# SOOS, Snyk, Mend.io vs Veracode Application Security Platform Comparison | | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Star Rating** | 4.6 out of 5 | 4.5 out of 5 | 4.3 out of 5 | 3.8 out of 5 | | **Total Reviews** | 42 | 132 | 112 | 26 | | **Largest Market Segment** | Mid-Market (53.8% of reviews) | Mid-Market (45.4% of reviews) | Small-Business (39.0% of reviews) | Enterprise (50.0% of reviews) | | **Entry Level Price** | Free | Free | $300.00 1 Contributing Developer (CDs) Per Year | No pricing available | --- ## Top Pros & Cons ### SOOS Pros: - Ease of Use (8 reviews) - Easy Integrations (6 reviews) Cons: - Inadequate Reporting (4 reviews) - Poor Reporting (4 reviews) ### Snyk Pros: - Easy Integrations (5 reviews) - Vulnerability Detection (5 reviews) Cons: - Expensive (3 reviews) - False Positives (3 reviews) ### Mend.io Pros: - Scanning Efficiency (8 reviews) - Ease of Use (7 reviews) Cons: - Integration Issues (6 reviews) - Limited Features (3 reviews) ### Veracode Application Security Platform Pros: - Security (5 reviews) - Vulnerability Detection (5 reviews) Cons: - Expensive (2 reviews) - Lack of Information (2 reviews) --- ## Ratings Comparison | Rating | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Meets Requirements** | 8.8 (29 reviews) | 8.7 (94 reviews) | 8.6 (81 reviews) | 8.1 (19 reviews) | | **Ease of Use** | 9.3 (32 reviews) | 8.8 (95 reviews) | 8.3 (82 reviews) | 7.3 (20 reviews) | | **Ease of Setup** | 9.1 (19 reviews) | 9.1 (58 reviews) | 8.1 (50 reviews) | 6.3 (8 reviews) | | **Ease of Admin** | 9.3 (18 reviews) | 8.9 (51 reviews) | 8.2 (50 reviews) | 7.4 (7 reviews) | | **Quality of Support** | 9.3 (24 reviews) | 8.7 (79 reviews) | 8.7 (67 reviews) | 8.0 (18 reviews) | | **Has the product been a good partner in doing business?** | 9.1 (17 reviews) | 8.8 (48 reviews) | 8.8 (46 reviews) | 7.9 (7 reviews) | | **Product Direction (% positive)** | 9.6 (30 reviews) | 8.8 (84 reviews) | 8.6 (75 reviews) | 6.3 (19 reviews) | --- ## Pricing ### SOOS #### Entry-Level Pricing Plan: SOOS Community Edition Price: Free Description: Our no-hassle enrollment process and easy-to-setup GitHub integration, brings practical supply chain security to the masses. Use our SCA tool with any public GitHub repository! Key Features: - All features of SOOS SCA - Scan Node, Ruby, Python, Java, & more (17 pkg managers and languages) - Robust license policies [Browse all 3 editions](https://www.g2.com/products/soos/pricing) #### Free Trial Yes ### Snyk #### Entry-Level Pricing Plan: FREE - Limited Tests, Unlimited Developers Price: Free Description: For individual developers and small teams looking to secure while they build. Unlimited Developers. Key Features: - 200 Open Source tests per month - 100 Container tests per month - 300 IaC tests per month [Browse all 3 editions](https://www.g2.com/products/snyk/pricing) #### Free Trial No ### Mend.io #### Entry-Level Pricing Plan: Mend AI Premium Price: $300.00 1 Contributing Developer (CDs) Per Year Description: Secure AI powered applications.
 AI red teaming, prompt hardening & more Key Features: - AI component inventory - AI component risk insights - System Prompt Hardening [Browse all 3 editions](https://www.g2.com/products/mend-io/pricing) #### Free Trial Yes ### Veracode Application Security Platform #### Entry-Level Pricing No pricing available #### Free Trial No information available --- ## Features Comparison By Category ### Penetration Testing | Product | Score | Reviews | |---|---|---| | **SOOS** | N/A | N/A | | **Snyk** | N/A | N/A | | **Mend.io** | N/A | N/A | | **Veracode Application Security Platform** | N/A | N/A | #### Administration | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **API / Integrations** | Not enough data | Not enough data | Not enough data | Not enough data | | **Extensibility** | Not enough data | Not enough data | Not enough data | Not enough data | | **Reporting and Analytics** | Not enough data | Not enough data | Not enough data | Not enough data | #### Analysis | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Issue Tracking** | Not enough data | Not enough data | Not enough data | Not enough data | | **Reconnaissance** | Not enough data | Not enough data | Not enough data | Not enough data | | **Vulnerability Scan** | Not enough data | Not enough data | Not enough data | Not enough data | #### Testing | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Command-Line Tools** | Not enough data | Not enough data | Not enough data | Not enough data | | **Manual Testing** | Not enough data | Not enough data | Not enough data | Not enough data | | **Test Automation** | Not enough data | Not enough data | Not enough data | Not enough data | | **Performance and Reliability** | Not enough data | Not enough data | Not enough data | Not enough data | ### Static Application Security Testing (SAST) | Product | Score | Reviews | |---|---|---| | **SOOS** | N/A | N/A | | **Snyk** | 7.8/10 | 25 | | **Mend.io** | 7.3/10 | 15 | | **Veracode Application Security Platform** | N/A | N/A | #### Administration | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **API / Integrations** | Not enough data | 8.6 (22 reviews) | 7.6 (7 reviews) | Not enough data | | **Extensibility** | Not enough data | 8.1 (18 reviews) | 7.7 (8 reviews) | Not enough data | #### Analysis | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Reporting and Analytics** | Not enough data | 8.5 (23 reviews) | 7.3 (11 reviews) | Not enough data | | **Issue Tracking** | Not enough data | 8.3 (22 reviews) | 7.6 (11 reviews) | Not enough data | | **Static Code Analysis** | Not enough data | 8.7 (24 reviews) | 8.2 (11 reviews) | Not enough data | | **Code Analysis** | Not enough data | 8.9 (21 reviews) | 7.6 (11 reviews) | Not enough data | #### Testing | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Command-Line Tools** | Not enough data | 7.8 (18 reviews) | 7.2 (10 reviews) | Not enough data | | **Manual Testing** | Not enough data | 6.5 (14 reviews) | Feature Not Available | Not enough data | | **Test Automation** | Not enough data | 7.8 (19 reviews) | 7.2 (9 reviews) | Not enough data | | **Compliance Testing** | Not enough data | 8.1 (15 reviews) | 7.7 (10 reviews) | Not enough data | | **Black-Box Scanning** | Not enough data | 6.2 (13 reviews) | Not enough data | Not enough data | | **Detection Rate** | Not enough data | 7.5 (19 reviews) | 7.4 (9 reviews) | Not enough data | | **False Positives** | Not enough data | 6.4 (17 reviews) | 5.0 (9 reviews) | Not enough data | #### Agentic AI - Static Application Security Testing (SAST) | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Autonomous Task Execution** | Not enough data | Not enough data | Not enough data | Not enough data | ### Dynamic Application Security Testing (DAST) | Product | Score | Reviews | |---|---|---| | **SOOS** | 8.4/10 | 14 | | **Snyk** | N/A | N/A | | **Mend.io** | N/A | N/A | | **Veracode Application Security Platform** | 8.5/10 | 8 | #### Administration | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **API / Integrations** | 7.4 (9 reviews) | Not enough data | Not enough data | 7.9 (7 reviews) | | **Extensibility** | 8.3 (7 reviews) | Not enough data | Not enough data | 9.2 (6 reviews) | #### Analysis | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Reporting and Analytics** | 7.6 (12 reviews) | Not enough data | Not enough data | 8.3 (7 reviews) | | **Issue Tracking** | 8.6 (11 reviews) | Not enough data | Not enough data | 8.3 (5 reviews) | | **Static Code Analysis** | 9.0 (8 reviews) | Not enough data | Not enough data | 9.3 (7 reviews) | | **Vulnerability Scan** | 9.0 (13 reviews) | Not enough data | Not enough data | 9.0 (8 reviews) | | **Code Analysis** | Not enough data | Not enough data | Not enough data | 8.6 (6 reviews) | #### Testing | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Manual Testing** | Feature Not Available | Not enough data | Not enough data | Not enough data | | **Test Automation** | 9.4 (8 reviews) | Not enough data | Not enough data | 9.0 (5 reviews) | | **Compliance Testing** | 8.9 (6 reviews) | Not enough data | Not enough data | Not enough data | | **Black-Box Scanning** | 9.3 (9 reviews) | Not enough data | Not enough data | 8.3 (5 reviews) | | **Detection Rate** | 8.9 (11 reviews) | Not enough data | Not enough data | 8.0 (5 reviews) | | **False Positives** | 6.1 (9 reviews) | Not enough data | Not enough data | 7.8 (6 reviews) | ### Container Security | Product | Score | Reviews | |---|---|---| | **SOOS** | N/A | N/A | | **Snyk** | 7.5/10 | 32 | | **Mend.io** | 8.3/10 | 14 | | **Veracode Application Security Platform** | N/A | N/A | #### Administration | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Risk Scoring** | Not enough data | 8.4 (29 reviews) | 8.3 (7 reviews) | Not enough data | | **Secrets Management** | Not enough data | Feature Not Available | Feature Not Available | Not enough data | | **Security Auditing** | Not enough data | 7.9 (26 reviews) | 9.1 (9 reviews) | Not enough data | | **Configuration Management** | Not enough data | 7.5 (19 reviews) | 8.0 (10 reviews) | Not enough data | #### Monitoring | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Continuous Image Assurance** | Not enough data | 8.0 (17 reviews) | Feature Not Available | Not enough data | | **Behavior Monitoring** | Not enough data | 6.5 (13 reviews) | Feature Not Available | Not enough data | | **Observability** | Not enough data | 7.1 (15 reviews) | Feature Not Available | Not enough data | #### Protection | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Dynamic Image Scanning** | Not enough data | 7.4 (16 reviews) | 7.9 (8 reviews) | Not enough data | | **Runtime Protection** | Not enough data | 7.5 (17 reviews) | Feature Not Available | Not enough data | | **Workload Protection** | Not enough data | 7.4 (14 reviews) | Feature Not Available | Not enough data | | **Network Segmentation** | Not enough data | 6.9 (12 reviews) | Feature Not Available | Not enough data | ### Vulnerability Scanner | Product | Score | Reviews | |---|---|---| | **SOOS** | N/A | N/A | | **Snyk** | 8.1/10 | 43 | | **Mend.io** | N/A | N/A | | **Veracode Application Security Platform** | N/A | N/A | #### Performance | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Issue Tracking** | Not enough data | 8.5 (36 reviews) | Not enough data | Not enough data | | **Detection Rate** | Not enough data | 8.5 (40 reviews) | Not enough data | Not enough data | | **False Positives** | Not enough data | 6.7 (32 reviews) | Not enough data | Not enough data | | **Automated Scans** | Not enough data | 9.1 (41 reviews) | Not enough data | Not enough data | #### Network | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Compliance Testing** | Not enough data | 8.1 (25 reviews) | Not enough data | Not enough data | | **Perimeter Scanning** | Not enough data | 7.9 (19 reviews) | Feature Not Available | Not enough data | | **Configuration Monitoring** | Not enough data | 8.2 (20 reviews) | Not enough data | Not enough data | #### Application | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Manual Application Testing** | Not enough data | 7.8 (17 reviews) | Feature Not Available | Not enough data | | **Static Code Analysis** | Not enough data | 8.5 (34 reviews) | Not enough data | Not enough data | | **Black Box Testing** | Not enough data | 7.4 (13 reviews) | Not enough data | Not enough data | #### Agentic AI - Vulnerability Scanner | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Autonomous Task Execution** | Not enough data | Not enough data | Not enough data | Not enough data | | **Proactive Assistance** | Not enough data | Not enough data | Not enough data | Not enough data | ### Software Composition Analysis | Product | Score | Reviews | |---|---|---| | **SOOS** | 9.3/10 | 19 | | **Snyk** | 8.4/10 | 37 | | **Mend.io** | 8.5/10 | 53 | | **Veracode Application Security Platform** | N/A | N/A | #### Functionality - Software Composition Analysis | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Language Support** | 9.5 (11 reviews) | 8.1 (24 reviews) | 8.5 (45 reviews) | Not enough data | | **Integration** | 9.5 (18 reviews) | 8.7 (30 reviews) | 8.5 (47 reviews) | Not enough data | | **Transparency** | 9.3 (15 reviews) | 8.3 (31 reviews) | 8.6 (44 reviews) | Not enough data | #### Effectiveness - Software Composition Analysis | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Remediation Suggestions** | 8.9 (15 reviews) | 8.3 (32 reviews) | 8.2 (45 reviews) | Not enough data | | **Continuous Monitoring** | 9.4 (16 reviews) | 8.7 (30 reviews) | 8.8 (44 reviews) | Not enough data | | **Thorough Detection** | 9.1 (16 reviews) | 8.2 (32 reviews) | 8.6 (45 reviews) | Not enough data | ### Secure Code Review | Product | Score | Reviews | |---|---|---| | **SOOS** | N/A | N/A | | **Snyk** | N/A | N/A | | **Mend.io** | N/A | N/A | | **Veracode Application Security Platform** | N/A | N/A | #### Documentation | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Feedback** | Not enough data | Not enough data | Not enough data | Not enough data | | **Prioritization** | Not enough data | Not enough data | Not enough data | Not enough data | | **Remediation Suggestions** | Not enough data | Not enough data | Not enough data | Not enough data | #### Security | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **False Positives** | Not enough data | Not enough data | Not enough data | Not enough data | | **Custom Compliance** | Not enough data | Not enough data | Not enough data | Not enough data | | **Agility** | Not enough data | Not enough data | Not enough data | Not enough data | ### Software Supply Chain Security Tools | Product | Score | Reviews | |---|---|---| | **SOOS** | N/A | N/A | | **Snyk** | N/A | N/A | | **Mend.io** | N/A | N/A | | **Veracode Application Security Platform** | N/A | N/A | #### Security | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Tampering** | Not enough data | Not enough data | Feature Not Available | Not enough data | | **Malicious Code** | Not enough data | Not enough data | Not enough data | Not enough data | | **Verification** | Not enough data | Not enough data | Feature Not Available | Not enough data | | **Security Risks** | Not enough data | Not enough data | Not enough data | Not enough data | #### Tracking | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Bill of Materials** | Not enough data | Not enough data | Not enough data | Not enough data | | **Audit Trails** | Not enough data | Not enough data | Not enough data | Not enough data | | **Monitoring** | Not enough data | Not enough data | Not enough data | Not enough data | ### Application Security Posture Management (ASPM) | Product | Score | Reviews | |---|---|---| | **SOOS** | N/A | N/A | | **Snyk** | N/A | N/A | | **Mend.io** | N/A | N/A | | **Veracode Application Security Platform** | N/A | N/A | #### Risk management - Application Security Posture Management (ASPM) | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Vulnerability Management** | Not enough data | Not enough data | Not enough data | Not enough data | | **Risk Assessment and Prioritization** | Not enough data | Not enough data | Not enough data | Not enough data | | **Compliance Management** | Not enough data | Not enough data | Not enough data | Not enough data | | **Policy Enforcement** | Not enough data | Not enough data | Not enough data | Not enough data | #### Integration and efficiency - Application Security Posture Management (ASPM) | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Integration with Development Tools** | Not enough data | Not enough data | Not enough data | Not enough data | | **Automation and Efficiency** | Not enough data | Not enough data | Not enough data | Not enough data | #### Reporting and Analytics - Application Security Posture Management (ASPM) | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Trend Analysis** | Not enough data | Not enough data | Not enough data | Not enough data | | **Risk Scoring** | Not enough data | Not enough data | Not enough data | Not enough data | | **Customizable Dashboards** | Not enough data | Not enough data | Not enough data | Not enough data | #### Agentic AI - Application Security Posture Management (ASPM) | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Autonomous Task Execution** | Not enough data | Not enough data | Not enough data | Not enough data | | **Multi-step Planning** | Not enough data | Not enough data | Not enough data | Not enough data | ### Software Bill of Materials (SBOM) | Product | Score | Reviews | |---|---|---| | **SOOS** | N/A | N/A | | **Snyk** | N/A | N/A | | **Mend.io** | N/A | N/A | | **Veracode Application Security Platform** | N/A | N/A | #### Functionality - Software Bill of Materials (SBOM) | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Format Support** | Not enough data | Not enough data | Not enough data | Not enough data | | **Annotations** | Not enough data | Not enough data | Not enough data | Not enough data | | **Attestation** | Not enough data | Not enough data | Not enough data | Not enough data | #### Management - Software Bill of Materials (SBOM) | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Monitoring** | Not enough data | Not enough data | Not enough data | Not enough data | | **Dashboards** | Not enough data | Not enough data | Not enough data | Not enough data | | **User Provisioning** | Not enough data | Not enough data | Not enough data | Not enough data | ### Static Code Analysis | Product | Score | Reviews | |---|---|---| | **SOOS** | N/A | N/A | | **Snyk** | N/A | N/A | | **Mend.io** | N/A | N/A | | **Veracode Application Security Platform** | N/A | N/A | #### Agentic AI - Static Code Analysis | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Adaptive Learning** | Not enough data | Not enough data | Not enough data | Not enough data | | **Natural Language Interaction** | Not enough data | Not enough data | Not enough data | Not enough data | | **Proactive Assistance** | Not enough data | Not enough data | Not enough data | Not enough data | ### AI Security Solutions | Product | Score | Reviews | |---|---|---| | **SOOS** | N/A | N/A | | **Snyk** | N/A | N/A | | **Mend.io** | N/A | N/A | | **Veracode Application Security Platform** | N/A | N/A | #### Model Protection - AI Security Solutions | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Input Hardening** | Not enough data | Not enough data | Feature Not Available | Not enough data | | **Input/Output Inspection** | Not enough data | Not enough data | Feature Not Available | Not enough data | | **Integrity Monitoring** | Not enough data | Not enough data | Feature Not Available | Not enough data | | **Model Access Control** | Not enough data | Not enough data | Feature Not Available | Not enough data | #### Runtime Monitoring - AI Security Solutions | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **AI Behavior Anomaly Detection** | Not enough data | Not enough data | Feature Not Available | Not enough data | | **Audit Trail** | Not enough data | Not enough data | Feature Not Available | Not enough data | #### Policy Enforcement and Compliance - AI Security Solutions | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Scalable Governance** | Not enough data | Not enough data | Not enough data | Not enough data | | **Integrations** | Not enough data | Not enough data | Feature Not Available | Not enough data | | **Shadow AI** | Not enough data | Not enough data | Not enough data | Not enough data | | **Policy‑as‑Code for AI Assets** | Not enough data | Not enough data | Not enough data | Not enough data | ### AI AppSec Assistants | Product | Score | Reviews | |---|---|---| | **SOOS** | N/A | N/A | | **Snyk** | N/A | N/A | | **Mend.io** | N/A | N/A | | **Veracode Application Security Platform** | N/A | N/A | #### Performance - AI AppSec Assistants | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Remediation** | Not enough data | Not enough data | Not enough data | Not enough data | | **Real-time Vulnerability Detection** | Not enough data | Not enough data | Not enough data | Not enough data | | **Accuracy** | Not enough data | Not enough data | Not enough data | Not enough data | #### Integration - AI AppSec Assistants | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Stack Integration** | Not enough data | Not enough data | Not enough data | Not enough data | | **Workflow Integration** | Not enough data | Not enough data | Not enough data | Not enough data | | **Codebase Contextual Awareness** | Not enough data | Not enough data | Not enough data | Not enough data | ### Cloud Security | Product | Score | Reviews | |---|---|---| | **SOOS** | N/A | N/A | | **Snyk** | N/A | N/A | | **Mend.io** | N/A | N/A | | **Veracode Application Security Platform** | N/A | N/A | #### Cloud Visibility | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Data Discovery** | Not enough data | Not enough data | Not enough data | Not enough data | | **Cloud Registry** | Not enough data | Not enough data | Not enough data | Not enough data | | **Cloud Gap Analytics** | Not enough data | Not enough data | Not enough data | Not enough data | #### Security | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Data Security** | Not enough data | Not enough data | Not enough data | Not enough data | | **Data loss Prevention** | Not enough data | Not enough data | Not enough data | Not enough data | | **Security Auditing** | Not enough data | Not enough data | Not enough data | Not enough data | #### Identity | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **SSO** | Not enough data | Not enough data | Not enough data | Not enough data | | **Governance** | Not enough data | Not enough data | Not enough data | Not enough data | | **User Analytics** | Not enough data | Not enough data | Not enough data | Not enough data | ### Interactive Application Security Testing (IAST) | Product | Score | Reviews | |---|---|---| | **SOOS** | N/A | N/A | | **Snyk** | N/A | N/A | | **Mend.io** | N/A | N/A | | **Veracode Application Security Platform** | N/A | N/A | #### Agentic AI - Interactive Application Security Testing (IAST) | Feature | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Autonomous Task Execution** | Not enough data | Not enough data | Not enough data | Not enough data | --- ## Categories **Shared Categories (3):** [Software Composition Analysis Tools](https://www.g2.com/categories/software-composition-analysis), [Software Supply Chain Security Solutions](https://www.g2.com/categories/software-supply-chain-security-tools), [Software Bill of Materials (SBOM) Software](https://www.g2.com/categories/software-bill-of-materials-sbom) **Unique to SOOS (1):** [Dynamic Application Security Testing (DAST) Software](https://www.g2.com/categories/dynamic-application-security-testing-dast) **Unique to Snyk (4):** [AI AppSec Assistants](https://www.g2.com/categories/ai-appsec-assistants), [Container Security Tools](https://www.g2.com/categories/container-security-tools), [Static Application Security Testing (SAST) Software](https://www.g2.com/categories/static-application-security-testing-sast), [Vulnerability Scanner Software](https://www.g2.com/categories/vulnerability-scanner) **Unique to Mend.io (6):** [AI Security Solutions Software](https://www.g2.com/categories/ai-security-solutions), [Static Application Security Testing (SAST) Software](https://www.g2.com/categories/static-application-security-testing-sast), [Static Code Analysis Tools](https://www.g2.com/categories/static-code-analysis), [Vulnerability Scanner Software](https://www.g2.com/categories/vulnerability-scanner), [Application Security Posture Management (ASPM) Software](https://www.g2.com/categories/application-security-posture-management-aspm), [Container Security Tools](https://www.g2.com/categories/container-security-tools) **Unique to Veracode Application Security Platform (8):** [Secure Code Review Software](https://www.g2.com/categories/secure-code-review), [AI AppSec Assistants](https://www.g2.com/categories/ai-appsec-assistants), [Static Application Security Testing (SAST) Software](https://www.g2.com/categories/static-application-security-testing-sast), [Penetration Testing Tools](https://www.g2.com/categories/penetration-testing-tools), [Vulnerability Scanner Software](https://www.g2.com/categories/vulnerability-scanner), [Static Code Analysis Tools](https://www.g2.com/categories/static-code-analysis), [Dynamic Application Security Testing (DAST) Software](https://www.g2.com/categories/dynamic-application-security-testing-dast), [Interactive Application Security Testing (IAST) Software](https://www.g2.com/categories/interactive-application-security-testing-iast) --- ## Reviewer Demographics ### By Company Size | Segment | SOOS | Snyk | Mend.io | Veracode Application Security Platform | |---|---|---|---|---| | **Small-Business** | 46.2% | 35.4% | 39.0% | 16.7% | | **Mid-Market** | 53.8% | 45.4% | 34.3% | 33.3% | | **Enterprise** | 0% | 19.2% | 26.7% | 50.0% | ### By Industry #### SOOS - **Information Technology and Services:** 27.5% - **Computer Software:** 20.0% - **Real Estate:** 5.0% - **Pharmaceuticals:** 5.0% - **Logistics and Supply Chain:** 5.0% - **Hospital & Health Care:** 5.0% - **Health, Wellness and Fitness:** 5.0% - **Financial Services:** 5.0% - **Airlines/Aviation:** 5.0% - **Transportation/Trucking/Railroad:** 2.5% - **Other:** 15.0% #### Snyk - **Computer Software:** 22.3% - **Information Technology and Services:** 20.8% - **Computer & Network Security:** 9.2% - **Hospital & Health Care:** 5.4% - **Financial Services:** 5.4% - **Telecommunications:** 3.1% - **Banking:** 3.1% - **Education Management:** 2.3% - **Internet:** 2.3% - **Retail:** 1.5% - **Other:** 24.6% #### Mend.io - **Computer Software:** 33.3% - **Information Technology and Services:** 14.3% - **Financial Services:** 6.7% - **Telecommunications:** 4.8% - **Computer & Network Security:** 4.8% - **Automotive:** 2.9% - **Education Management:** 1.9% - **Computer Games:** 1.9% - **Commercial Real Estate:** 1.9% - **Banking:** 1.9% - **Other:** 25.7% #### Veracode Application Security Platform - **Information Technology and Services:** 29.2% - **Hospital & Health Care:** 12.5% - **Consumer Goods:** 8.3% - **Computer Software:** 8.3% - **Telecommunications:** 4.2% - **Retail:** 4.2% - **Research:** 4.2% - **Media Production:** 4.2% - **Logistics and Supply Chain:** 4.2% - **Insurance:** 4.2% - **Other:** 16.7% --- ## Alternatives ### Alternatives to SOOS - [GitHub](https://www.g2.com/products/github/reviews) — 4.7/5 stars (2363 reviews) - [GitLab](https://www.g2.com/products/gitlab/reviews) — 4.5/5 stars (893 reviews) - [Wiz](https://www.g2.com/products/wiz-wiz/reviews) — 4.7/5 stars (795 reviews) - [SonarQube](https://www.g2.com/products/sonarqube/reviews) — 4.4/5 stars (141 reviews) - [Microsoft Defender for Cloud](https://www.g2.com/products/microsoft-defender-for-cloud/reviews) — 4.4/5 stars (310 reviews) - [Tenable Nessus](https://www.g2.com/products/tenable-nessus/reviews) — 4.5/5 stars (302 reviews) - [Intruder](https://www.g2.com/products/intruder/reviews) — 4.8/5 stars (206 reviews) - [Astra Pentest](https://www.g2.com/products/astra-pentest/reviews) — 4.6/5 stars (187 reviews) - [Cobalt](https://www.g2.com/products/cobalt-io-cobalt/reviews) — 4.5/5 stars (177 reviews) - [Aikido Security](https://www.g2.com/products/aikido-security/reviews) — 4.6/5 stars (141 reviews) ### Alternatives to Snyk - [Aikido Security](https://www.g2.com/products/aikido-security/reviews) — 4.6/5 stars (141 reviews) - [Wiz](https://www.g2.com/products/wiz-wiz/reviews) — 4.7/5 stars (795 reviews) - [SonarQube](https://www.g2.com/products/sonarqube/reviews) — 4.4/5 stars (141 reviews) - [Semgrep](https://www.g2.com/products/semgrep/reviews) — 4.6/5 stars (55 reviews) - [GitLab](https://www.g2.com/products/gitlab/reviews) — 4.5/5 stars (893 reviews) - [GitHub](https://www.g2.com/products/github/reviews) — 4.7/5 stars (2363 reviews) - [FortiCNAPP](https://www.g2.com/products/forticnapp/reviews) — 4.4/5 stars (386 reviews) - [Microsoft Defender for Cloud](https://www.g2.com/products/microsoft-defender-for-cloud/reviews) — 4.4/5 stars (310 reviews) - [Cortex Cloud](https://www.g2.com/products/cortex-cloud/reviews) — 4.1/5 stars (112 reviews) - [Checkmarx](https://www.g2.com/products/checkmarx/reviews) — 4.2/5 stars (40 reviews) ### Alternatives to Mend.io - [SonarQube](https://www.g2.com/products/sonarqube/reviews) — 4.4/5 stars (141 reviews) - [GitHub](https://www.g2.com/products/github/reviews) — 4.7/5 stars (2363 reviews) - [GitLab](https://www.g2.com/products/gitlab/reviews) — 4.5/5 stars (893 reviews) - [Wiz](https://www.g2.com/products/wiz-wiz/reviews) — 4.7/5 stars (795 reviews) - [FortiCNAPP](https://www.g2.com/products/forticnapp/reviews) — 4.4/5 stars (386 reviews) - [Red Hat Ansible Automation Platform](https://www.g2.com/products/red-hat-ansible-automation-platform/reviews) — 4.6/5 stars (377 reviews) - [Tenable Nessus](https://www.g2.com/products/tenable-nessus/reviews) — 4.5/5 stars (302 reviews) - [Microsoft Defender for Cloud](https://www.g2.com/products/microsoft-defender-for-cloud/reviews) — 4.4/5 stars (310 reviews) - [Checkmarx](https://www.g2.com/products/checkmarx/reviews) — 4.2/5 stars (40 reviews) - [Gearset DevOps](https://www.g2.com/products/gearset-devops/reviews) — 4.7/5 stars (292 reviews) ### Alternatives to Veracode Application Security Platform - [SonarQube](https://www.g2.com/products/sonarqube/reviews) — 4.4/5 stars (141 reviews) - [Checkmarx](https://www.g2.com/products/checkmarx/reviews) — 4.2/5 stars (40 reviews) - [GitHub](https://www.g2.com/products/github/reviews) — 4.7/5 stars (2363 reviews) - [Invicti (formerly Netsparker)](https://www.g2.com/products/invicti-formerly-netsparker/reviews) — 4.6/5 stars (69 reviews) - [GitLab](https://www.g2.com/products/gitlab/reviews) — 4.5/5 stars (893 reviews) - [Tenable Nessus](https://www.g2.com/products/tenable-nessus/reviews) — 4.5/5 stars (302 reviews) - [HCL AppScan](https://www.g2.com/products/hcl-appscan/reviews) — 4.1/5 stars (76 reviews) - [Burp Suite](https://www.g2.com/products/burp-suite/reviews) — 4.8/5 stars (129 reviews) - [Wiz](https://www.g2.com/products/wiz-wiz/reviews) — 4.7/5 stars (795 reviews) - [Coverity](https://www.g2.com/products/coverity/reviews) — 4.2/5 stars (55 reviews) --- ## Top Discussions ### SOOS No discussions available for this product. ### Snyk - Title: [What is Snyk scanning?](https://www.g2.com/discussions/what-is-snyk-scanning) — 2 comments, 2 upvotes > **Top comment:** "Codebase and open source libraries" - Title: [Is Snyk a SaaS?](https://www.g2.com/discussions/is-snyk-a-saas) — 2 comments > **Top comment:** "No" - Title: [How good is Snyk?](https://www.g2.com/discussions/how-good-is-snyk) — 2 comments > **Top comment:** "very. it's basically like dependabot, but more fleshed out" ### Mend.io - Title: [Does the above pricing include all vulnerabilities sources?](https://www.g2.com/discussions/do-you-offer-an-on-premise-option) — 1 comment, 1 upvote *(includes official response)* > **Top comment:** "Yes. WhiteSource offering includes the full extent of our database, which supports over 200 programming languages. We aggregate vulnerabilities from the NVD,..." - Title: [What languages and platforms does your solution support?](https://www.g2.com/discussions/is-my-code-secure-with-your-cloud-based-service) — 1 comment, 1 upvote *(includes official response)* > **Top comment:** "WhiteSource supports more than 20 programming languages like Java, C++, .NET, PHP, python and more." - Title: [Why are you pricing per contributing developers?](https://www.g2.com/discussions/i-can-t-find-a-plugin-for-my-build-tool-server-does-that-mean-you-cannot-support) — 1 comment, 1 upvote *(includes official response)* > **Top comment:** "WhiteSource automates and manages open source components throughout the Software Development Life Cycle (SDLC). Therefore, pricing based on the number of..." - Title: [Do you offer an on-premise option?](https://www.g2.com/discussions/does-whitesource-work-with-all-languages-and-build-tools) — 1 comment, 1 upvote *(includes official response)* > **Top comment:** "WhiteSource is a cloud-based service, but we also offer an on-premise option, if necessary. It’s important to emphasize that we do not scan your code. We..." - Title: [What is a contributing developer?](https://www.g2.com/discussions/3104-how-does-whitesource-work) — 1 comment, 1 upvote *(includes official response)* > **Top comment:** "“Contributing Developer” means any employee or contractor who at any point (1) accesses or uses the WhiteSource product; (2) develops the code to be scanned..." ### Veracode Application Security Platform No discussions available for this product. --- **Source:** [G2.com](https://www.g2.com) | [Comparison Page](https://www.g2.com/compare/soos-vs-snyk-vs-mend-io-vs-veracode-application-security-platform)