Wir helfen Unternehmen seit 17 Jahren,
bessere Software zu finden
Was ist Snyk?
Hilft dir, Open Source zu verwenden und sicher zu bleiben und kontinuierlich Sicherheitslücken in deinen Abhängigkeiten zu finden und zu beheben.
Wer verwendet Snyk?
Snyk dient Entwicklern, DevOps und Sicherheitsteams.
Du bist nicht sicher, ob Snyk das Richtige ist?
Mit einer beliebten Alternative vergleichen
Snyk
Bewertungen über Snyk
Best tool for addressing the concerns of using open source libraries.
Kommentare: When I started using Snyk I found the reports useful but still too easy to ignore. So I added Snyk to build pipelines to fail builds that included high risk vulnerabilities. Snyk is now even better and warns me before I even merge my pull requests. In a world where the time from vulnerability being announced to exploit being used is decreasing rapidly it is crazy not to use a service like this. Snyk is by far the best tool I have found in this area
Vorteile:
Objective reports on vulnerabilities in code we produce GitHub Integration
Nachteile:
Having open source builds count towards your paid count if you are not careful
A necessary and reliable companion in the fight for security
Kommentare: Snyk is allowing us to make good use of the wealth of great open source software out there, without compromising on security.
Vorteile:
As a long time fan of open source software, keeping track of security issues amidst an ever growing software stack was increasingly an impossible task. I was so grateful to find a service like Snyk that does the hard work for me - keeping an eye on any security issues so I can focus on building great software!
Nachteile:
The pricing structure gets extremely expensive for medium to large companies, but thankfully for smaller organisations there is a free tier which covers our needs.
Good SCA
Vorteile:
Nice component analysis tool, great interface and dashboards. Very fast and easy deployment and use.
Nachteile:
SAST component is very weak and don’t support increment scanning.
One of the best vulnerability scanning tools around
Vorteile:
Have been using Snyk for around 1 year now and it's one of the tool which we can't avoid though it annoys us now and then by finding new vulnerabilities in our packages and forcing us to mitigate the risk. They provide details of the vulnerability and in most cases the version to fix it. It integrates very well with the build pipelines and other CI/CD tools along with a nice IntelliJ plugin.
Nachteile:
Sometimes the UI is confusing and access management is a bit vague.
Security Sorted
Kommentare: So far our company has adopted Snyk across our SDLC and incorporated it into our repos and pipelines and have enjoyed our experience with using Snyk so far.
Vorteile:
Snyk simplifies security. It can scan your for vulnerabilities during development or when your run a pipeline in azure dev ops. This raises issues before they make it to production so you have the comfort of knowing that new and existing packages have no known security vulnerabilities. I also really like the ability to one click fix issues within Synk where it can automatically fix the issue and create a PR within azure devops - this simplifies the process and saves time.
Nachteile:
Not all issues have a 1 click fix which is understandable.