We performed a comparison between Cisco Vulnerability Management (formerly Kenna.VM) and Snyk based on real PeerSpot user reviews.
Find out what your peers are saying about Tenable, Qualys, Rapid7 and others in Risk-Based Vulnerability Management."The risk context of any vulnerability is a valuable feature."
More Cisco Vulnerability Management (formerly Kenna.VM) Pros →
"The solution's vulnerability database, in terms of comprehensiveness and accuracy, is very high-level. As far as I know, it's the best among their competitors."
"Snyk helps me pinpoint security errors in my code."
"Snyk has given us really good results because it is fully automated. We don't have to scan projects every time to find vulnerabilities, as it already stores the dependencies that we are using. It monitors 24/7 to find out if there are any issues that have been reported out on the Internet."
"I think all the standard features are quite useful when it comes to software component scanning, but I also like the new features they're coming out with, such as container scanning, secrets scanning, and static analysis with SAST."
"Provides clear information and is easy to follow with good feedback regarding code practices."
"Our customers find container scans most valuable. They are always talking about it."
"The most effective feature in securing project dependencies stems from its ability to highlight security vulnerabilities."
"Static code analysis is one of the best features of the solution."
"An improvement would be some sort of an integration with any GRC suite."
More Cisco Vulnerability Management (formerly Kenna.VM) Cons →
"They were a couple of issues which happened because Snyk lacked some documentation on the integration side. Snyk is lacking a lot of documentation, and I would like to see them improve this. This is where we struggle a bit. For example, if something breaks, we can't figure out how to fix that issue. It may be a very simple thing, but because we don't have the proper documentation around an issue, it takes us a bit longer."
"We use Bamboo for CI.CD, and we had problems integrating Snyk with it. Ultimately, we got the two solutions to work together, but it was difficult."
"There is always more work to do around managing the volume of information when you've got thousands of vulnerabilities. Trying to get those down to zero is virtually impossible, either through ignoring them all or through fixing them. That filtering or information management is always going to be something that can be improved."
"We have to integrate with their database, which means we need to send our entire code to them to scan, and they send us the report. A company working in the financial domain usually won't like to share its code or any information outside its network with any third-party provider."
"I think Snyk should add more of a vulnerability protection feature in the tool since it is an area where it lacks."
"DAST has shortcomings, and Snyk needs to improve and overcome such shortcomings."
"The tool should provide more flexibility and guidance to help us fix the top vulnerabilities before we go into production."
"They need to improve the Snyk plugins and make it easier to make your optimizations based on your own needs or features."
More Cisco Vulnerability Management (formerly Kenna.VM) Pricing and Cost Advice →
Cisco Vulnerability Management (formerly Kenna.VM) is ranked 11th in Risk-Based Vulnerability Management with 1 review while Snyk is ranked 4th in Application Security Tools with 41 reviews. Cisco Vulnerability Management (formerly Kenna.VM) is rated 8.0, while Snyk is rated 8.2. The top reviewer of Cisco Vulnerability Management (formerly Kenna.VM) writes "Offers contextual prioritization and risk-based remediation of vulnerability". On the other hand, the top reviewer of Snyk writes "Performs software composition analysis (SCA) similar to other expensive tools". Cisco Vulnerability Management (formerly Kenna.VM) is most compared with Rapid7 InsightVM, Qualys VMDR, Tenable Security Center, Ivanti Neurons for RBVM and Tanium, whereas Snyk is most compared with SonarQube, Black Duck, GitHub Advanced Security, Fortify Static Code Analyzer and Veracode.
We monitor all Risk-Based Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.