We performed a comparison between Kiuwan and OWASP Zap based on real PeerSpot user reviews.
Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I've found the reporting features the most helpful."
"I personally like the way it breaks down security vulnerabilities with LoC at first glance."
"I like that I can scan the code without sending it to the Kiuwan cloud. I can do it locally on my device. When the local analyzer finishes, the results display on the dashboard in the cloud. It's essential for security purposes to be able to scan my code locally."
"We use Kiuwan to locate the source of application vulnerabilities."
"Software analytics for a lot of different languages including ABAP."
"I've tried many open source applications and the remediation or correction actions that were provided by Kiuwan were very good in comparison."
"The most valuable feature of the solution stems from the fact that it is quick when processing and giving an output or generating a report."
"I find it immensely helpful because it's not just about generating code; it's about ensuring efficiency in the execution."
"The community edition updates services regularly. They add new vulnerabilities into the scanning list."
"Stability-wise, I rate the solution a nine out of ten. I think it's stable enough. I don't see any crashes within the application, so its stability is high."
"Fuzzer and Java APIs help a lot with our custom needs."
"The vulnerabilities that it finds, because the primary goal is to secure applications and websites."
"It updates repositories and libraries quickly."
"The solution has tightened our security."
"The OWASP's tool is free of cost, which gives it a great advantage, especially for smaller companies to make use of the tool."
"The application scanning feature is the most valuable feature."
"Integration of the programming tools could be improved."
"It could improve its scalability abilities."
"The solution seems to give us a lot of false positives. This could be improved quite a bit."
"I would like to see better integration with Azure DevOps in the next release of this solution."
"The development-to-delivery phase."
"The next release should include more flexibility in the reporting."
"I would like to see better integration with the Visual Studio and Eclipse IDEs."
"The configuration hasn't been that good."
"The ability to search the internet for other use cases and to use the solution to make applications more secure should be addressed."
"I'd like to see a kind of feature where we can just track what our last vulnerability was and how it has improved or not. More reports that can have some kind of base-lining, I think that would be a good feature too. I'm not sure whether it can be achieved and implement but I think that would really help."
"Online documentation can be improved to utilize all features of ZAP and API methods to make use in automation."
"Lacks resources where users can internally access a learning module from the tool."
"It needs more robust reporting tools."
"The reporting feature could be more descriptive."
"It would be nice to have a solid SQL injection engine built into Zap."
"It doesn't run on absolutely every operating system."
Kiuwan is ranked 16th in Application Security Testing (AST) with 23 reviews while OWASP Zap is ranked 8th in Application Security Testing (AST) with 37 reviews. Kiuwan is rated 8.6, while OWASP Zap is rated 7.6. The top reviewer of Kiuwan writes "Though a stable tool, the UI needs improvement". On the other hand, the top reviewer of OWASP Zap writes "Great for automating and testing and has tightened our security ". Kiuwan is most compared with SonarQube, Checkmarx One, Veracode, Snyk and Mend.io, whereas OWASP Zap is most compared with SonarQube, Acunetix, PortSwigger Burp Suite Professional, Qualys Web Application Scanning and Veracode. See our Kiuwan vs. OWASP Zap report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.