Sign in
Sign in
or
Create a new account
Categories
Your Saved List Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

Snyk Runtime Sensor

Snyk

Reviews from AWS customer

4 AWS reviews

External reviews

135 reviews
from and

External reviews are not included in the AWS star rating for the product.

    Abhishek-Goyal

Improves security posture by actively reducing critical vulnerabilities and guiding remediation

  • November 15, 2025
  • Review provided by PeerSpot

What is our primary use case?

I typically use Snyk for checking the security and vulnerabilities in my repositories.

Recently, I have used Snyk in one of my repositories for security and vulnerability checks, providing comprehensive knowledge about the repository, including what it does and where the security vulnerabilities are located.

I am using Snyk for the first time and did not use any vulnerability scanning solution before this. I was previously doing Red Hat vulnerability scanning locally for dependency checks, which was not what I wanted.

What is most valuable?

Snyk's main features include open-source vulnerability scanning, code security, container security, infrastructure as code security, risk-based prioritization, development-first integration, continuous monitoring and alerting, automation, and remediation. The best features I appreciate are the vulnerability checking, vulnerability scanning, and code security capabilities, as Snyk scans all open-source dependencies for known vulnerabilities and helps with license compliance for open-source components.

Snyk integrates into IDEs, allowing issues to be caught as they appear in the code dynamically and prioritizes risk while providing remediation advice.

Snyk provides actionable remediation advice on where vulnerabilities can exist and where code security is compromised, automatically scanning everything and providing timely alerts.

Snyk has positively impacted my organization by improving the security posture across all software repositories, resulting in fewer critical vulnerabilities, more confidence in overall product security, and faster security compliance for project clients.

Snyk has helped reduce vulnerabilities significantly. Initially, the repository had 17 to 31 critical and high vulnerabilities, but Snyk has helped manage them down to just five vulnerabilities, which are now lower and not high or critical.

What needs improvement?

Although Snyk is strong, sometimes it flags vulnerabilities that are not reachable, not exploitable, and not relevant to a project. Better reachability analysis and context-aware scanning could improve this.

Snyk could benefit from a more optimized scanning engine and incremental scan caching.

For how long have I used the solution?

I have been using Snyk for the previous one year.

What do I think about the stability of the solution?

I have no issues with Snyk's reliability; it is stable.

What do I think about the scalability of the solution?

Snyk is very scalable and can handle my organization's growth and changing needs, allowing us to scale up to many stages and reduce developer costs, especially when we have fewer developers.

How are customer service and support?

I never reached out to customer support because I never encountered any issues.

How would you rate customer service and support?

Negative

Which solution did I use previously and why did I switch?

I considered SonarQube in detail before choosing Snyk.

How was the initial setup?

My experience with pricing, setup cost, and licensing is good, as the overall setup experience is smooth with easy onboarding for connection with GitHub and GitLab. I primarily use it with GitHub, requiring just a few clicks to set up Snyk.

What was our ROI?

I can see that Snyk saves the costs of hiring security developers for vulnerability scanning and security checks, as that responsibility is now managed by Snyk.

What's my experience with pricing, setup cost, and licensing?

Pricing is good for small teams, with a free tier or low-usage pricing available, and the licensing experience is straightforward but not very flexible.

What other advice do I have?

My advice for others looking into using Snyk is that if you are starting a repository that is free from vulnerabilities and security checks, Snyk is a good option. It automatically provides advice on how to improve for reducing vulnerabilities and security issues, allowing for easy removal of vulnerabilities. You can use it for a free trial, and if it impacts your organization positively, you can consider further usage.

Snyk is a very good product for vulnerability code scanning and can be used effectively. I would rate this product a nine point five out of ten.

    ANDRESANTOS

Has improved development workflows through early vulnerability detection and accurate insights

  • September 23, 2025
  • Review from a verified AWS customer

What is our primary use case?

The most recent client had experience with other products that did not have some features Snyk provides, such as Fortify in the old version before OpenText acquisition. They gave feedback about the precision in discovering vulnerabilities. They found that Snyk can provide more insights about vulnerabilities than older applications in SAST and SCA.

We have integration with GitHub Actions to analyze the code and we use a double check in the pipeline. Our strategy is about shift left. The developers connect with Snyk, Git, and use this with the pipeline.

How has it helped my organization?

They evolved their maturity because they could find the vulnerabilities before the pipeline runs. They can find and correct these vulnerabilities in a step before the pushes and PRs to GitHub. They think it is a very positive feature.

What is most valuable?

I appreciate the UI. It is simple, fast, and I value the precision in the tests. The responses are positive.

Regarding the vulnerability database and AI, we have good experience with that. I cannot compare with other providers or vendors such as Veracode, Checkmarx, and others. All the tests are positive in my analysis.

What needs improvement?

Technically, we have better vulnerabilities detection in Checkmarx and Veracode. Both of them are more precise about vulnerabilities detection. Snyk is slightly less effective, but this is something they can improve on in the future.

For how long have I used the solution?

We have been using the solution for one and a half years. Not much time.

What do I think about the stability of the solution?

We did not need support during the proof of concept.

How are customer service and support?

The documentation is good. It is one of the reasons we did not need support. We could understand the implementation of the product and other features without the need for human interaction.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I made a proof of concept for a client with Checkmarx for about one month. I provided them a review about my experience. Now they are analyzing my results and considerations about other products too. I do not know if they already have a response about which product they will buy.

What's my experience with pricing, setup cost, and licensing?

Snyk is less expensive.

Which other solutions did I evaluate?

It is simpler than other vendors. We have some difficulties with other license models. They are more complex and involve an acquisition of more products such as Synopsys and Checkmarx used a complex license model. Snyk has a license model simpler than most of the other vendors.

What other advice do I have?

It was one of my three recommendations for my client. I am satisfied with the product. I rate Snyk 8.5 out of 10.

    Program Development

Snyk Review

  • August 09, 2025
  • Review provided by G2

What do you like best about the product?
Its Scanning capabilities are very Good. For instance, it really does well in SAST scans and even SCA scans. It is also helpful in mitigating vulnerabilities by providing the best solutions
What do you dislike about the product?
It’s cost. It is very expensive. Other than that, The UI can be a bit better
What problems is the product solving and how is that benefiting you?
Snyk tackles the challenge of spotting and fixing security vulnerabilities across your software stack—everything from open‑source libraries and container images to infrastructure‑as‑code and your own codebase. It fits right into your workflow (think GitHub, IDEs, CI/CD), so you catch real issues early and get actionable fixes automatically. This means fewer surprises, faster development, and stronger confidence that security isn’t slowing you down—it’s built in.

    reviewer2731785

Seamless integration and affordable pricing ensure efficient deployment while AI enhancements can further elevate feature set

  • June 30, 2025
  • Review from a verified AWS customer

What is most valuable?

The best feature of Snyk is the integration with our ticketing system, which is Jira. That integration was one we were specifically looking for. The deep integration with our IDE and repository is another valuable feature. In terms of deploying these features, it's seamless.

What needs improvement?

Snyk should improve the scanning capabilities for other languages. For example, Veracode is strong with different languages such as Java, C#, and others. However, Snyk performs better at mobile source code scanning compared to Veracode. If both capabilities were combined, that would be exceptional.

As we are moving toward GenAI, we expect Snyk to leverage AI features to improve code scanning findings. One key feature we are currently examining with Veracode is AIVSS (Artificial Intelligence VSS), which is an extension of CVSS to cover use cases or top 10 LLM findings during code scanning. Since this is relatively new, we expect upcoming features to cover AI scoring. We have AI projects currently deploying in our organization, and we want to cover not only normal CVSS but also receive an AI assessment score. Both Veracode and Snyk should implement this new scoring system for CVSS and AIVSS.

For how long have I used the solution?

We are a customer of Snyk, not a partner.

How are customer service and support?

We have contacted Snyk's technical support regarding several issues, and they have resolved them successfully.

Snyk's technical support deserves a rating of seven or eight out of ten. Their response time aligns with their SLA commitments.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

My previous company continues to use Snyk.

How was the initial setup?

The initial setup of Snyk was straightforward.

What's my experience with pricing, setup cost, and licensing?

We discussed pricing with their account manager and secured a favorable deal. Initially, we planned to subscribe through AWS Marketplace at standard rates. After negotiations, we received a special package with a good price point. We signed a two-year contract, and they provided special links for subscription. The payment structure operates on a monthly prepaid basis.

What other advice do I have?

While Snyk may not be the absolute best option in the market, it offers the most seamless experience currently available. Based on their price point and features, it's both affordable and fair considering the license package offered.

During our implementation, we conducted a pilot test with Snyk for approximately two weeks during our UAT session. We spent an additional two to three weeks obtaining management approvals for production repository access. The testing was performed on development repositories before moving to production. While the actual implementation took about a week, the complete process duration was extended due to internal organizational approval processes.

I rate Snyk 8 out of 10.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)

    PawanSingh2

Identifies vulnerabilities early and integrates smoothly with DevOps pipeline

  • March 17, 2025
  • Review provided by PeerSpot

What is our primary use case?

I use Snyk in the DevOps pipeline to identify vulnerabilities before deploying the application. It integrates with Jenkins.

What is most valuable?

Snyk provides a lot of information on vulnerabilities, the packages being used, and their dependencies. It gives good insight into the security of those packages. Snyk helps detect vulnerabilities before code moves to production, allowing for integration with DevOps and providing a shift-left advantage by identifying and fixing bugs before deployment.

What needs improvement?

There are a lot of false positives that need to be identified and separated. The inclusion of AI to remove false positives would be beneficial. So far, I've not seen any AI features to enhance vulnerability detection or to address the issues I mentioned.

For how long have I used the solution?

I've been working with Snyk for almost two years now.

What do I think about the stability of the solution?

Stability-wise, it is okay. I've not seen any issues with stability.

What do I think about the scalability of the solution?

Scalability meets my needs. I would rate it nine out of ten.

Which solution did I use previously and why did I switch?

I used another tool before Snyk but I'm not recalling its name. AppScan was used in the very early days.

How was the initial setup?

Setup is not a big problem. It's easy. If I had to rate it from one to ten, I'd say nine.

What other advice do I have?

They should do their research and see if it definitely adds value to their DevOps pipeline. Overall, I rate the solution eight out of ten.

    Lokesh T.

Developer Centric Platform || Snyk

  • January 24, 2025
  • Review provided by G2

What do you like best about the product?
Recently they came with feature called, Deep code AI, using this we can fix the issue for 1st party cod in IDE level
What do you dislike about the product?
It doesnt have On-prem, And also we cannot push the SAST results to the Dashboard from CLI
What problems is the product solving and how is that benefiting you?
Snyk is covering from code to cloud and back to code. Which means it is having a wide range of integration in each and every stage of SDLC

    meetharoon

Affordable tool boosts code scanning efficiency but faces integration hurdles

  • November 27, 2024
  • Review from a verified AWS customer

What is our primary use case?

I lead a code security practice for our organization. We integrated Snyk into our GitHub, using CLI to automatically scan codebases and identify issues. We are a large organization with three independent entities, consolidating Snyk across all entities.

We also provide access through numerous CI/CD tools. Our default implementation mechanism is CLI, but we also use the Web UI for a comprehensive view and recommendations.

How has it helped my organization?

For large organizations like ours, cost is a major factor. Snyk is the most cost-effective solution compared to others like Checkmarx.

We consolidated Snyk across three entities that used different tools. As a result, our organization became one of the largest in implementing Snyk.

What is most valuable?

The most important feature of Snyk is its cost-effectiveness compared to other solutions such as Checkmarx. It is easy to consolidate Snyk across multiple entities within a large organization.

Additionally, our integration of Snyk into GitHub allows us to automatically scan codebases and identify issues, which has improved efficiency.

What needs improvement?

Snyk has several limitations, including issues with Gradle, NPM, and Xcode, and trouble with AutoPR. It lacks the ability to select branches on its Web UI, forcing users to rely on CLI or CI/CD for that functionality. These limitations were documented in a book that I wrote.

For how long have I used the solution?

We implemented Snyk starting last year, and it has been in use for around two and a half years.

What do I think about the scalability of the solution?

Snyk allows for scaling across large organizations, accommodating tens of thousands of applications and over 60,000 repositories, making it suitable for wide-scale deployment.

How are customer service and support?

Our organization maintains a good relationship with Snyk's customer support team. Despite potential variations in service quality for smaller organizations, our long-standing association has ensured smooth communication, resulting in favorable support experiences and satisfactory issue resolution.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

Previously, we used Synopsys Coverity and later migrated to Checkmarx and Mend before Snyk. Synopsys Coverity was costly, prompting a switch. Snyk's affordability and consolidating capabilities across the entities led to its adoption.

How was the initial setup?

The initial setup of Snyk is simple and straightforward compared to Synopsys Coverity, which is complex. Checkmarx falls in between, not too complicated or easy, but a reliable option. Snyk's ease of implementation makes it user-friendly.

What about the implementation team?

We have different teams managing aspects like licensing and engagement with the support team. They facilitate setup and maintenance, optimally integrating Snyk into our GitHub and CI/CD processes.

What's my experience with pricing, setup cost, and licensing?

Snyk is recognized as the cheapest option we have evaluated. In comparison to eight or nine other solutions, it ranks among the most affordable, providing cost-effective scalability across organizational units.

Which other solutions did I evaluate?

In my comparative evaluations, I considered tools like AppScan, Veracode, Checkmarx, Synopsys Coverity, and six to eight other alternatives.

What other advice do I have?

Snyk is optimal for organizations starting or looking for an affordable, effective tool. Despite false positives, it combines SAST, SCA, containers, and IaS in one Web UI. On a scale of one to ten, I rate Snyk at six.

    Diego Moreo

Enhancing security awareness, and finds major issues while managing risks effectively

  • October 07, 2024
  • Review provided by PeerSpot

What is our primary use case?

The main tool today is used to check for security issues in our products. We use it to analyze all the projects, and our security efforts are based partly on this tool.

How has it helped my organization?

There are major impacts related to increasing security awareness and managing risks. Snyk has been an essential tool in that aspect.

What is most valuable?

The valuable aspect is its security capabilities. The tool finds any major issue, and the code is blocked from being promoted to production until the issue is corrected.

What needs improvement?

I'm not responsible for the tool. As far as I know, there are no major concerns or features that we lack. We had some issues integrating into our pipeline, however, they were resolved.

For how long have I used the solution?

We have used Snyk for approximately one year.

What do I think about the stability of the solution?

There are no complaints from the security team. There seem to be no major issues of concern.

What do I think about the scalability of the solution?

The security team is responsible for this tool. I don't have more details, however, there are no complaints, so I believe that's okay.

How are customer service and support?

I don't know about the support or customer service details. It's another team's responsibility.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I don't have experience with other products similar to Snyk.

What was our ROI?

I wouldn't be able to say what the company's ROI is.

What's my experience with pricing, setup cost, and licensing?

The pricing and setup are not my responsibilities, so I don't know any details.

Which other solutions did I evaluate?

I have not evaluated any other solutions.

What other advice do I have?

Based on our experience and what I have heard internally, I would recommend Snyk.

I'd rate the solution nine out fo ten.

    Computer & Network Security

Bad Customer support, Lots of bugs and a non-working product

  • August 21, 2024
  • Review provided by G2

What do you like best about the product?
Integrate with most major code repo's. but the integration is not amazing.
What do you dislike about the product?
Customer support is slow to respond, usually not helpful and ended up escalating to a developer, that's when we lost all contact and did not get a solution to a clear bug that prevents us from using the product.
Another really important note around SBOM, the CLI does not provide all the information that you get from the UI, the solution provided was to use another tool to extract data. not sure why we pay for a product if we need to use outside, 3rd party tools to get the information we need.
What problems is the product solving and how is that benefiting you?
Security scanning, SBOM.

    Nitish U.

Very Good SAST tool to begin with

  • August 19, 2024
  • Review provided by G2

What do you like best about the product?
Integration with both Bitbucket and Github, policy as a code,
What do you dislike about the product?
Too much unnecessary false positives, policy overrides, hard and complex to manage and track alerts
What problems is the product solving and how is that benefiting you?
Help in reducing efforts on Manual VAPT, helps in identifying muliple vuln in a single package thus reduces effort to mitigate vuln with minimum number of upgrades and patches

showing 1 - 10