We performed a comparison between Snyk and Tenable Nessus based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."Our overall security has improved. We are running fewer severities and vulnerabilities in our packages. We fixed a lot of the vulnerabilities that we didn't know were there."
"The most effective feature in securing project dependencies stems from its ability to highlight security vulnerabilities."
"It has improved our vulnerability rating and reduced our vulnerabilities through the tool during the time that we've had it. It's definitely made us more aware, as we have removed scoping for existing vulnerabilities and platforms since we rolled it out up until now."
"Its reports are nice and provide information about the issue as well as resolution. They also provide a proper fix. If there's an issue, they provide information in detail about how to remediate that issue."
"What is valuable about Snyk is its simplicity."
"It's very easy for developers to use. Onboarding was an easy process for all of the developers within the company. After a quick, half-an-hour to an hour session, they were fully using it on their own. It's very straightforward. Usability is definitely a 10 out of 10."
"The product's most valuable features are an open-source platform, remote functionality, and good pricing."
"The most valuable features are their GitLab and JIRA integrations. The GitLab integration lets us pull projects in pretty easily, so that it's pretty minimal for developers to get it set up. Using the JIRA integration, it's also pretty easy to get the information that is generated, as a result of that GitLab integration, back to our teams in a non-intrusive way and in a workflow that we are already using."
"The vulnerability scanner is the most valuable feature."
"Tenable Nessus is one of the best vulnerability assessment tools, that I know."
"I like this solution because it is complete. It can scan and check many types of vulnerabilities. It can also check for compliance."
"Nessus is effortless to integrate."
"The most valuable feature of Tenable Nessus is the GUI and user-friendliness. Additionally, the environment is easy to work with."
"Easy to set up vulnerability scanner with good stability and a responsive technical support team."
"The most valuable feature of Tenable Nessus is the support it provides for any new vulnerabilities quickly."
"The most valuable feature of Tenable Nessus is the dashboard. They are convenient to use."
"We use Bamboo for CI.CD, and we had problems integrating Snyk with it. Ultimately, we got the two solutions to work together, but it was difficult."
"Because Snyk has so many integrations and so many things it can do, it's hard to really understand all of them and to get that information to each team that needs it... If there were more self-service, perhaps tutorials or overviews for new teams or developers, so that they could click through and see things themselves, that would help."
"For the areas that they're new in, it's very early stages for them. For example, their expertise is in looking at third-party components and packages, which is their bread-and-butter and what they've been doing for ages, but for newer features such as static analysis I don't think they've got compatibility for all the languages and frameworks yet."
"The solution's reporting and storage could be improved."
"We've also had technical issues with blocking newly introduced vulnerabilities in PRs and that was creating a lot of extra work for developers in trying to close and reopen the PR to get rid of some areas. We ended up having to disable that feature altogether because it wasn't really working for us and it was actually slowing down developer velocity."
"Generating reports and visibility through reports are definitely things they can do better."
"The solution's integration with JFrog Artifactory could be improved."
"The feature for automatic fixing of security breaches could be improved."
"Vulnerability recommendations are outdated and not in line with industry standards."
"EQA's and dashboards should be addressed in the next release."
"Technically, it is an excellent and the best solution available in Libya. My only concern is related to its pricing. They are an emerging company in Libya, and they need to put in some effort to provide us with very good prices so that customers can go with the best solution. Chinese companies are getting into the market here, and they're providing very cheap solutions."
"Tenable Nessus is not feasible for a large company."
"One area that has room for improvement is the reporting. I'm preparing reports for Windows and Linux machines, etc. Currently, I'm collecting three or four reports and turning them into one report. I don't know if it is possible to combine all of them in one report, but that would be helpful."
"They need more flexible pricing."
"One area with room for improvement is instead of there just being a PDF format for output, I'd like the option of an Excel spreadsheet, whereby I could better track remediation efforts and provide reporting off of that."
"They should try to create an all-in-one solution."
Snyk is ranked 4th in Application Security Tools with 41 reviews while Tenable Nessus is ranked 3rd in Vulnerability Management with 75 reviews. Snyk is rated 8.2, while Tenable Nessus is rated 8.4. The top reviewer of Snyk writes "Performs software composition analysis (SCA) similar to other expensive tools". On the other hand, the top reviewer of Tenable Nessus writes "Unlimited assets for one price and quick, agentless results". Snyk is most compared with SonarQube, Black Duck, GitHub Advanced Security, Fortify Static Code Analyzer and Veracode, whereas Tenable Nessus is most compared with Qualys VMDR, Rapid7 InsightVM, Tenable Security Center, Tenable Vulnerability Management and Wiz.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.