We performed a comparison between Snyk and Tenable Nessus based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."The most valuable features are their GitLab and JIRA integrations. The GitLab integration lets us pull projects in pretty easily, so that it's pretty minimal for developers to get it set up. Using the JIRA integration, it's also pretty easy to get the information that is generated, as a result of that GitLab integration, back to our teams in a non-intrusive way and in a workflow that we are already using."
"A main feature of Snyk is that when you go with SCA, you do get properly done security composition, also from the licensing and open-source parameters perspective. A lot of companies often use open-source libraries or frameworks in their code, which is a big security concern. Snyk deals with all the things and provides you with a proper report about whether any open-source code or framework that you are using is vulnerable. In that way, Snyk is very good as compared to other tools."
"The advantage of Snyk is that Snyk automatically creates a pull request for all the findings that match or are classified according to the policy that we create. So, once we review the PR within Snyk and we approve the PR, Snyk auto-fixes the issue, which is quite interesting and which isn't there in any other product out there. So, Snyk is a step ahead in this particular area."
"Its reports are nice and provide information about the issue as well as resolution. They also provide a proper fix. If there's an issue, they provide information in detail about how to remediate that issue."
"What is valuable about Snyk is its simplicity."
"Our customers find container scans most valuable. They are always talking about it."
"The most effective feature in securing project dependencies stems from its ability to highlight security vulnerabilities."
"The product's most valuable features are an open-source platform, remote functionality, and good pricing."
"The plug-in text information is quite useful."
"The features of Tenable Nessus that I have found most valuable are its reliability and its ability to collate a dependable output, where we are able to get the same vulnerability when we test manually. The output is quite reliable."
"The most valuable feature is the installation of Tenable which is incredibly easy."
"We have done code scanning for a long period because as a company, we do DevOps as part of our development life cycle."
"Nessus is good at finding out what nodes you have in place. It will then provide you a report, by node, of what the vulnerabilities are. It does it quickly and stealthfully."
"Nessus gives me a good preview of vulnerabilities and good suggestions for remediation. It's easy to find a description of a given vulnerability and solutions for it."
"I find the features that are most valuable are the policies that help us identify the vulnerabilities. These policies are then used for scanning instabilities and then identifying the particular vulnerabilities."
"It does exactly what you expect it to do, and its pricing is great. We couldn't really ask for a better deal."
"A feature we would like to see is the ability to archive and store historical data, without actually deleting it. It's a problem because it throws my numbers off. When I'm looking at the dashboard's current vulnerabilities, it's not accurate."
"The solution could improve the reports. They have been working on improving the reports but more work could be done."
"We have to integrate with their database, which means we need to send our entire code to them to scan, and they send us the report. A company working in the financial domain usually won't like to share its code or any information outside its network with any third-party provider."
"There is always more work to do around managing the volume of information when you've got thousands of vulnerabilities. Trying to get those down to zero is virtually impossible, either through ignoring them all or through fixing them. That filtering or information management is always going to be something that can be improved."
"We use Bamboo for CI.CD, and we had problems integrating Snyk with it. Ultimately, we got the two solutions to work together, but it was difficult."
"We have seen cases where tools didn't find or recognize certain dependencies. These are known issues, to some extent, due to the complexity in the language or stack that you using. There are some certain circumstances where the tool isn't actually finding what it's supposed to be finding, then it could be misleading."
"One area where Snyk could improve is in providing developers with the line where the error occurs."
"Generating reports and visibility through reports are definitely things they can do better."
"To be honest, I haven't used it much to tell you that these are the things that should be improved. But I believe the UI should be enhanced somewhat. For example, there are two ways to find a report, and people are frequently confused as to which is the correct method for locating a full report. Sometimes they go in the opposite direction, so this is an area that may be improved."
"The price and scalability of the solution could improve."
"Remediation needs improvement."
"Technically, it is an excellent and the best solution available in Libya. My only concern is related to its pricing. They are an emerging company in Libya, and they need to put in some effort to provide us with very good prices so that customers can go with the best solution. Chinese companies are getting into the market here, and they're providing very cheap solutions."
"Tenable Nessus could improve the reporting."
"Nessus' reporting could be more user-friendly."
"The professional version is not very scalable."
"Model OS costs (and its segregation schema for individual modules)."
Snyk is ranked 4th in Application Security Tools with 41 reviews while Tenable Nessus is ranked 3rd in Vulnerability Management with 75 reviews. Snyk is rated 8.2, while Tenable Nessus is rated 8.4. The top reviewer of Snyk writes "Performs software composition analysis (SCA) similar to other expensive tools". On the other hand, the top reviewer of Tenable Nessus writes "Unlimited assets for one price and quick, agentless results". Snyk is most compared with SonarQube, Black Duck, GitHub Advanced Security, Fortify Static Code Analyzer and Veracode, whereas Tenable Nessus is most compared with Qualys VMDR, Rapid7 InsightVM, Tenable Vulnerability Management, Tenable Security Center and Wiz.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.