CAST Highlight vs. Snyk

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
CAST Highlight
Score 8.2 out of 10
Enterprise companies (1,001+ employees)
CAST headquartered in New York offers Highlight, an application portfolio management solution providing software component analysis , application security, application benchmarking, and technical due diligence.
$25,000
Portfolio Size 25
Snyk
Score 8.2 out of 10
N/A
Snyk’s Developer Security Platform automatically integrates with a developer’s workflow and helps security teams to collaborate with their development teams. It boasts a developer-first approach that ensures organizations can secure all of the critical components of their applications from code to cloud, driving developer productivity, revenue growth, customer satisfaction, cost savings and an improved security posture. The vendor states Snyk is used by 1,200 customers worldwide today, including…
$0
Pricing
CAST HighlightSnyk
Editions & Modules
Cloud
25k
Portfolio Size 25
SCA
$26k
Portfolio Size 25
Complete
33k
Portfolio Size 25
Free
$0
Team (Snyk Open Source or Snyk Container or Snyk Infrastructure as Code)
$23
per month per user
Business (Snyk Open Source or Snyk Container or Snyk Infrastructure as Code)
$42
per month per user
Team (Snyk Open Source + Snyk Container + Snyk Code + Snyk Infrastructure as Code)
$98
per month per user
Business (Snyk Open Source + Snyk Container + Snyk Code + Snyk Infrastructure as Code)
$178
per month per user
Enterprise
Contact Sales
Offerings
Pricing Offerings
CAST HighlightSnyk
Free Trial
YesYes
Free/Freemium Version
NoYes
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeOptionalNo setup fee
Additional DetailsAnnual Pricing by Size of Application PortfolioPricing is dependent on the number of developers selected, the number of products selected, and the payment term selected. Please visit the Snyk plans page for an interactive pricing calculator.
More Pricing Information
Community Pulse
CAST HighlightSnyk
Considered Both Products
CAST Highlight
Chose CAST Highlight
These other tools only do a part of what CAST does. CAST gives a comprehensive view into the code looking at all aspects, code quality, security, maintainability, vulnerability, privacy, reuse, etc. These other tools only focus on one or two dimensions.
Snyk
Chose Snyk
Unfortunately, neither cover all of the use cases that we would like so we need to use both but they are both excellent tools as part of our vulnerability management. We find that Snyk helps us better with improving our MTTR of identified vulnerabilities when compared to …
Chose Snyk
We evaluated different solutions to build Application Security SAST capabilities and foster a security first (Shift Left) culture mindset for development engineering teams. Snyk was the best fit into our picture and has all the solutions in a single platform, Snyk Enterprise …
Best Alternatives
CAST HighlightSnyk
Small Businesses

No answers on this topic

No answers on this topic

Medium-sized Companies
Veracode
Veracode
Score 8.7 out of 10
Veracode
Veracode
Score 8.7 out of 10
Enterprises
Veracode
Veracode
Score 8.7 out of 10
Veracode
Veracode
Score 8.7 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
CAST HighlightSnyk
Likelihood to Recommend
10.0
(0 ratings)
8.0
(0 ratings)
Support Rating
10.0
(0 ratings)
-
(0 ratings)
User Testimonials
CAST HighlightSnyk
Likelihood to Recommend
I think CAST is a great tool to give insight into your applications. The tool can be met with resistance from team members as the tool is going to expose defects that should be addressed. Out of the box, it may need some tailoring to focus on certain areas so that you are not overwhelmed with defects the first time you scan your code. But ultimately, you will want to eliminate all defects in the code and have all violations turned on.
Read full review
1) SAST Code Scan 2) Infra Code Scan 3) Docker Image Scan 4) SAS solution and provides good integration with various SCMS
Read full review
Pros
  • Identifies common coding vulnerabilities.
  • Compares code to industry best practices.
  • Assesses the code for data privacy compliance.
Read full review
  • Integration in CI/CD pipeline.
  • Periodic reporting is also an option.
  • Clear separation of issues/categories.
  • Insightful reasoning for issue and suggested solutions.
Read full review
Cons
  • Code scans could be faster. A large application may need to be broken down into smaller sub-applications in order to facilitate faster code scans.
  • We spent a lot of time trying to figure out how to best structure our code base in the application for ultimate performance.
Read full review
  • Setting up is complex and when not do no properly provides too many false positives.
  • We use another tool in parallel because it does not cover all of our languages especially for older code that is in mixed languages.
  • Integrating it with bitbucket was not straight forward.
Read full review
Usability
No answers on this topic
Developer-Centric Design - Snyk integrates directly into IDEs (like VS Code and IntelliJ), CI/CD pipelines, GitHub/GitLab, and container registries. Clear, Actionable Vulnerability report issues are categorized by severity.


Reports include fix recommendations, pull request suggestions, and links to remediation advice.
Read full review
Support Rating
Tech support and pro services are top-notch.
Read full review
No answers on this topic
Alternatives Considered
These other tools only do a part of what CAST does. CAST gives a comprehensive view into the code looking at all aspects, code quality, security, maintainability, vulnerability, privacy, reuse, etc. These other tools only focus on one or two dimensions.
Read full review
Developer-Centric Design


Snyk integrates seamlessly into the dev workflow (IDEs, Git, CI/CD).


Tools like Veracode/Fortify are security team-centric, with less developer engagement.


Unlike WhiteSource or Sonatype, Snyk has a faster learning curve and actionable fixes.
Read full review
Return on Investment
  • I believe once we had the tool working for our code base, we immediately saw positive ROI.
  • We spent some time getting to where our code code be scanned efficiently but some of that was trying to do things ourselves instead of fully utilizing Cast Professional Services. I highly recommend to do an engagement with CAST to have them help setup the tool in your environment or to run it in the cloud for you.
Read full review
  • The API is extensive enough for many integration options.
  • API keys are rotated on a non-preferred time schedule. There's no way to configure this.
  • We had a great experience with the support team and success managers while setting up the product and onboarding projects into the tool
Read full review
ScreenShots

CAST Highlight Screenshots

Screenshot of Application Portfolio ManagementScreenshot of Software Composition AnalysisScreenshot of Portfolio Advisor for Open SourceScreenshot of Portfolio Advisor for CloudScreenshot of Cloud Migration Blockers and Boosters