Kiuwan Reviews

Our primary use case is to focus on and discover the vulnerabilities in our code, to clean the code and to make it safer and more secure for our customers. We are a customer of Kiuwan and sell it to our customers. We employ an analyzer for our coding.

The most valuable feature of the solution is the continuous integration process. This enables us to make the best in terms of security of our solution and not introduce new mistakes. Problems are solved step by step. 

Improvement could be made with the integration of the programming tools. The solution provides some integration tools but for now we're not using these tools very much because it's expensive and we don't get much return. In the future we might be more interested. They could also improve repositories in the solution. I also think the coding could be improved technically and include some features that could be valuable for enterprise companies.

I've been using this solution for about one year. 

It's a stable solution 

I don't think there would be problems with scalability. 

I've used the technical support sometimes but we haven't had a lot of issues. There is also a call centre and they respond quickly. For the moment, support is good. 

The key for success of this solution in relation to other similar solutions is that it's a flexible solution.

The initial setup was very straightforward. It's a cloud solution so after you sign the contract you have the solution. You just need to create the users, do the tutorials, it's simple. There's no deployment because it's a cloud service, you might just need to download a local analyzer.  We have an external consultant who performed the dynamic analysis of our code. 

With this solution you only pay for the total amount of lines of code and it's a reasonable cost. 

The solution is easy to work with. It takes a day or two to get used to it but after that it's easy to use and there's enough documentation in the tool. We haven't had problems using it. 

I would rate this product an eight out of 10. It's not perfect but it's good for us. 

We are a solution provider, and we are using this solution with one of our clients.

The primary use case for this solution is security and vulnerability testing. We are currently integrating this solution into our software development process.

We have a public cloud deployment.

This solution has improved the quality of the process, in general. This solution helps us to catch issues early on, and find problems that we never knew we had. This results in things being more secure.

The most valuable feature is the time to resolution, where it tells you how long it is going to take to get to a zero-base or a five-star security rating.

The interface is usable and friendly.

The rate of false positives, where it reports issues that are not really issues, can be improved.

Scanning of vulnerabilities on open-source projects is not particularly useful as it is.

I would like to see better integration with Azure DevOps in the next release of this solution.

This solution is stable.

We haven't encountered any issues with the scalability of this solution. It is fine.

There are five or six users who are using this solution actively. There are software developers, a solution architect, and a lead developer. The solution is just being incorporated into our process.

We haven't had any issues or need to engage with technical support.

We are also using SonarQube in parallel with this solution. SonarQube is a good product, but I prefer Kiuwan from a functional perspective.

The initial setup of this solution is very simple.

We performed the implementation ourselves.

This is a solution that I recommend.

The biggest lesson that I have learned from using this software is that we weren't as secure as we had thought. You think that you have pretty decent security until you get the tool and see where you are short. 

I would rate this solution a nine out of ten.

We have just recently adopted this solution to use for our code security. We are still new to using these kinds of tools.

We are using this solution to increase the quality of our software and to test the vulnerabilities in our tools before the customers find them. Customers look for problems in code, so it is better to perform tests and prove that our code is free from vulnerabilities beforehand.

This is standard here in Spain, where the customers use the same tools to check for vulnerabilities. If we are using the same tools then it is not possible for the customers to find different problems. If we are using different tools then maybe the results would be different. We want the customer's report to list the same issues.

So far, the tool has shown us four issues, and we are starting to clean the vulnerabilities.

This program is very easy to use. I can use this tool, and I am new to these kinds of tools.

Better integration with code repositories is something that we will need.

I would like to see better integration with the Visual Studio and Eclipse IDEs.

It would be helpful to have better testing for vulnerabilities in mobile development.

We have had no issues with stability since we started working with this solution.

Currently, we are using this tool about once a week. However, we want to extend this to using the tool on a daily basis. At the moment we are only using a single test, but we want it to be used by all of the developers on their normal day.

Our solution is in the cloud, so I don't think that we'll have any problem with scalability.

We have approximately twenty developers using this solution

We did have a support case with a customer, but I was on holiday and did not interact with technical support myself. I think that the support was quick and fine.

This is our first solution for code security.

The installation of this solution is easy.

This solution is cheaper than other tools.

We ran a project to evaluate solutions and we finally chose Kiuwan. For the evaluation, we weighed both price and technical aspects of the tool, equally. We found that this is a cheaper tool for the level of quality.

We tried putting the same piece of code into different tools. For example, in Java, the tools have similar results. So for Java, there's a low cost, and the preference is for the content of the coders. For mobile development, we are not too experienced, and it is not the perfect tool because the integration with certain products is very manual. The price, however, justifies adopting this product.

For the moment, this is a solution that I could recommend. It is a cheaper way for us to enter into working on code security.

The biggest lesson that I have learned to make sure that we do not have any big security issues during development. We are confident about the vulnerabilities that are being found in our Java code, but we are not sure about other languages such as Angular. This solution may not be able to detect all of the problems that are in the code.

I would rate this solution an eight out of ten.

I use the solution for daily software development in our company.

I've found the reporting features the most helpful.

I do not have a clear idea about what could be better. I feel like the general tool is pretty good.

The next release should include more flexibility in the reporting.

The stability of the solution is all right.

The solution offers complete scalability. I'm not looking to increase usage at the moment, however.

We haven't used technical support. It's a very new tool for our company.

I would rate the complexity of setup as a medium. It's not the easiest, but it's not the most complex. Deployment takes about six months. We have four staff members for deployment and maintenance.

I am an information security manager and I collaborate with the software development team for implementation.

At this point, we do not see any ROI because at this moment we do not have any business that is completely dependant on this particular tool. I think in the next month we will have that.

We compared Kiuwan with other local solutions in Spain. We found Kiuwan had the best rates and price capabilities.

I advise using Kiuwan because it's very straightforward and totally easy to understand. It's also easy to deploy.

I would rate this solution as 8 out of 10.

I personally like the way it breaks down security vulnerabilities with LoC at first glance.

In our digital marketing efforts, our app is in continuous integration and having introduced this tool ensures we are always delivering safe code.

Perhaps more languages supported.

Six months.

None.

None.

None.

Haven't had any trouble.

So far, we've opened a couple of tickets and we got a prompt reply from their tech support team.

No.

It is very easy to deploy.

We did it ourselves.

Faster development of our app.

Nothing to add.

We looked at Sonar.

• We use Kiuwan to locate the source of application vulnerabilities.
• Saving time and money by automatically identifying problems is unbelievable.

We analyze the application code before the testing phase. We correct the most serious problems encountered and the applications are then more stable and safe when passed onto the testing phase.

The development-to-delivery phase.

We have been using Kiuwan for six months.

As a cloud solution, it was working from the first day, without any configuration necessary.

No, I did not.

No, I did not.

The customer service is always ready, using the live chat integration.

10 out of 10.

No, I did not.

No, it was automatic.

No, it wasn't necessary

I recommend contacting a sales person who will create the best plan payment plan for you, as we did.

Lifecycle features, because they permit us to show non-technical people the risk and costs hidden into the code due to bad programming practices.

It is the most effective tool for IT procurement managers and directors. Technical debt metrics and action plans oriented to rejected deliveries.

Kiuwan was used internally at Optimyth. We had no surprises derivated from security, performance, or maintainability issues.

DIfferent languages, such Spanish, Portuguese, and so on.

I've used this solution for three years.

No.

No.

An eight out of 10.

In other companies I have worked for, we moved to Kiuwan/Optimyth because of the accuracy and easiness of use and setup.

Also, most of my partners and customers have moved to Kiuwan due to the metrics and programming languages supported.

Not complex. I am a salesperson without tech training and I was able to use it

Nothing special. It's a very fair model.

CAST, Sonar, and Clarify.

If they need a tool to be used across your organization (technicians, managers, and directors), this is the tool.

Have highly qualified staff or consultancy provider (code quality and governance) to define the risk model to be used and measured with Kiuwan, this increases the ROI.

We only used these products to do some demos. The feedback was very positive.

Our organization is a product distributor. We don’t use the product internally. But for the customers/leads we presented it to, they see that it can add a lot of value to validate what they receive from their providers.

From a maketing perspective, I would suggest demonstrating that using these tools will make money for the customer. The customer should have a clear vision of what they purchsed and what they received. They should push more technical articles on LinkedIn. There is always space to make things better, but for now, it is making a difference.

These products have some dreams, as I heard from some Dev Managers, but I’m sure that with a closer relationship, we can upscale that.

We are only showing the product to leads as demos.

The technical support is very good. We have received valid answers to our questions.

We had some experienced with Rational and Compuware, in addition to the APM tools that we distribute.

The pricing and licensing models are poor. If it has a SaaS, the hybrid solution will be enough.

We did very careful research of solutions on the market and chose this one for our demos.

“A fool with a tool is still a fool”. Chose somebody who can add the right processes, methods, and techniques to actually implement the customers' objectives. We try to build a eco-system to cross-sell our solutions.

There is a mix between maturity and money. That is the barrier to break before showing the customer that he is purchasing something without risks before he goes into production. They should focus on a product that adds value to the corporation.