Snyk Open Source Reviews & Product Details

Snyk Open Source Overview

What is Snyk Open Source?

Snyk is a developer-first security solution that helps organizations use open source and stay secure. Snyk is the only solution that seamlessly and proactively finds and fixes vulnerabilities and license violations in open source dependencies and Docker images. The Snyk solution integrates its comprehensive proprietary vulnerability database maintained by its expert security research team in Israel and London.

Snyk Open Source Details
Product Description

Snyk is a security solution designed to find and fix vulnerabilities in Node.js and Ruby apps.


Seller Details
Seller
Snyk
Company Website
Year Founded
2015
HQ Location
London, England
Twitter
@snyksec
9,767 Twitter followers
LinkedIn® Page
www.linkedin.com
466 employees on LinkedIn®
Show More

Snyk Open Source Videos

Snyk Open Source Screenshots

Answer a few questions to help the Snyk Open Source community
Have you used Snyk Open Source before?
Yes

Snyk Open Source Reviews

Write a Review
Filter reviews
LinkedIn®
Connections
Popular Mentions
Showing 14 Snyk Open Source reviews
Popular Mentions
Showing 14 reviews
Filter Reviews
Filter Reviews
Sort by
Ratings
Company Size
User Role
All Industries
Region
Already have Snyk Open Source?
Write a Review
Security Engineer
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2 on behalf of the seller
What do you like best?

Easy to set-up and to use, without compromising on custom use-cases with the API and CLI features.

Very exceptional coverage in terms of security database, and works with the vast majority of the different programming languages we implement.

Great Features already in place and more are coming with Snyk Code (SAST) that was recently announced. Review collected by and hosted on G2.com.

What do you dislike?

The way the different projects are grouped and presented in the UI could be improved (especially if you have a lot of them, and are using multiple features, it can get confusing quickly)

Documentation: It can be troublesome to find how to use a specific feature, as the documentation is often hard to navigate. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Take the time to properly understand and use the functionality provided by Snyk. Trying to implement it too fast simply for compliance can make you miss out on a lot of very useful features. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Give visibility on licence usage, and helps compliance on those

Gave visibility on all the issues that could arise from Open Source Vulnerabilities, and gave us a great way to prioritize and tackle the issues.

The Snyk Score displayed by the application is particularly interesting to let users prioritize what issue should be tackled first, as it takes into account Exploit maturity and impact of the vulnerability. Review collected by and hosted on G2.com.

Show More
Show Less
Senior Application Security Engineer
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2 on behalf of the seller
What do you like best?

The CLI is great, and the different integrations provided out of the box make it even better! We migrated from a tool that had very poor UX when trying to integrate with CI pipelines, not to mention the lack of integrations. Review collected by and hosted on G2.com.

What do you dislike?

That sometimes the CLI results and the GitHub integration results are different We've had that problem in the past several times and we were told to prefer the CLI results instead of the Github ones. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

If you're looking to automate the OSS scanning and integrate it into the pipelines (as part of a DevSecOps initiative), Snyk is by far the best tool I've seen. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Removing the 3rd party vulnerabilities from our products, thus making a more secure supply chain. This helped us removing vulnerabilities from components that we ship on-prem to clients and no more having releases rejected by our clients.

Also, the GoLang scanning is not as comprehensive as the one for Java/C# Review collected by and hosted on G2.com.

Show More
Show Less
UC
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2 on behalf of the seller
What do you like best?

It is really easy to use. It gives good insights. It does a thorough scan. Many integrations. Responsive support team eager and available to help. Review collected by and hosted on G2.com.

What do you dislike?

It has many integrations but it can be hard to know which one to use. For example you can have it scan your repositories and you can have it scan as part of your build pipeline. I'm not sure why we decided to use the one that we did. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

It is certainly worth giving it a try. The team was very generous with the trial. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

It reports on the vulnerabilities in the open source projects I use and reminds me to upgrade them in a timely fashion. I know if I don't upgrade regularly I will see a large number of vulnerabilities. Review collected by and hosted on G2.com.

Show More
Show Less
AB
Mid-Market(51-1000 emp.)
Validated Reviewer
Review source: Invitation from G2 on behalf of the seller
What do you like best?

I believe that we had very good communication with Snyk representatives. We received support whenever it was needed, discussions were always professional and the actions were followed up on Snyk part.

Another thing that helped us a lot was the scalability of the product. Very fast scans and easy to onboard new projects helped us speed the development process and let our developers focus on business aspects rather than integration concerns. With trusted partners like Snyk, we were able to automate and enforce a lot of SDLC practices and decrease the release frequency from once in 6 months to multiple per week. Review collected by and hosted on G2.com.

What do you dislike?

I cannot say I found something that I disliked. All feedback was received and addressed. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

We are developing banking software and security for us is not optional. We are using snyk for automatic OSA checks as part of our secure development life cycle. Every new merge is checked and this helps us to have a continuous delivery approach on a monolith of 1.5 millions of line of code where more than 50 developers are working on it. Review collected by and hosted on G2.com.

Show More
Show Less
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2 on behalf of the seller
What do you like best?

Able to view an organisation wide report on all the vulnerabilities of each package in the repos. Review collected by and hosted on G2.com.

What do you dislike?

I'm not sure if this is a feature, but maybe more automation like github dependency issues where a PR can be submitted with the click of a button from snyk. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

We are a security company and our customers security are highest priority, having snyk be proactive for us to jump on vulnerabilities in packages are critical. Review collected by and hosted on G2.com.

Show More
Show Less
Chief Information Security Officer (CISO)
Small-Business(50 or fewer emp.)
Validated Reviewer
Review source: Invitation from G2 on behalf of the seller
What do you like best?

Snyk was onboarded to help with security vulnerability and license spread visibility across the open source frameworks that are used across the company. It has truly been a groundbreaking service that we start utilizing from the get go both in terms of identifying risk as well as enabling pathways to remediation. I strongly feel the tool was targeted towards developers to help with cross-functional collaboration and visibility into both the dependencies and the defects they contain. Review collected by and hosted on G2.com.

What do you dislike?

Business Metrics and reports could be better Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Coverage across OSS projects and frameworks, while embedding security into CI/CD pipelines Review collected by and hosted on G2.com.

Show More
Show Less
Investments Champion & Technical Product Manager
Mid-Market(51-1000 emp.)
Validated Reviewer
Review source: Invitation from G2 on behalf of the seller
What do you like best?

Quality of results which are available in a short period of time and on top of it, the integration options. Review collected by and hosted on G2.com.

What do you dislike?

I would like to have an automatic integration with Jira when a vulnerability is discovered, not a manual process. And ability to create Jira tickets per project not in a general project. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

A top vendor to rely on! Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

OSA and licensing. Safer usage of libs and shorter due diligence cycles. Review collected by and hosted on G2.com.

Show More
Show Less
AG
Small-Business(50 or fewer emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2 on behalf of the seller
What do you like best?

Easy to use & maintain

Effective

Free for open repos Review collected by and hosted on G2.com.

What do you dislike?

Pricing model

Customer support (some are really good) Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Snyk is:

Simple to use

Cost effective

Easy to integrate

Easy to monitor Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Early security defect discovery

Easy to monitor

Easy to plan mitigation effort Review collected by and hosted on G2.com.

Show More
Show Less
UI
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2 on behalf of the seller
What do you like best?

It’s completely automated eliminates lots of manual intervention for fixing the vulnerability with different versions of repository. Review collected by and hosted on G2.com.

What do you dislike?

Sometimes the vulnerability alerts might not be genuine. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

It's a great automated software for detecting vulnerabilities. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Identify secure vulnerability versions. Review collected by and hosted on G2.com.

Show More
Show Less
UF
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from G2 on behalf of the seller
What do you like best?

It was very easy for us to integrate snyk into out build pipeline Review collected by and hosted on G2.com.

What do you dislike?

Sometimes you get false positives and when you check the developers website it says that it's not an actual vulnerability Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

finding vulnerabilities in our dependencies Review collected by and hosted on G2.com.

Show More
Show Less
React Native Developer
Information Technology and Services
Small-Business(50 or fewer emp.)
Validated Reviewer
Verified Current User
Review source: Organic
What do you like best?

The best feature of Snyk is that their bot can provide you with a PR on Github with all the security fixes. You just review and click merge. Security can sometimes be easy! I also like to be reminded through mail if I have any issues or if everything is fine. It's easy to maintain through the site. Review collected by and hosted on G2.com.

What do you dislike?

The UI would need a little bit love, especially on mobile web, but other than that the service works as I expect it. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

As long as your code is publicly available you should definitely use Snyk to have a friend checking up on you. It's like taking your code to the doctor. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Maintaining Javascript projects on Github and making sure the security is up to date. Review collected by and hosted on G2.com.

Show More
Show Less
EM
Enterprise(> 1000 emp.)
Validated Reviewer
Verified Current User
Review source: Organic
What do you like best?

Ease of automation - can do through command line or integration with version control system Review collected by and hosted on G2.com.

What do you dislike?

Nothing really, other than knowing how many vulnerabilities are out there! Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Allows us to leverage open-source while minimizing security concerns - especially important when dealing with enterprise clients and data. Review collected by and hosted on G2.com.

Show More
Show Less
Small-Business(50 or fewer emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

Multiple language support, rejection of pull requests with recommendations to fix. Review collected by and hosted on G2.com.

What do you dislike?

Not much. Now that PHP is supported, it covers all languages we use. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Simplified management and reduction of vulnerabilities introduced in custom and third party code. Review collected by and hosted on G2.com.

Show More
Show Less
UI
Small-Business(50 or fewer emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

GitLab and GitHub integration, rejects pull/merge requests if vulnerable code introduced, recommends remediation steps. Review collected by and hosted on G2.com.

What do you dislike?

Wish it supported PHP like it does JavaScript. With that, entire codebase would be supported. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

If you use GitHub or GitLab repos, look into it. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

See "what do you like best." Prevents insecure code from being merged. Review collected by and hosted on G2.com.

Show More
Show Less