 (17 reviews) | Not enough data | | **Static Code Analysis** | 8.9 (11 reviews) | 8.5 (34 reviews) | Not enough data | | **Black Box Testing** | 8.5 (11 reviews) | 7.4 (13 reviews) | Not enough data | #### Agentic AI - Vulnerability Scanner | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Autonomous Task Execution** | 6.9 (6 reviews) | Not enough data | Not enough data | | **Proactive Assistance** | 7.5 (6 reviews) | Not enough data | Not enough data | ### Continuous Delivery | Product | Score | Reviews | |---|---|---| | **Semgrep** | N/A | N/A | | **Snyk** | N/A | N/A | | **GitHub** | 8.8/10 | 307 | #### Functionality | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Deployment-Ready Staging** | Not enough data | Not enough data | 9.1 (249 reviews) | | **Integration** | Not enough data | Not enough data | 9.2 (259 reviews) | | **Extensible** | Not enough data | Not enough data | 8.8 (232 reviews) | #### Management | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Processes and Workflow** | Not enough data | Not enough data | 9.1 (246 reviews) | | **Reporting** | Not enough data | Not enough data | 8.4 (229 reviews) | | **Automation** | Not enough data | Not enough data | 9.0 (252 reviews) | #### Agentic AI - Continuous Delivery | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Autonomous Task Execution** | Not enough data | Not enough data | 9.1 (26 reviews) | | **Cross-system Integration** | Not enough data | Not enough data | 8.8 (24 reviews) | | **Adaptive Learning** | Not enough data | Not enough data | 8.6 (21 reviews) | | **Natural Language Interaction** | Not enough data | Not enough data | 8.6 (23 reviews) | | **Proactive Assistance** | Not enough data | Not enough data | 8.8 (23 reviews) | ### Bug Tracking | Product | Score | Reviews | |---|---|---| | **Semgrep** | N/A | N/A | | **Snyk** | N/A | N/A | | **GitHub** | 8.8/10 | 237 | #### Bug Reporting | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **User Reports & Feedback** | Not enough data | Not enough data | 8.9 (192 reviews) | | **Tester Reports & Feedback** | Not enough data | Not enough data | 8.8 (185 reviews) | | **Team Reports & Comments** | Not enough data | Not enough data | 9.0 (190 reviews) | #### Bug Monitoring | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Analytics** | Not enough data | Not enough data | 8.4 (183 reviews) | | **Bug History** | Not enough data | Not enough data | 8.9 (203 reviews) | | **Data Retention** | Not enough data | Not enough data | 9.0 (178 reviews) | #### Agentic AI - Bug Tracking | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Adaptive Learning** | Not enough data | Not enough data | 9.1 (20 reviews) | | **Natural Language Interaction** | Not enough data | Not enough data | 9.0 (20 reviews) | | **Proactive Assistance** | Not enough data | Not enough data | 8.7 (19 reviews) | ### Software Composition Analysis | Product | Score | Reviews | |---|---|---| | **Semgrep** | 8.4/10 | 18 | | **Snyk** | 8.4/10 | 38 | | **GitHub** | 8.8/10 | 92 | #### Functionality - Software Composition Analysis | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Language Support** | 8.4 (18 reviews) | 8.1 (24 reviews) | 8.8 (65 reviews) | | **Integration** | 8.2 (18 reviews) | 8.8 (31 reviews) | 9.0 (70 reviews) | | **Transparency** | 8.5 (18 reviews) | 8.3 (31 reviews) | 9.1 (70 reviews) | #### Effectiveness - Software Composition Analysis | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Remediation Suggestions** | 8.5 (18 reviews) | 8.3 (33 reviews) | 8.7 (67 reviews) | | **Continuous Monitoring** | 8.3 (18 reviews) | 8.7 (30 reviews) | 9.0 (70 reviews) | | **Thorough Detection** | 8.3 (18 reviews) | 8.2 (33 reviews) | 8.8 (69 reviews) | ### DevOps Platforms | Product | Score | Reviews | |---|---|---| | **Semgrep** | N/A | N/A | | **Snyk** | N/A | N/A | | **GitHub** | 8.9/10 | 195 | #### Management | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Configuration Management** | Not enough data | Not enough data | 8.9 (138 reviews) | | **Access Control** | Not enough data | Not enough data | 9.1 (149 reviews) | | **Orchestration** | Not enough data | Not enough data | 8.6 (131 reviews) | #### Functionality | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Automation** | Not enough data | Not enough data | 8.9 (148 reviews) | | **Integrations** | Not enough data | Not enough data | 8.9 (141 reviews) | | **Extensibility** | Not enough data | Not enough data | 8.6 (127 reviews) | #### Processes | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Pipeline Control** | Not enough data | Not enough data | 8.9 (139 reviews) | | **Workflow Visualization** | Not enough data | Not enough data | 8.8 (130 reviews) | | **Continuous Deployment** | Not enough data | Not enough data | 9.1 (149 reviews) | ### Continuous Integration | Product | Score | Reviews | |---|---|---| | **Semgrep** | N/A | N/A | | **Snyk** | N/A | N/A | | **GitHub** | 8.5/10 | 268 | #### Functionality | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Integrations** | Not enough data | Not enough data | 9.3 (228 reviews) | | **Extensibility** | Not enough data | Not enough data | 8.9 (210 reviews) | | **Test Customization** | Not enough data | Not enough data | 8.6 (202 reviews) | #### Management | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Automation** | Not enough data | Not enough data | 8.9 (222 reviews) | | **Processes and Workflow** | Not enough data | Not enough data | 8.9 (217 reviews) | | **Reporting** | Not enough data | Not enough data | 8.3 (205 reviews) | #### Agentic AI - Continuous Integration | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Autonomous Task Execution** | Not enough data | Not enough data | 8.3 (25 reviews) | | **Cross-system Integration** | Not enough data | Not enough data | 8.8 (30 reviews) | | **Adaptive Learning** | Not enough data | Not enough data | 8.5 (24 reviews) | | **Natural Language Interaction** | Not enough data | Not enough data | 7.7 (27 reviews) | | **Proactive Assistance** | Not enough data | Not enough data | 8.3 (26 reviews) | ### Secure Code Review | Product | Score | Reviews | |---|---|---| | **Semgrep** | 8.4/10 | 21 | | **Snyk** | N/A | N/A | | **GitHub** | 8.6/10 | 216 | #### Documentation | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Feedback** | 8.9 (19 reviews) | Not enough data | 8.7 (181 reviews) | | **Prioritization** | 9.3 (20 reviews) | Not enough data | 8.7 (170 reviews) | | **Remediation Suggestions** | 8.2 (20 reviews) | Not enough data | 8.6 (164 reviews) | #### Security | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **False Positives** | 7.4 (21 reviews) | Not enough data | 8.2 (159 reviews) | | **Custom Compliance** | 7.9 (17 reviews) | Not enough data | 8.5 (161 reviews) | | **Agility** | 8.9 (17 reviews) | Not enough data | 9.0 (173 reviews) | ### Software Supply Chain Security Tools | Product | Score | Reviews | |---|---|---| | **Semgrep** | N/A | N/A | | **Snyk** | N/A | N/A | | **GitHub** | N/A | N/A | #### Security | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Tampering** | Not enough data | Not enough data | Not enough data | | **Malicious Code** | Not enough data | Not enough data | Not enough data | | **Verification** | Not enough data | Not enough data | Not enough data | | **Security Risks** | Not enough data | Not enough data | Not enough data | #### Tracking | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Bill of Materials** | Not enough data | Not enough data | Not enough data | | **Audit Trails** | Not enough data | Not enough data | Not enough data | | **Monitoring** | Not enough data | Not enough data | Not enough data | ### Software Bill of Materials (SBOM) | Product | Score | Reviews | |---|---|---| | **Semgrep** | N/A | N/A | | **Snyk** | N/A | N/A | | **GitHub** | N/A | N/A | #### Functionality - Software Bill of Materials (SBOM) | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Format Support** | Not enough data | Not enough data | Not enough data | | **Annotations** | Not enough data | Not enough data | Not enough data | | **Attestation** | Not enough data | Not enough data | Not enough data | #### Management - Software Bill of Materials (SBOM) | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Monitoring** | Not enough data | Not enough data | Not enough data | | **Dashboards** | Not enough data | Not enough data | Not enough data | | **User Provisioning** | Not enough data | Not enough data | Not enough data | ### Static Code Analysis | Product | Score | Reviews | |---|---|---| | **Semgrep** | 7.7/10 | 10 | | **Snyk** | N/A | N/A | | **GitHub** | N/A | N/A | #### Agentic AI - Static Code Analysis | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Adaptive Learning** | 7.7 (10 reviews) | Not enough data | Not enough data | | **Natural Language Interaction** | 7.6 (9 reviews) | Not enough data | Not enough data | | **Proactive Assistance** | 7.7 (10 reviews) | Not enough data | Not enough data | ### AI AppSec Assistants | Product | Score | Reviews | |---|---|---| | **Semgrep** | N/A | N/A | | **Snyk** | N/A | N/A | | **GitHub** | N/A | N/A | #### Performance - AI AppSec Assistants | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Remediation** | Not enough data | Not enough data | Not enough data | | **Real-time Vulnerability Detection** | Not enough data | Not enough data | Not enough data | | **Accuracy** | Not enough data | Not enough data | Not enough data | #### Integration - AI AppSec Assistants | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Stack Integration** | Not enough data | Not enough data | Not enough data | | **Workflow Integration** | Not enough data | Not enough data | Not enough data | | **Codebase Contextual Awareness** | Not enough data | Not enough data | Not enough data | ### Interactive Application Security Testing (IAST) | Product | Score | Reviews | |---|---|---| | **Semgrep** | N/A | N/A | | **Snyk** | N/A | N/A | | **GitHub** | N/A | N/A | #### Agentic AI - Interactive Application Security Testing (IAST) | Feature | Semgrep | Snyk | GitHub | |---|---|---|---| | **Autonomous Task Execution** | Not enough data | Not enough data | Not enough data | --- ## Categories **Shared Categories (2):** [Software Composition Analysis Tools](https://www.g2.com/categories/software-composition-analysis), [Static Application Security Testing (SAST) Software](https://www.g2.com/categories/static-application-security-testing-sast) **Unique to Semgrep (6):** [AI AppSec Assistants](https://www.g2.com/categories/ai-appsec-assistants), [Static Code Analysis Tools](https://www.g2.com/categories/static-code-analysis), [Vulnerability Scanner Software](https://www.g2.com/categories/vulnerability-scanner), [Secure Code Review Software](https://www.g2.com/categories/secure-code-review), [Interactive Application Security Testing (IAST) Software](https://www.g2.com/categories/interactive-application-security-testing-iast), [Dynamic Application Security Testing (DAST) Software](https://www.g2.com/categories/dynamic-application-security-testing-dast) **Unique to Snyk (5):** [Software Supply Chain Security Solutions](https://www.g2.com/categories/software-supply-chain-security-tools), [AI AppSec Assistants](https://www.g2.com/categories/ai-appsec-assistants), [Container Security Tools](https://www.g2.com/categories/container-security-tools), [Vulnerability Scanner Software](https://www.g2.com/categories/vulnerability-scanner), [Software Bill of Materials (SBOM) Software](https://www.g2.com/categories/software-bill-of-materials-sbom) **Unique to GitHub (12):** [DevOps Platforms](https://www.g2.com/categories/devops-platforms), [Cloud Infrastructure Automation Software](https://www.g2.com/categories/cloud-infrastructure-automation), [Application Release Orchestration (ARO) Tools](https://www.g2.com/categories/application-release-orchestration), [Version Control Hosting Software](https://www.g2.com/categories/version-control-hosting), [Peer Code Review Software](https://www.g2.com/categories/peer-code-review), [Continuous Delivery Tools](https://www.g2.com/categories/continuous-delivery-tools), [Gaming Tools ](https://www.g2.com/categories/gaming-tools), [Bug Tracking Software](https://www.g2.com/categories/bug-tracking), [Configuration Management Tools](https://www.g2.com/categories/configuration-management), [Continuous Integration Tools](https://www.g2.com/categories/continuous-integration), [Build Automation Software](https://www.g2.com/categories/build-automation), [Secure Code Review Software](https://www.g2.com/categories/secure-code-review) --- ## Reviewer Demographics ### By Company Size | Segment | Semgrep | Snyk | GitHub | |---|---|---|---| | **Small-Business** | 11.1% | 35.1% | 45.4% | | **Mid-Market** | 42.6% | 45.0% | 30.7% | | **Enterprise** | 46.3% | 19.8% | 23.9% | ### By Industry #### Semgrep - **Information Technology and Services:** 24.1% - **Computer Software:** 20.4% - **Financial Services:** 16.7% - **Computer & Network Security:** 5.6% - **Semiconductors:** 5.6% - **Manufacturing:** 5.6% - **Insurance:** 3.7% - **International Affairs:** 1.9% - **Information Services:** 1.9% - **Hospital & Health Care:** 1.9% - **Other:** 13.0% #### Snyk - **Computer Software:** 22.1% - **Information Technology and Services:** 20.6% - **Computer & Network Security:** 9.2% - **Hospital & Health Care:** 6.1% - **Financial Services:** 5.3% - **Telecommunications:** 3.1% - **Banking:** 3.1% - **Education Management:** 2.3% - **Internet:** 2.3% - **Retail:** 1.5% - **Other:** 24.4% #### GitHub - **Computer Software:** 32.3% - **Information Technology and Services:** 22.5% - **Internet:** 6.5% - **Financial Services:** 3.2% - **Higher Education:** 3.2% - **Marketing and Advertising:** 2.5% - **Education Management:** 2.1% - **Program Development:** 1.7% - **Computer & Network Security:** 1.6% - **Research:** 1.3% - **Other:** 23.0% --- ## Alternatives ### Alternatives to Semgrep - [SonarQube](https://www.g2.com/products/sonarqube/reviews) — 4.4/5 stars (145 reviews) - [GitLab](https://www.g2.com/products/gitlab/reviews) — 4.5/5 stars (896 reviews) - [Wiz](https://www.g2.com/products/wiz-wiz/reviews) — 4.7/5 stars (813 reviews) - [Red Hat Ansible Automation Platform](https://www.g2.com/products/red-hat-ansible-automation-platform/reviews) — 4.6/5 stars (377 reviews) - [Replit](https://www.g2.com/products/replit/reviews) — 4.5/5 stars (361 reviews) - [GitHub Copilot](https://www.g2.com/products/github-copilot/reviews) — 4.5/5 stars (332 reviews) - [Microsoft Defender for Cloud](https://www.g2.com/products/microsoft-defender-for-cloud/reviews) — 4.4/5 stars (314 reviews) - [Tenable Nessus](https://www.g2.com/products/tenable-nessus/reviews) — 4.5/5 stars (302 reviews) - [Gearset DevOps](https://www.g2.com/products/gearset-devops/reviews) — 4.7/5 stars (292 reviews) - [Aikido Security](https://www.g2.com/products/aikido-security/reviews) — 4.6/5 stars (141 reviews) ### Alternatives to Snyk - [Aikido Security](https://www.g2.com/products/aikido-security/reviews) — 4.6/5 stars (141 reviews) - [Mend.io](https://www.g2.com/products/mend-io/reviews) — 4.3/5 stars (112 reviews) - [Veracode Application Security Platform](https://www.g2.com/products/veracode-application-security-platform/reviews) — 3.8/5 stars (26 reviews) - [Wiz](https://www.g2.com/products/wiz-wiz/reviews) — 4.7/5 stars (813 reviews) - [SonarQube](https://www.g2.com/products/sonarqube/reviews) — 4.4/5 stars (145 reviews) - [GitLab](https://www.g2.com/products/gitlab/reviews) — 4.5/5 stars (896 reviews) - [SOOS](https://www.g2.com/products/soos/reviews) — 4.6/5 stars (42 reviews) - [FortiCNAPP](https://www.g2.com/products/forticnapp/reviews) — 4.4/5 stars (386 reviews) - [Microsoft Defender for Cloud](https://www.g2.com/products/microsoft-defender-for-cloud/reviews) — 4.4/5 stars (314 reviews) - [Cortex Cloud](https://www.g2.com/products/cortex-cloud/reviews) — 4.1/5 stars (116 reviews) ### Alternatives to GitHub - [GitLab](https://www.g2.com/products/gitlab/reviews) — 4.5/5 stars (896 reviews) - [Harness Platform](https://www.g2.com/products/harness-platform/reviews) — 4.6/5 stars (281 reviews) - [Red Hat Ansible Automation Platform](https://www.g2.com/products/red-hat-ansible-automation-platform/reviews) — 4.6/5 stars (377 reviews) - [Jenkins](https://www.g2.com/products/jenkins/reviews) — 4.4/5 stars (567 reviews) - [CircleCI](https://www.g2.com/products/circleci/reviews) — 4.4/5 stars (509 reviews) - [CloudBees](https://www.g2.com/products/cloudbees/reviews) — 4.4/5 stars (622 reviews) - [Azure DevOps Server](https://www.g2.com/products/azure-devops-server/reviews) — 4.2/5 stars (198 reviews) - [Bitbucket](https://www.g2.com/products/bitbucket/reviews) — 4.4/5 stars (1012 reviews) - [Copado DevOps](https://www.g2.com/products/copado-devops/reviews) — 4.4/5 stars (329 reviews) - [Gearset DevOps](https://www.g2.com/products/gearset-devops/reviews) — 4.7/5 stars (292 reviews) --- ## Top Discussions ### Semgrep No discussions available for this product. ### Snyk - Title: [What is Snyk scanning?](https://www.g2.com/discussions/what-is-snyk-scanning) — 2 comments, 2 upvotes > **Top comment:** "Codebase and open source libraries" - Title: [Is Snyk a SaaS?](https://www.g2.com/discussions/is-snyk-a-saas) — 2 comments > **Top comment:** "No" - Title: [How good is Snyk?](https://www.g2.com/discussions/how-good-is-snyk) — 2 comments > **Top comment:** "very. it's basically like dependabot, but more fleshed out" ### GitHub - Title: [What is GitHub used for?](https://www.g2.com/discussions/what-is-github-used-for) — 8 comments, 4 upvotes > **Top comment:** "- store software source code - use actions to execute CI / CD and publish artefacts / create releases - lightweight software project management" - Title: [What can GitHub be used for?](https://www.g2.com/discussions/what-can-github-be-used-for) — 5 comments > **Top comment:** "To have a storage for my main projects." - Title: [How is GitHub shaping the landscape of collaborative software development and version control?](https://www.g2.com/discussions/how-is-github-shaping-the-landscape-of-collaborative-software-development-and-version-control) — 4 comments > **Top comment:** "GitHub provides a platform for developers across the world to collaborate on projects, regardless of their location. It has become a vital tool for..." - Title: [What does GitHub mean?](https://www.g2.com/discussions/what-does-github-mean) — 2 comments > **Top comment:** "pandora of Codes, All useful codes developed by coders around the globe are here." - Title: [How can we make git merge easier to avoid conflicts](https://www.g2.com/discussions/how-can-we-make-git-merge-easier-to-avoid-conflicts) — 1 comment, 1 upvote > **Top comment:** "Rebase the brach you want to merge with the branch you are merging into berforehand " --- **Source:** [G2.com](https://www.g2.com) | [Comparison Page](https://www.g2.com/compare/semgrep-vs-snyk-vs-github)