Add to Chrome
Add to Edge
Add to Firefox
Add to Opera
Add to Brave
Add to SafariWhen comparing Snyk vs OWASP Dependency-Check, the Slant community recommends Snyk for most people. In the question“What are the best DevOps security tools?” Snyk is ranked 4th while OWASP Dependency-Check is ranked 8th. The most important reason people chose Snyk is:
Snyk can connect directly to GitHub, GitLab, Heroku, AWS Lambda, Bitbucket Server etc. It is also possible to use the [CLI](https://snyk.io/docs/getting-started-with-our-cli/).
Specs
Question Ranking
Pros
Pro Integrations
Snyk can connect directly to GitHub, GitLab, Heroku, AWS Lambda, Bitbucket Server etc. It is also possible to use the CLI.
Pro TeamCity plugin
TeamCity plugin available.
Pro Multi language support
Snyk supports .NET, GO, Java. Node.js, PHP, Python, Ruby, Scala.
Pro Free
Pro Jenkins plugin
Pro Azure DevOps Extension
An Azure DevOps Extension is available on the Visual Studio Marketplace.
Cons
Con Shallow .NET support
Only seems to check the NuGet packages and not much else.
Con ASP.NET Core is "High risk"
The TeamCity plugin fails the build for all ASP.NET Core applications stating that it is vulnerable to DOS attacks and that "there is no fix available".
Con Needs Java
Needs Java to be installed.
Con No TeamCity plugin
There is no official TeamCity plugin, but there seems to be an unofficial tool: PacMon.
