No more typing reviews! Try our Samantha, our new voice AI agent.

Snyk vs Sophos Cloud Optix comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 11, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Snyk
Ranking in Cloud Security Posture Management (CSPM)
17th
Average Rating
8.2
Reviews Sentiment
7.3
Number of Reviews
51
Ranking in other categories
Application Performance Monitoring (APM) and Observability (21st), Application Security Tools (8th), Static Application Security Testing (SAST) (6th), GRC (5th), Cloud Management (13th), Vulnerability Management (19th), Container Security (7th), Software Composition Analysis (SCA) (3rd), Software Development Analytics (2nd), DevSecOps (3rd), Application Security Posture Management (ASPM) (2nd), AI Security (9th)
Sophos Cloud Optix
Ranking in Cloud Security Posture Management (CSPM)
29th
Average Rating
8.0
Reviews Sentiment
6.5
Number of Reviews
5
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of May 2026, in the Cloud Security Posture Management (CSPM) category, the mindshare of Snyk is 3.2%, down from 3.3% compared to the previous year. The mindshare of Sophos Cloud Optix is 0.7%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Cloud Security Posture Management (CSPM) Mindshare Distribution
ProductMindshare (%)
Snyk3.2%
Sophos Cloud Optix0.7%
Other96.1%
Cloud Security Posture Management (CSPM)
 

Featured Reviews

Abhishek-Goyal - PeerSpot reviewer
Software Engineer at a computer software company with 11-50 employees
Improves security posture by actively reducing critical vulnerabilities and guiding remediation
Snyk's main features include open-source vulnerability scanning, code security, container security, infrastructure as code security, risk-based prioritization, development-first integration, continuous monitoring and alerting, automation, and remediation. The best features I appreciate are the vulnerability checking, vulnerability scanning, and code security capabilities, as Snyk scans all open-source dependencies for known vulnerabilities and helps with license compliance for open-source components. Snyk integrates into IDEs, allowing issues to be caught as they appear in the code dynamically and prioritizes risk while providing remediation advice. Snyk provides actionable remediation advice on where vulnerabilities can exist and where code security is compromised, automatically scanning everything and providing timely alerts. Snyk has positively impacted my organization by improving the security posture across all software repositories, resulting in fewer critical vulnerabilities, more confidence in overall product security, and faster security compliance for project clients. Snyk has helped reduce vulnerabilities significantly. Initially, the repository had 17 to 31 critical and high vulnerabilities, but Snyk has helped manage them down to just five vulnerabilities, which are now lower and not high or critical.
Tanzeel Iqbal - PeerSpot reviewer
DevOps Architect at Testware ApS
Cloud posture has improved and security reports drive ongoing compliance and cost control
I really appreciate most aspects of Sophos Cloud Optix, especially that we can set it up on AWS marketplace without needing to host a new machine. We can use their trial version where we can monitor a small number of resources without any additional cost. Setting up Sophos Cloud Optix on AWS is not difficult at all, also because my team has experience with it, making it very easy and quick to set up a trial version that helps us see the initial posture of our security setup as we grow, and then they charge based on the cloud resources. Sophos Cloud Optix impacts us positively in many ways, particularly in security, which is an important part. It is not just about fixing everything without a clear picture of what we have done to improve security, as there must be a portal explaining our progress, which I really appreciate, and it helps us save time and in optimization for performance and cost. While I have not seen much for cost optimization as we have another great tool for it, Sophos Cloud Optix aids us to set up our infrastructure appropriately, making sure databases are in a private network, and if systems are wrongly set up, it helps us quickly mitigate those issues and provides a report indicating the problem. I am really impressed with the way Sophos Cloud Optix provides its features, so I am not sure about any specific improvements needed. I am really satisfied about the reports Sophos Cloud Optix generates, provided in a PDF format which is very useful for our recording purposes.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Our overall security has improved. We are running fewer severities and vulnerabilities in our packages. We fixed a lot of the vulnerabilities that we didn't know were there."
"Snyk has given us really good results because it is fully automated. We don't have to scan projects every time to find vulnerabilities, as it already stores the dependencies that we are using. It monitors 24/7 to find out if there are any issues that have been reported out on the Internet."
"The customization is excellent."
"We have hundreds of source code repositories, and Snyk scans them in minutes (it just looks at package management files to identify the dependency tree), Snyk uses the same infrastructure to scan for all customers on the cloud which gives it lots of scalability opportunities compared to some other vendors where the software is installed on-prem or on a dedicated instance which makes the software pricy and limited."
"What is valuable about Snyk is its simplicity."
"Snyk has positively impacted my organization by improving the security posture across all software repositories, resulting in fewer critical vulnerabilities, more confidence in overall product security, and faster security compliance for project clients."
"The most valuable feature is that they add a lot of their own information to the vulnerabilities. They describe vulnerabilities and suggest their own mitigations or version upgrades. The information was the winning factor when we compared Snyk to others. This is what gave it more impact."
"It hits ROI for us very well in a couple of areas that we want to address: to ensure that we don't have surprises when it comes to vulnerabilities on our dependencies — libraries and images — and from a compliance point of view, we don't want to be in a situation where we're forced to publish code because someone has decided to use libraries that would force us to either publish everything under GPL or put us in a situation where licenses are not compatible and we would have to redo part of the code."
"I find Cloud Optix to be a valuable solution since it provides a single, unified dashboard to monitor cloud assets, such as AWS and Azure."
"The most valuable feature of Sophos Cloud Optix is the simple way to manage my devices on the network. Additionally, it is easy to navigate and has a user-friendly interface."
"Sophos Cloud Optix impacts us positively in many ways, particularly in security, which is an important part, and it helps us save time and in optimization for performance and cost."
"DLP is a valuable feature that we use a lot for info audits."
"The most valuable feature for me would be the solution's endpoint protection."
"Compared to Sophos, Symantec is like not having any protection at all, so once we deployed Sophos in multiple locations, we instantly had a sense of security."
"I find Cloud Optix to be a valuable solution since it provides a single, unified dashboard to monitor cloud assets, such as AWS and Azure."
 

Cons

"It would be helpful if we get a recommendation while doing the scan about the necessary things we need to implement after identifying the vulnerabilities."
"There are some new features that we would like to see added, e.g., more visibility into library usage for the code. Something along the lines where it's doing the identification of where vulnerabilities are used, etc. This would cause them to stand out in the market as a much different platform."
"They were a couple of issues which happened because Snyk lacked some documentation on the integration side."
"There are some new features that we would like to see added, e.g., more visibility into library usage for the code."
"We have seen cases where tools didn't find or recognize certain dependencies. There are some certain circumstances where the tool isn't actually finding what it's supposed to be finding, then it could be misleading."
"We tried to integrate it into our software development environment but it went really badly; it took a lot of time and prevented the developers from using the IDE."
"We tried to integrate it into our software development environment but it went really badly. It took a lot of time and prevented the developers from using the IDE. Eventually, we didn't use it in the development area... I would like to see better integrations to help the developers get along better with the tool. And the plugin for the IDE is not so good. This is something we would like to have..."
"The log export function could be easier when shipping logs to other platforms such as Splunk."
"Sophos should enhance its AI-driven detection features and anomaly detection."
"I have not connected with Sophos Cloud Optix customer support yet, but I had a bad experience when our AWS cloud got compromised, leading to many resources being provisioned, and while Sophos Cloud Optix identified those resources, the resulting bill from AWS was quite high due to the usage charges, which I tried to investigate with the Sophos team, though I am not sure if they assisted with the refund."
"There are times when the devices are at maximum capacity, and it takes a while before the device is updated. For example, if the device has a virus, and it's not aligned to connect to the network, even after you've scanned the device, and cleaned out the virus, once the management clears the system to allow it back on the network it takes some time. It can be frustrating when you have your line manager or in management affected trying to access the network."
"The setup was a little bit complex."
"The dashboard and the process for applying policies could be more intuitive. Cloud Optix isn't that difficult once you get the hang of it, but the IT folks managing this want it to be more user-friendly."
"The dashboard and the process for applying policies could be more intuitive."
"Sophos should enhance its AI-driven detection features and anomaly detection."
 

Pricing and Cost Advice

"Pricing-wise, it is not expensive as compared to other tools. If you have a couple of licenses, you can scan a certain number of projects. It just needs to be attached to them."
"You can get a good deal with Snyk for pricing. It's a little expensive, but it is worth it."
"Presently, my company uses an open-source version of the solution. The solution's pricing can be considered quite reasonable owing to the features they offer."
"Despite Snyk's coverage, scalability, reliability, and stability, it is available at a very competitive price."
"For what Snyk offers, it has the best cost-benefit I have ever seen because you're buying the license per user."
"The license model is based on the number of contributing developers. Snyk is expensive, for a startup company will most likely use the community edition, while larger companies will buy the licensed version. The price of Snyk is more than other SLA tools."
"It's good value. That's the primary thing. It's not cheap-cheap, but it's good value."
"Cost-wise, it's similar to Veracode, but I don't know the exact cost."
"Regarding the pricing for Sophos Cloud Optix, I would say that it was a very good price."
report
Use our free recommendation engine to learn which Cloud Security Posture Management (CSPM) solutions are best for your needs.
893,244 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
14%
Computer Software Company
10%
Manufacturing Company
10%
Comms Service Provider
7%
Financial Services Firm
11%
Construction Company
9%
University
9%
Computer Software Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business21
Midsize Enterprise9
Large Enterprise22
No data available
 

Questions from the Community

How does Snyk compare with SonarQube?
Snyk does a great job identifying and reducing vulnerabilities. This solution is fully automated and monitors 24/7 to find any issues reported on the internet. It will store dependencies that you a...
What needs improvement with Snyk?
There are a lot of false positives that need to be identified and separated. The inclusion of AI to remove false positives would be beneficial. So far, I've not seen any AI features to enhance vuln...
What is your primary use case for Snyk?
I use Snyk ( /products/snyk-reviews ) in the DevOps pipeline to identify vulnerabilities before deploying the application. It integrates with Jenkins ( /products/jenkins-reviews ).
What needs improvement with Sophos Cloud Optix?
I believe there can be improvements in the logging mechanism, with more detailed information available about systems or network logs being beneficial.
What is your primary use case for Sophos Cloud Optix?
I use Sophos Cloud Optix most of the time to harden our AWS infrastructure or Azure infrastructure, and sometimes I use it to meet different types of compliance requirements such as SOC 2 and ISO 2...
What advice do you have for others considering Sophos Cloud Optix?
I have not integrated Sophos Cloud Optix with other tools, but I believe there are many integration options available. The learning curve for new users on my team with Sophos Cloud Optix is not muc...
 

Comparisons

 

Also Known As

Fugue, Snyk AppRisk
No data available
 

Overview

 

Sample Customers

StartApp, Segment, Skyscanner, DigitalOcean, Comic Relief
Information Not Available
Find out what your peers are saying about Snyk vs. Sophos Cloud Optix and other solutions. Updated: April 2026.
893,244 professionals have used our research since 2012.