Kiuwan vs Veracode comparison

Kiuwan and Veracode are both solutions in the Application Security Tools category. Kiuwan is ranked #23 with an average rating of 7.8, while Veracode is ranked #2 with an average rating of 8.0. Kiuwan holds a 1.1% mindshare in AS, compared to Veracode’s 8.0% mindshare. Additionally, 93% of Kiuwan users are willing to recommend the solution, compared to 90% of Veracode users who would recommend it.

Kiuwan

Read 23 Kiuwan reviews

1,550 Views
1,302 Comparison Views

93% willing to recommend

Veracode

Read 204 Veracode reviews

19,783 Views
12,859 Comparison Views

90% willing to recommend

Kiuwan

Veracode

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Oct 8, 2024

Veracode and Kiuwan are both prominent players in the application security testing market. Veracode is often preferred for its comprehensive range of features and reliable customer support, while Kiuwan is noted for its robustness and efficient pricing structure.

Features: Veracode offers static, dynamic, and software composition analysis, ensuring thorough vulnerability detection. It provides a comprehensive security testing suite ideal for addressing a wide range of security issues. Kiuwan is known for its strong integration capabilities, detailed code quality analysis, and flexible deployment options, making it a suitable choice for environments needing adaptability and deep code insights.

Room for Improvement: Veracode could enhance reporting functionalities, improve scan speed, and refine user learning experience. Kiuwan users see potential improvements in enhancing user experience, expanding documentation clarity, and evolving the user interface for better usability.

Ease of Deployment and Customer Service: Veracode has a straightforward deployment process, though the learning curve may be challenging; customer service generally receives positive marks. Kiuwan is recognized for its easy deployment and high-quality customer support, often noted for its simplicity and effective issue resolution.

Pricing and ROI: Veracode is often seen as a premium product with higher initial costs, yet it delivers long-term ROI with its expansive security capabilities. Kiuwan offers a more budget-friendly approach with competitive pricing and reasonable ROI, appealing to users focused on cost savings.

To learn more, read our detailed Kiuwan vs. Veracode Report (Updated: September 2025).

Buyer's Guide

Kiuwan vs. Veracode

September 2025

Download the complete report

Helped 867,370 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Kiuwan

Ranking in Application Security Tools

23rd

Ranking in Static Application Security Testing (SAST)

25th

Average Rating

8.6

Reviews Sentiment

7.0

Number of Reviews

Ranking in other categories

No ranking in other categories

Veracode

Ranking in Application Security Tools

2nd

Ranking in Static Application Security Testing (SAST)

2nd

Average Rating

8.0

Reviews Sentiment

6.9

Number of Reviews

204

Ranking in other categories

Container Security (8th), Software Composition Analysis (SCA) (3rd), Static Code Analysis (1st), Application Security Posture Management (ASPM) (2nd)

Mindshare comparison

As of September 2025, in the Application Security Tools category, the mindshare of Kiuwan is 1.1%, up from 0.9% compared to the previous year. The mindshare of Veracode is 8.0%, down from 10.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Application Security Tools Market Share Distribution
Product	Market Share (%)
Veracode	8.0%
Kiuwan	1.1%
Other	90.9%

Application Security Tools

Featured Reviews

Mustufa Bhavnagarwala

CyberRisk Solution Advisor at Deloitte

Though a stable tool, the UI needs improvement

Kiuwan can improve its UI a little more. The user experience can be made better. Kiuwan offers a user interface that is similar to the one offered by Windows 7 or Windows 98, which I saw when I ran the tool and tried to scan the repository to find the security issues. The product's UI has certain shortcomings, where improvements are required.

Read full review

Kv Rao

Site Leader (India) at Industrial Scientific

Integrates pipelines smoothly and fortifies code against vulnerabilities

I use Veracode in multiple places including static code analysis, penetration testing, and dynamic code analysis. It is part of our pipeline and integrates well with Bitbucket and Git pipelines The ease of integration with Bitbucket pipelines and Git pipelines is vital for us. Veracode allows us…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The solution offers very good technical support."

"We use Kiuwan to locate the source of application vulnerabilities."

"The most valuable feature of the solution stems from the fact that it is quick when processing and giving an output or generating a report."

"I like that I can scan the code without sending it to the Kiuwan cloud. I can do it locally on my device. When the local analyzer finishes, the results display on the dashboard in the cloud. It's essential for security purposes to be able to scan my code locally."

"The solution has a continuous integration process."

"We are using this solution to increase the quality of our software and to test the vulnerabilities in our tools before the customers find them."

"I have found the security and QA in the source code to be most valuable."

"I personally like the way it breaks down security vulnerabilities with LoC at first glance."

More Kiuwan pros

"Vulnerability Management and mitigation recommendations help with resolution of issues found, prior to deployment to production."

"Using an automated tool brings cost reduction and more security."

"The dashboards and the threat insights it provides are very good. The dashboards are intuitive and pretty straightforward, but also pretty detailed."

"The platform itself has a lot of AppSec best practices information, especially in the mitigation recommendation process."

"In terms of secure development, the SAST scan is very useful because we are able to identify security flaws in the code base itself, for the application."

"Provides the ability to understand the black zones in our system."

"The feature I like most in Veracode is that it clearly specifies the line in the entire file where a vulnerability is found."

"For our rapid, secure DevOps cycle, we have integration of the Vericode API into our build tool, and Greenlight into our IDE."

More Veracode pros

Cons

"DIfferent languages, such Spanish, Portuguese, and so on."

"The integration process could be improved. It'll also help if it could generate reports automatically. But I'm not sure about the effectiveness of the reports. This is because, in our last project, we still found some key issues that weren't captured by the Kiuwan report."

"I would like to see additional languages supported."

"In Kiuwan there are sometimes duplicates found in the dependency scan under the "insights" tab. It's unclear to me why these duplicates are appearing, and it would be helpful if the application teams could investigate further."

"The next release should include more flexibility in the reporting."

"Integration of the programming tools could be improved."

"Kiuwan's support has room for improvement. You can only open a ticket is through email, and the support team is outside of our country. They should have a support number or chat."

"It would be beneficial to streamline calls and transitions seamlessly for improved functionality."

More Kiuwan cons

"An area for improvement I found in Veracode is the connectivity because currently, my company uses a plugin for the dev-ops cloud-based connectivity. A pretty helpful feature would be if Veracode gives a direct code for connecting to the Oracle server directly and authenticating it via a unique server."

"One feature I would like would be more selectivity in email alerts. While I like getting these, I would like to be able to be more granular in which ones I receive."

"There are certain shortcomings in Veracode's static analysis engine. I would improve Veracode's static analysis engine to make it capable of identifying vulnerabilities with low false positives."

"The scans were sometimes not accurate in version 2022. There were some false positives in the vulnerability reports. We used to get false positives, and we were responsible for checking all of the alerts and determining whether they were true positives or false positives. They might have already improved it. If they have not, they can look into how to mitigate false positives."

"On-premise implementation is not available."

"The UI is not user-friendly and can be improved."

"Ideally, I would like better reporting that gives me a more concise and accurate description of what my pain points are, and how to get to them."

"Maybe the boards could be made easier to understand or easier to customize."

More Veracode cons

Pricing and Cost Advice

"It follows a subscription model. I think the price is somewhere in the middle."

"Nothing special. It's a very fair model."

"Check with your account manager."

"This solution is cheaper than other tools."

"I recommend contacting a sales person who will create the best plan payment plan for you, as we did."

"The price of Kiuwan is lower than that of other tools on the market."

"Kiuwan is an open-source solution and free to use."

"The Veracode price model is based on application profiles, which is how you package your components for scanning."

"Compared to the typical software composition analysis solutions, Veracode is not so costly, although the static analysis part of it is a little costlier."

"As compared to others, it is a costly solution. It is overpriced, and many organizations with a limited budget cannot afford it. That is why they are going for other tools, but those tools are not that effective. Veracode is better in terms of quality. If you want good service, you have to pay for it."

"It is pricey. There is a lot of value in the product, but it is a costly tool."

"I found Veracode very expensive, though I'm not the person paying for it. I was surprised to find out how much the subscription costs and that the executive board approved it, but it was a no-brainer because now my company has better security scans."

"I'm unfamiliar with the solution's pricing, but it must be worth the cost from a company perspective, as we have been using it for years and have no plans to move away from it."

"The pricing is a bit high."

"Its cost for what we needed it for was too high. It wasn't too high for other companies and it was competitively priced, but for us, it just didn't fit. We did plan to use it and increase the usage. In the end, it may have been abandoned because of the cost, but I'm not a hundred percent sure. So, even though we had planned on using it more and more, because of the cost and the business conditions of things, we didn't have the opportunity to really use it more."

More Veracode pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.

See recommendations

867,370 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

15%

University

Financial Services Firm

Comms Service Provider

Financial Services Firm

16%

Computer Software Company

16%

Manufacturing Company

Insurance Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	15
Midsize Enterprise	4
Large Enterprise	6

By reviewers
Company Size	Count
Small Business	69
Midsize Enterprise	43
Large Enterprise	112

Questions from the Community

What do you like most about Kiuwan?

The most valuable feature of the solution stems from the fact that it is quick when processing and giving an output or generating a report.

See all answers

What is your experience regarding pricing and costs for Kiuwan?

I'm not entirely sure about the price and business aspects, but I assume Checkmarx might be less expensive. I think Checkmarx might offer more affordable options, especially in its smaller business...

See all answers

What needs improvement with Kiuwan?

See all answers

Which gives you more for your money - SonarQube or Veracode?

SonarQube is easy to deploy and configure, and also integrates well with other tools to do quality code analysis. SonarQube has a great community edition, which is open-source and free. Easy to use...

See all answers

What do you like most about Veracode?

The SAST and DAST modules are great.

See all answers

What is your experience regarding pricing and costs for Veracode?

The product’s price is a bit higher compared to other solutions. However, the tool provides good vulnerability and database features. It is worth the money.

See all answers

Comparisons

SonarQube Server (formerly SonarQube) vs Kiuwan

Compared 50% of the time

Checkmarx One vs Kiuwan

Compared 10% of the time

Snyk vs Kiuwan

Compared 8% of the time

SonarQube Cloud (formerly SonarCloud) vs Kiuwan

Compared 7% of the time

Invicti vs Kiuwan

Compared 5% of the time

More Kiuwan Competitors

SonarQube Server (formerly SonarQube) vs Veracode

Compared 16% of the time

Checkmarx One vs Veracode

Compared 9% of the time

GitHub Advanced Security vs Veracode

Compared 7% of the time

OpenText Core Application Security vs Veracode

Compared 4% of the time

OWASP Zap vs Veracode

Compared 4% of the time

More Veracode Competitors

Product Reports

Buyer's Guide

Kiuwan

September 2025

Download Kiuwan product report

Buyer's Guide

Veracode

August 2025

Download Veracode product report

Also Known As

No data available

Crashtest Security , Veracode Detect

Overview

Software analytics technology with a breadth of third party integrations that takes into account the wealth of applications your teams are currently using.

We facilitate and encourage work between unlocalized teams. We understand the complexity of working on multi technology environments, constantly striving to increase the number of programming languages and technologies we support.

Kiuwan

Veracode is a leading provider of application security solutions, offering tools to identify, mitigate, and prevent vulnerabilities across the software development lifecycle. Its cloud-based platform integrates security into DevOps workflows, helping organizations ensure that their code remains secure and compliant with industry standards.

Veracode supports multiple application security testing types, including static analysis (SAST), dynamic analysis (DAST), software composition analysis (SCA), and manual penetration testing. These tools are designed to help developers detect vulnerabilities early in development while maintaining speed in deployment. Veracode also emphasizes scalability, offering features for enterprises that manage a large number of applications across different teams. Its robust reporting and analytics capabilities allow organizations to continuously monitor their security posture and track progress toward remediation.

What are the key features of Veracode?

Static Analysis (SAST) - Scans source code for vulnerabilities before deployment.
Dynamic Analysis (DAST) - Examines applications in a running state to detect flaws in real-time.
Software Composition Analysis (SCA) - Identifies risks in open-source libraries and third-party components.
Manual Penetration Testing - Offers expert analysis for more complex vulnerabilities.
Integrations with DevOps tools - Seamlessly integrates with CI/CD pipelines for automated security checks.

What benefits should users consider in Veracode reviews?

Early detection of vulnerabilities - Helps developers fix security issues early in the development process.
Scalability - Supports organizations with large-scale application portfolios.
Compliance support - Ensures applications meet various security standards and regulations.
Developer training - Provides tools for educating developers on secure coding practices.
Comprehensive reporting - Offers detailed reports that track remediation and risk trends.

Veracode is widely adopted in industries like finance, healthcare, and government, where compliance and security are critical. It helps these organizations maintain strict security standards while enabling rapid development through its integration with Agile and DevOps methodologies.

Veracode helps businesses secure their applications efficiently, ensuring they can deliver safe and compliant software at scale.

Veracode

Sample Customers

DHL, BNP Paribas, Zurich, AXA, Ernst & Young, KFC, Santander, Latam, Ferrovial

Manhattan Associates, Azalea Health, Sabre, QAD, Floor & Decor, Prophecy International, SchoolCNXT, Keap, Rekner, Cox Automotive, Automation Anywhere, State of Missouri and others.

Buyer's Guide

Kiuwan vs. Veracode

September 2025

Free Report: Kiuwan vs. Veracode

Find out what your peers are saying about Kiuwan vs. Veracode and other solutions. Updated: September 2025.

DOWNLOAD NOW

867,370 professionals have used our research since 2012.

See our Kiuwan vs. Veracode report.

See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.

We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.