Snyk Review

Overview

Snyk enables you to become a secure developer. Open source can help to improve your productivity, but using others’ code without vetting it for security can place your app at risk. Snyk empowers you to detect and correct known weak links in your open source. The software has been designed by the top notch security researchers and developers.

Snyk allows organizations to securely utilize open source. This platform proactively and seamlessly finds and resolves license violations and vulnerabilities in Docker images and open source dependencies. The vendor integrates the software with their large vulnerability database maintained by their specialist security research squad in London and Israel.

Benefits

What is Snyk for Enterprise Security?

Gain visibility on open source risk and enable your developers to meet the challenges of resolving it.

Find Vulnerabilities

Map the complete application dependency tree

Detect weak links in all open source dependencies

Utilize API, integrations, or CLI to add projects to be tested

Constantly test for newly revealed vulnerabilities

Dependencies are examined against the platform’s vast vulnerability database

Reports (Standard Plan and Up)

Visibility – See the status of all your license issues and security vulnerabilities in a single location, with an overview designed for display on a large screen.

Accountability – View how swiftly your team resolves issues.

Auditable – An inventory of all the dependencies utilized in your projects that can be exported as a CSV.

Licenses (Standard Plan and Up)

Review compliance – Obtain an inventory of the licenses utilized in your projects and their dependencies.

Remain compliant – Prevent risky licenses from being used when a GitHub pull request is made.

Custom policy – Produce a bespoke license policy for your enterprise. Define the severity level of particular licenses and get alerts when a project uses a a problematic license.

Groups (Pro Plan and Up)

Team flexibility – Define areas for your teams to concentrate on the projects pertinent to them.

Superpowered reports – Obtain an overview of your weak link status across all your companies.

Fast filters – Include filters in your reports so you can swiftly access important data.  

Product Features

Pricing

Free Plan

• Unlimited tests on open-source projects
• Up to 100 container tests, 200 tests on private projects
• Azure Repos, Bitbucket Cloud, Github.com, & Gitlab.com (Cloud Git) integration
• Remediation for open-source projects
• CI/CD pipeline integration
• Continuous monitoring

Standard Plan

• $599/mo (billed annually) for 25 developers

Same as the Free plan, plus:

• Unlimited application dependency tests
• Reports
• Bill of Materials
• Licenses
• Rich API
• Unlimited container tests (optional add-on)

Pro Plan

• $1659/mo (billed annually) for 50 developers

Same as the Standard plan, plus:

• On Prem Git (GitLab, Bitbucket, GitHub)
• Single Sign On (SSO)
• Teams & Groups
• Jira integration
• Service Accounts
• Unlimited container tests (optional add-on)

Enterprise Plan

• Hosted & On-premise
• 150+ developers

Same as the Pro plan, plus:

• On Premise: Fully featured, Seamless installation, Air-gapped network support
• Support & SLAs
• Account management
• Custom legal terms
• Band pricing
• Unlimited container tests (optional add-on)