Snyk Reviews

Snyk identifies the library vulnerabilities and give CVSS score right next to it to understand the impact as well as the filters are amazing and easy to use.

Snyk doesn't have inbuilt support for marking false positives for test suite software directories like cypress.

It gives me all insights and leads to check for manual pentesting

quickly identifies and categorises the vulnerabilities. As you create the code, it highlights the problems, improving both the security and the quality of the code. The best aspect is that you can begin using it for nothing.

They can raise various resource quotas in the free plan. Additionally, more documentation detailing how Synk functions at the backend when integrated would be more beneficial.

It checks for weaknesses in our product. It aids in protecting our merchandise from hacker assaults. Developers don't need to conduct security research for the new library they integrate into their projects because Snyk will handle it. When the Snyk tool is integrated into a developer's IDE, they may concentrate on their top objectives.

Effective at mitigating cybersecurity risk

Could provide more robust SAST capabilities

Identifying and visualizing cybersecurity vulnerabilities

Quickly Identifies the vulnerabilities and classifies them. It identifies the issues as you write the code, which increases security and code quality. The best part is you can get started using it for free.

In the free plan, they can increase some resource quota. Also, it would be more helpful if they provided more information on documentation regarding how Synk works in the backend when integrated.

Firstly it finds vulnerabilities in code which by default increases the security, and secondly, it identifies issues while writing the code, which imporves code quality. Apart from this, I integrated it into the CI/CD pipeline, which allowed me to merge code only if there were no critical issues. These were some of the things that were very beneficial for me.

check security very quickly, really really fast

provider me too error massage, I need quick answer

container security

I love that its VS Code extension simply sits quietly in my project checking things until I do something silly. Then it lets me know that it found security issues that I need to review ASAP.

The one thing I really didn't care for (or exepect) is that it creates a report cache in your project root. It probably speeds things up, but I didn't know about it. I kept deleting the file and adding it to .gitignore until I learned what it was. I am still not sure whether it should be committed to source control or not.

It provides me a tool to do static code analysis on my entire web application code quickly and easily. It does it in a completely unobtrusive manner, staying out of my way until I need it.

Snyk helped us shift left and streamline some of our security processes. Within the first few months of implementing Snyk, we could determine the impact and scope of zero-day vulnerabilities within an hour versus a day. The time savings and automation are clear winners for us.

We are frustrated by some reporting capabilities that need to be enhanced. The updated reporting is a vast improvement, but we have specific use cases that we prefer not to engineer through the APIs.

As an organization that's re-energized its commitment to being security-minded, Snyk is helping us enrich our security posture and processes across the organization.

Snyk enables application security teams to focus on the right stuff while allowing engineers unfettered access to the information they need to resolve issues.

Some features / products are not fully integrated.

Snyk is being utilized to secure our software development lifecycle through all phases of development

It is easy to use on existing projects and offers a generous free tier.

Honestly, I haven't found any issues with this tool, it fits my needs perfectly and if I ever encounter an issue, I make sure to bring it up to the Synk team.

It solves vulnerabilities in my code and software, allowing me to ship more secure software.