We performed a comparison between Snyk and Trend Micro Cloud One based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Snyk is highly regarded for its developer-friendly approach, seamless integration, and ability to automatically generate pull requests. It particularly shines in software composition analysis and supports container usage. Trend Micro Cloud One is praised for its extensive range of features, strong vulnerability protection, and real-time server security. Snyk users say the solution could improve in terms of compatibility and reporting while expanding its vulnerability database. Trend Micro Cloud One should focus on providing equal support for AWS and Azure and enhance its automation capabilities.
Service and Support: Reviewers say Snyk should overhaul how it organizes and prioritizes requests. Trend Micro Cloud One was commended for its exceptional and easily accessible technical support. Users value the expertise and knowledge of the Trend Micro team.
Ease of Deployment: Most Snyk users found the setup process uncomplicated, but some needed professional guidance. Difficulties arose when collaborating with multiple developers and integrating Snyk with specific tools. Some found Trend Micro Cloud One easy to set up, while others found it complicated. It could pose challenges for individuals without a background in IT or information security. The deployment time varied depending on the complexity of the system.
Pricing: Snyk has a higher setup cost than other solutions, while Trend Micro Cloud One falls in the middle. Snyk offers a free open-source version, whereas additional services for Trend Micro Cloud One come at an added cost. The view of Trend Micro Cloud One's pricing is generally positive.
ROI: Snyk provides a budget-friendly option for detecting vulnerabilities in open-source software, which may offset yearly subscription costs. Trend Micro Cloud One offers a versatile return on investment and smooth integration without any reported issues.
Comparison Results: Snyk emerges as the favored choice compared to Trend Micro Cloud One. Users like Snyk's developer-oriented approach and valuable functionalities like automatic pull requests and software composition analysis. They also highlight its compatibility with containers and accurate identification of security vulnerabilities. Trend Micro Cloud One users want more automation and a more comprehensive feature set.
"We've seen a reduction in resources devoted to vulnerability monitoring. Before PingSafe we spent a lot of time monitoring and fixing these issues. PingSafe enabled us to divert more resources to the production environment."
"PingSafe can integrate all your cloud accounts and resources you create in the AWS account, We have set it up to scan the AWS transfer services, EC2, security groups, and GitHub."
"The cloud misconfiguration is the most valuable feature."
"The visibility is the best part of the solution."
"The most valuable feature of PingSafe is its integration with most of our technology stack, specifically all of our cloud platforms and ticketing software."
"It used to guide me about an alert. There is something called an alert guide. I used to click on the alert guide, and I could read everything. I could read about the alert and how to resolve it. I used to love that feature."
"Atlas security graph is pretty cool. It maps out relationships between components on AWS, like load balancers and servers. This helps visualize potential attack paths and even suggests attack paths a malicious actor might take."
"Support has been very helpful and provides regular feedback and help whenever needed. They've been very useful."
"The dependency checks of the libraries are very valuable, but the licensing part is also very important because, with open source components, licensing can be all over the place. Our project is not an open source project, but we do use quite a lot of open source components and we want to make sure that we don't have surprises in there."
"Our overall security has improved. We are running fewer severities and vulnerabilities in our packages. We fixed a lot of the vulnerabilities that we didn't know were there."
"We have integrated it into our software development environment. We have it in a couple different spots. Developers can use it at the point when they are developing. They can test it on their local machine. If the setup that they have is producing alerts or if they need to upgrade or patch, then at the testing phase when a product is being built for automated testing integrates with Snyk at that point and also produces some checks."
"From the software composition analysis perspective, it first makes sure that we understand what is happening from a third-party perspective for the particular product that we use. This is very difficult when you are building software and incorporating dependencies from other libraries, because those dependencies have dependencies and that chain of dependencies can go pretty deep. There could be a vulnerability in something that is seven layers deep, and it would be very difficult to understand that is even affecting us. Therefore, Snyk provides fantastic visibility to know, "Yes, we have a problem. Here is where it ultimately comes from." It may not be with what we're incorporating, but something much deeper than that."
"The most valuable feature of Snyk is the software composition analysis."
"Snyk is a developer-friendly product."
"It has an accurate database of vulnerabilities with a low amount of false positives."
"The most valuable features of Snyk are vulnerability scanning and automation. The automation the solution brings around vulnerability scanning is useful."
"Trend Vision One - Cloud Security does not utilize a lot of resources which allows our users to keep working even during a scan."
"The tech support is excellent. They really know their products. They also know a lot of about the integrations between different solutions."
"The stability is quite good."
"The the most valuable feature is the scanning engine. It does not impact server performance. It's very lightweight."
"Virtual patching is one of the key features, which is executed with their IPS."
"The most valuable features are intrusion prevention and anti-malware capabilities."
"The most valuable part of Trend Vision One - Cloud Security is its dashboard, as it's simple. It's easy to manage, and you can better control the solution."
"I like the conformity and workload security modules. Workload security is all about intrusion detection and prevention. Trend Vision One - Cloud Security has behavioral rules that are auto-populated based on organizational structure. That's one aspect that we liked most."
"Maybe container runtime security could be improved."
"There's room for improvement in the graphic explorer."
"Cloud Native Security's reporting could be better. We are unable to see which images are impacted. Several thousand images have been deployed, so if we can see some application-specific information in the dashboard, we can directly send that report to the team that owns the application. We'd also like the option to download the report from the portal instead of waiting for the report to be sent to our email."
"After closing an alert in Cloud Native Security, it still shows as unresolved."
"I would like additional integrations."
"The Automation tab is an add-on that doesn’t work properly. They provide a list of scripts that don’t work and I have asked support to assist but they won’t help. When running on various endpoints the script doesn’t work and if it does, it’s only a couple. There are a lot of useful scripts that would be beneficial to run forensics, event logs, and process lists running on the endpoint."
"I export CSV. I cannot export graphs. Restricting it to the CSV format has its own disadvantages. These are all machine IP addresses and information. I cannot change it to the JSON format. The export functionality can be improved."
"It does not bring much threat intel from the outside world. All it does is scan. If it can also correlate things, it will be better."
"One area where Snyk could improve is in providing developers with the line where the error occurs."
"We use Bamboo for CI.CD, and we had problems integrating Snyk with it. Ultimately, we got the two solutions to work together, but it was difficult."
"We have seen cases where tools didn't find or recognize certain dependencies. These are known issues, to some extent, due to the complexity in the language or stack that you using. There are some certain circumstances where the tool isn't actually finding what it's supposed to be finding, then it could be misleading."
"Could include other types of security scanning and statistical analysis"
"The way Snyk notifies if we have an issue, there are a few options: High vulnerability or medium vulnerability. The problem with that is high vulnerabilities are too broad, because there are too many. If you enable notifications, you get a lot of notifications, When you get many notifications, they become irrelevant because they're not specific. I would prefer to have control over the notifications and somehow decide if I want to get only exploitable vulnerabilities or get a specific score for a vulnerability. Right now, we receive too many high vulnerabilities. If we enable notifications, then we just get a lot of spam message. Therefore, we would like some type of filtering system to be built-in for the system to be more precise."
"Offering API access in the lower or free open-source tiers would be better. That would help our customers. If you don't have an enterprise plan, it becomes challenging to integrate with the rest of the systems. Our customers would like to have some open-source integrations in the next release."
"I think Snyk should add more of a vulnerability protection feature in the tool since it is an area where it lacks."
"I would like to give further ability to grouping code repositories, in such a way that you could group them by the teams that own them, then produce alerting to those teams. The way that we are seeing it right now, the alerting only goes to a couple of places. I wish we could configure the code to go to different places."
"Trend Vision One - Cloud Security could improve connections with different types of authentication and user groups concerning cloud services."
"They should provide a way for users to see violations for specific compliance."
"Documentation on cloud architecture and job architecture would be helpful."
"The initial setup can be complex for the inexperienced."
"The dashboard should be a bit more intuitive."
"Trend Vision One - Cloud Security seems to have a preference for AWS Cloud over Azure and would be improved by focusing equally on both."
"The product could use a little bit of automation."
"One area for improvement in Trend Vision One - Cloud Security is marketing; in particular, Trend Vision should update the marketing documentation. The information needs to be more comprehensive."
More SentinelOne Singularity Cloud Security Pricing and Cost Advice →
More Trend Vision One - Cloud Security Pricing and Cost Advice →
Snyk is ranked 4th in Application Security Tools with 41 reviews while Trend Vision One - Cloud Security is ranked 13th in Application Security Tools with 17 reviews. Snyk is rated 8.2, while Trend Vision One - Cloud Security is rated 8.6. The top reviewer of Snyk writes "Performs software composition analysis (SCA) similar to other expensive tools". On the other hand, the top reviewer of Trend Vision One - Cloud Security writes "We can quickly deploy cloud conformity, provides good visibility, and control". Snyk is most compared with SonarQube, Black Duck, GitHub Advanced Security, Fortify Static Code Analyzer and Veracode, whereas Trend Vision One - Cloud Security is most compared with Microsoft Defender for Cloud, AWS GuardDuty, Check Point Harmony Email & Collaboration and Prisma Cloud by Palo Alto Networks. See our Snyk vs. Trend Vision One - Cloud Security report.
See our list of best Application Security Tools vendors and best Container Security vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.