We performed a comparison between Fortify on Demand and Kiuwan based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"Speed and efficiency are great features."
"It improves future security scans."
"Fortify helps us to stay updated with the newest languages and versions coming out."
"One of the top features is the source code review for vulnerabilities. When we look at source code, it's hard to see where areas may be weak in terms of security, and Fortify on Demand's source code review helps with that."
"Being able to reduce risk overall is a very valuable feature for us."
"Each bank may have its own core banking applications with proprietary support for different programming languages. This makes Fortify particularly relevant and advantageous in those cases."
"Fortify on Demand's best feature is that there's no need to install and configure it locally since it's on the cloud."
"It is an extremely robust, scalable, and stable solution."
"I personally like the way it breaks down security vulnerabilities with LoC at first glance."
"The solution offers very good technical support."
"I find it immensely helpful because it's not just about generating code; it's about ensuring efficiency in the execution."
"I like that it provides a detailed report that lets you know the risk index and the vulnerability."
"The most valuable feature of the solution stems from the fact that it is quick when processing and giving an output or generating a report."
"I've found the reporting features the most helpful."
"It provides value by offering options to enhance both code quality and the security of the company."
"The solution has a continuous integration process."
"The vulnerability analysis does not always provide guidelines for what the developer should do in order to correct the problem, which means that the code has to be manually inspected and understood."
"There are many false positives identified by the solution."
"Primarily for a complex, advanced website, they don't really understand some of the functionalities. So for instance, they could tell us that there is a vulnerability because somebody could possibly do something, but they don't really understand the code to realize that we actually negate that vulnerability through some other mechanism in the program. In addition, the technical support is just not there. We have open tickets. They don't respond. Even if they respond, we're not seeing eye to eye. As the company got sold and bought, the support got worse."
"An improvement would be the ability to get vulnerabilities flowing automatically into another system."
"Integration to CI/CD pipelines could be improved. The reporting format could be more user friendly so that it is easy to read."
"During development, when our developer makes changes to their code, they typically use GitHub or GitLab to track those changes. However, proper integration between Fortify on Demand and GitHub and GitLab is not there yet. Improved integration would be very valuable to us."
"It would be highly beneficial if Fortify on Demand incorporated runtime analysis, similar to how Contrast Security utilizes agents for proactive application security."
"If you have a continuous integration in place, for example, and you want it to run along with your build and you want it to be fast, you're not going to get it. It adds to your development time."
"It could improve its scalability abilities."
"I would like to see better integration with Azure DevOps in the next release of this solution."
"The QA developer and security could be improved."
"I would like to see additional languages supported."
"In Kiuwan there are sometimes duplicates found in the dependency scan under the "insights" tab. It's unclear to me why these duplicates are appearing, and it would be helpful if the application teams could investigate further."
"Kiuwan's support has room for improvement. You can only open a ticket is through email, and the support team is outside of our country. They should have a support number or chat."
"The configuration hasn't been that good."
"The integration process could be improved. It'll also help if it could generate reports automatically. But I'm not sure about the effectiveness of the reports. This is because, in our last project, we still found some key issues that weren't captured by the Kiuwan report."
Fortify on Demand is ranked 11th in Application Security Tools with 56 reviews while Kiuwan is ranked 21st in Application Security Tools with 23 reviews. Fortify on Demand is rated 8.0, while Kiuwan is rated 8.6. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of Kiuwan writes "Though a stable tool, the UI needs improvement". Fortify on Demand is most compared with SonarQube, Checkmarx One, Veracode, Coverity and Fortify WebInspect, whereas Kiuwan is most compared with SonarQube, Checkmarx One, Veracode, Snyk and SonarCloud. See our Fortify on Demand vs. Kiuwan report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
