Kiuwan Code Security & Insights Reviews & Product Details

Kiuwan Code Security & Insights Overview

What is Kiuwan Code Security & Insights?

Build secure applications from the start with Kiuwan Code Security, a SAST solution. Scan your application source code to detect and eliminate vulnerabilities using over 4000 constantly-updated rules based on 25 security standards, including CWE/SANS 25, OWASP Top 10, PCI DSS, HIPPA, and more. Kiuwan Code Security covers major programming languages and integrates with leading IDEs and DevOps tools. Advanced analytics provide remediation action plans for product managers and security teams with "what-if" analysis, tailored to your unique business requirements. Reduce risk from open source components with Kiuwan Insights, a Software Composition Analysis (SCA) solution. Automatically generate an inventory of open source components, identify and manage known vulnerabilities, ensure licensing compliance, and get automatic obsolescence notifications. Kiuwan, (a division of Idera, Inc.), provides application security testing tools to over 500 companies worldwide, including such recognizable names as KFC, DHL, Siemens, HP, BBVA, and Roche. Kiuwan’s worldwide headquarters are in Madrid, with satellite offices in Milan, Paris, and Valladolid, Spain. The company’s US headquarters are in Houston, Texas.

Kiuwan Code Security & Insights Details
Languages Supported
English
Product Description

Provides an end-to-end Application Security platform to bring you objective data so you can make informed decisions regarding the security, risk, cost, activity, quality, maintainability, efficiency and dependencies of your applications.

How do you position yourself against your competitors?

Kiuwan Code Security delivers the fastest code security analysis with the broadest coverage of programming languages in the market, all at a highly competitive price.

Keep your code in-house and scan on your own local server, or use our secure cloud-based SaaS solution. Save time with a low rate of False Positives and False Negatives.

Generate an automatic action plan based on the types of vulnerabilities that matter most to you. Conduct "what-if" analysis based on the level of security you want to attain and the effort required.

We offer flexible licensing options for continuous scanning, or on-demand "audit scans". And Kiuwan is the only major vendor to offer a free, full-featured trial for all supported programming languages.


Seller Details
Seller
Kiuwan
Company Website
Year Founded
2003
HQ Location
Houston, TX
Twitter
@Kiuwan
3,917 Twitter followers
LinkedIn® Page
www.linkedin.com
33 employees on LinkedIn®
Show More

Kiuwan Code Security & Insights Screenshots

Kiuwan Code Security & Insights Reviews

Write a Review
Filter reviews
LinkedIn®
Connections
Popular Mentions
Showing 22 Kiuwan Code Security & Insights reviews
Popular Mentions
Showing 22 reviews
Filter Reviews
Filter Reviews
Sort by
Ratings
Company Size
User Role
For Category
All Industries
Region
Already have Kiuwan Code Security & Insights?
Write a Review
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from the seller
What do you like best?

Integrations with Jenkins and view reports. I like how you can handle and move around the environment handling the definition and indication of where the correction should be applied. Many people do not have this access and cannot handle this type of information. But for the company it was very important. I also really like the great color that the environment has. This helps a lot to be able to detect with priority which problem I should tackle first. I also quite liked the easy integration with Jenkis. For me this was quite important. The use of additional parameters and all parameters. I also liked how the projects can be separated to group the reports. Review collected by and hosted on G2.com.

What do you dislike?

I did not like not having the option to view the report from the registry of the local Kiuwan analyzer. I think I should be able to see the reports from the local tool and be able to export them to xml files to be able to see these reports directly from jenkisn and not have to go to log in to the kiuwan portal and go to review the results there. This type of limitation is quite cumbersome. you have to make many improvements in this. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Use it, the experience is second to none. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

I have been able to solve big security problems and bad practices in my code. I could also solve the errors and problems that our development team did not contemplate before. Many things are also solved when the reports are viewed. Review collected by and hosted on G2.com.

Show More
Show Less
Response from Giulia Di Pietro of Kiuwan Code Security & Insights

Thank you very much for your review! We have taken your feedback for improvement into consideration.

Responsable técnico
Small-Business(50 or fewer emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from the seller
What do you like best?

What I like the most is being able to launch the analysis locally without having to wait for the analysis queues. It is also very easy to configure and create your own rules. Review collected by and hosted on G2.com.

What do you dislike?

I have to investigate the integration with git for sending emails to the person who has uploaded bad code. I think it is not yet possible or it is difficult to configure. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

I recommend Kiwan for its independence with a central code analytics server that can get cluttered if there are too many applications to analyze. In addition, its price is quite competitive.

Code snippet analysis can be performed without having to analyze the entire application. Very good if you only have to analyze one patch.

It greatly streamlines static code analysis and can increase team productivity. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

The speed in which I obtain my analysis of static code in my premises without depending on an analysis server. Review collected by and hosted on G2.com.

Show More
Show Less
Response from Giulia Di Pietro of Kiuwan Code Security & Insights

Thank you for your review and for using Kiuwan! We will take your feedback into account.

Cibersecurity Software engineer
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from the seller
What do you like best?

Kiuwan is a powerful tool that help our developers to create secure software.

Also, the code quality component is very good. It provides a lot of information of governance and it has support for many languages and frameworks.

It's well integrated with other tools like development environments or continuos integration tools like jenkins. You could integrate easily Kiuwan in your SDLC.

The Kiuwan support team is very effective. Review collected by and hosted on G2.com.

What do you dislike?

Like any SAST tool, Kiuwan creates some false positives.

Kiuwan don't have a notification system to inform the development teams and auditors.

Sometimes it's complicated to understand the description of the vulnerabilies detected by the tool.

It's necessary to improve the review of a defect. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

It's a good tool to analyze the security and quality of your projects.

You could customize your portfolio adding atributes to improve the visibility and the governance of the projects.

You could manage the models used to analyze the source code. Also, you could modify a lot of rules associated to multiple technologies. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

We include the solution in our SDLC, decreasing the cost of the projects and the number of vulnerabilities in production environments.

With Kiuwan, we have a more robust software, easy to maintain.

We have the visibility of the status of all the projects analyzed. We could estimate the cost and the effort to solve the defects. Review collected by and hosted on G2.com.

Show More
Show Less
Response from Giulia Di Pietro of Kiuwan Code Security & Insights

Thank you very much for your detailed review! We are happy you chose to use Kiuwan's solutions for your project.

Chief Information Security Officer
Mid-Market(51-1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from the seller
What do you like best?

A lot of compatibility with different coding languages and good size metrics. Review collected by and hosted on G2.com.

What do you dislike?

More document regular error issues will be great. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Code Review for PCI Compliance and internal code security metrics. Review collected by and hosted on G2.com.

Show More
Show Less
Response from Giulia Di Pietro of Kiuwan Code Security & Insights

Thank you for your review! We are glad you chose Kiuwan for your project.

Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from the seller
What do you like best?

We have integrated Kiuwan in our DevOps chain without issues, using TFS and other tools in this chain. We have already found a good bunch of security leaks, specially in older versions of our soon developments. We manage very different code languages and versions, the "dialects" covered by Kiuwan is very complete in this case. A very nice feature is the integration with code editors and IDE's. Review collected by and hosted on G2.com.

What do you dislike?

Maybe the licensing politics per MLoC, an unlimited enterprise license would be better. MloC make you continuously review the licensing conditions and this in not very confortable in our case, where we are continuously developing new and taking out old lines of code. Another nice to have would be to integrate your code checking plugins with free but fully functional editors like Atom or others. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Check if you can use Kiuwan in your continuous development process; Be aware of the languages you want to check and specially be sure to not necessarily include third party code libraries as for example javascript libraries or other open source libraries as these will increment your code amount very rapidly. Be sure that you include only the code versions that you are using, this for the same reason as the previous point. If you are using TFS or any kind of Git as code repository be sure to include only the life versions of your code development. A very nice to have is to include the code analysis right into your IDE, this avoid errors right from the beginning, further complete analysis will be faster and more controllable. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

We are continuously improving our code quality and closing security holes in all of our code, both new development and legacy code which in some cases is more than 20 years old. Review collected by and hosted on G2.com.

Show More
Show Less
Response from Giulia Di Pietro of Kiuwan Code Security & Insights

Thank you for your review! We will take your feedback for improvement into consideration. We are committed to improving the usability of Kiuwan for all users.

AC
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from the seller
What do you like best?

Knowledge about what you REALLY have in your solutions. For us is like buying a car knowing every part detailed haw it's working in the engine, detailing the future problem we can have with everyone.

If your car outside is very nice but not inside your purchase was not good. And we buy code and sell applications to our businesses. It's one of our main tools to produce code with quality. Review collected by and hosted on G2.com.

What do you dislike?

Perhaps I'd like to have the possibility to change the ponderation of every concept and accesing directly to the tables to get the information we can need, instead of having to get this info vía API. Sometimes when you have the administration it's very fast to have access to the data base to solve something or have some answers. Building and API takes time. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

I recommend KCS&Insights as a way to have a better quality and security of your code. We are very happy and we're know implementing this tool in another areas in our company. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

We are know starting analyzing apps with Insights but we're know realizing the components we are using and the obsolescence associated. We have thinking about a project to remove these kind of components. We cannot have critic applications pending on different components that we don't have the security they are going to have support, updates, etc. Review collected by and hosted on G2.com.

Show More
Show Less
Response from Giulia Di Pietro of Kiuwan Code Security & Insights

Thank you for your detailed review! We will take your suggestions for improvement into consideration.

Mid-Market(51-1000 emp.)
Validated Reviewer
Review source: Invitation from the seller
Business partner of the seller or seller's competitor, not included in G2 scores.
What do you like best?

Real time agent status monitoring, agent logging and It is very cost effective compared to its performance and the features it offers. I like the way it assesses the applications. Review collected by and hosted on G2.com.

What do you dislike?

The tool kiuwan SAST is oblivious of the inner workings of the application being tested. It is unaware of the some of programming languages, need to add more and need to improve the performance. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Our business was looking for a solution that reduces/stops web application attacks and protect our data at the same time. Its a very user friendly product simple to use, not complicated as compare to others. Review collected by and hosted on G2.com.

Show More
Show Less
Response from Giulia Di Pietro of Kiuwan Code Security & Insights

Thank you so much for your review! We will take your comments into consideration. Regarding the addition of new languages, we are constantly working on adding more. You can keep track of our supported languages here: https://www.kiuwan.com/languages/.

Technical Manager in IT Directorate
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from the seller
What do you like best?

The components of Kiuwan help us to dig into our source code and discover hidden flaws that may compromise its security and maintenance. They are easily configurable, providing ready-to-use information. Review collected by and hosted on G2.com.

What do you dislike?

The integration with CI tools was not as easy as we had expected, but it could have well been due to our lack of experience with the tool. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

There have been an increased concern about cybersecurity in the company and we benefit from code security analysis. Furthermore, in the evolution of our software framework to CI, we have detected inconsistencies in the use of third-party libraries, so Insights is a powerful tool. Review collected by and hosted on G2.com.

Show More
Show Less
Response from Giulia Di Pietro of Kiuwan Code Security & Insights

Thank you for your review! We are sorry to hear you had issues integrating Kiuwan with CI tools. We provide extensive documentation on integrations: https://www.kiuwan.com/docs/display/K5/Developers+-+Integrations. And our support team is happy to help if you encounter any further issues.

ET
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from the seller
What do you like best?

It's easy to deploy in your Company, easy to use and powerfull reviews. Kiuwan has a lot of plugins and posibilities (Api, Plugins etc) to integrate the solution with you software development pipelines.

Th privacy is an other important thing for us, and Kiuwan allows diferente posibilities to manage private code. Review collected by and hosted on G2.com.

What do you dislike?

Insights (Software Composition Analysis or third party technical debt) and Architecture (software components relationships) should part of the main product. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Integrate source code analisys in your pipelines, also covering ABAP and IOS development. Use it as part of your SAP pipelines.

Easy to deploy and without having to pay for new code languages, SaaS solution with everything needed. Review collected by and hosted on G2.com.

Show More
Show Less
Response from Giulia Di Pietro of Kiuwan Code Security & Insights

Thank you for your review and for choosing the Kiuwan Solutions for your project!

Especialista en automatización de pruebas para INCIBE
Enterprise(> 1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from the seller
What do you like best?

Kiuwan supports multiple projects quality and security Review collected by and hosted on G2.com.

What do you dislike?

Difficult to mark false positives because it change with new code Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

We discover multiple security problems on our code Review collected by and hosted on G2.com.

Show More
Show Less
Response from Giulia Di Pietro of Kiuwan Code Security & Insights

Thank you for your review! We will take your comments into consideration.

CB
Enterprise(> 1000 emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from the seller
What do you like best?

I like the interface because it's more atractive than your competitors. Review collected by and hosted on G2.com.

What do you dislike?

I don´t like the results report, because sometimes it's complicated for newbie users. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

I can resolved a lot of security problems, (I have desactivated the other types of rules). Review collected by and hosted on G2.com.

Show More
Show Less
Response from Giulia Di Pietro of Kiuwan Code Security & Insights

Thank you for your feedback! We are happy to have you as a customer.

Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from the seller
What do you like best?

Easy to use, the graphips are very useful, you can see easily where is the problem Review collected by and hosted on G2.com.

What do you dislike?

Action plans, is´not easy to use, has a lot of complexity Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Security problems Review collected by and hosted on G2.com.

Show More
Show Less
Response from Giulia Di Pietro of Kiuwan Code Security & Insights

Thank you for your review! We will take your feedback into consideration. We are constantly working on improving the usability of Kiuwan.

Ingeniero de ciberseguridad. Area de transportes
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from the seller
What do you like best?

The possibility of grouping all applications in portfolios. We also quite like the option to give different types of users permissions on these portfolios. For our business this is very useful to governance level Review collected by and hosted on G2.com.

What do you dislike?

I think the application often lacks filters.

Another area of ​​improvement is the possibility of exporting results to a report directly from a summary of a portfolio and not individually by application. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

In our business it is important to solve vulnerabilities ragarding to code injection and kiuwan helps us. Review collected by and hosted on G2.com.

Show More
Show Less
CEO, IT Security Expert
Information Technology and Services
Mid-Market(51-1000 emp.)
Validated Reviewer
Review source: Invitation from the seller
What do you like best?

Easy integration with internal applications is the best key value for end user as well as good and valuable output from the analysis. Application has nice web portal and good integration with Azure authentication. Also TFS integration is on good level. I recommend using the Kiuwan service, support is also very good. Review collected by and hosted on G2.com.

What do you dislike?

For novice user web interface could be complex at the beginning. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Good start SAST tool! Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Better vivisibility on internal flaws in application code. Review collected by and hosted on G2.com.

Show More
Show Less
Cybersecurity Sales Specialist
Small-Business(50 or fewer emp.)
Validated Reviewer
Review source: Invitation from the seller
Business partner of the seller or seller's competitor, not included in G2 scores.
What do you like best?

Great tool for developers to validate code compliance. Management for oversight progress and forecasting. Also easy integration on CD / CI environment. Review collected by and hosted on G2.com.

What do you dislike?

I consider that some vulnerabilities are not detected in Kiuwan. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

With Kiuwan we now have the ability to analyse and block bad code and start in a easy and clean way to optimize our code and fasten our applications. Review collected by and hosted on G2.com.

Show More
Show Less
CC
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from the seller
Business partner of the seller or seller's competitor, not included in G2 scores.
What do you like best?

Facilidad de uso, mensajes de posibles soluciones, muy intuitivo, con muchas opciones de personalización. Review collected by and hosted on G2.com.

What do you dislike?

Punto más negativo, carga compleja de código fuente, aunque ha mejorado mucho con el paso de las versiones. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Código más seguro, reutilizable y optimizado. Review collected by and hosted on G2.com.

Show More
Show Less
Response from Giulia Di Pietro of Kiuwan Code Security & Insights

¡Gracias por su crítica! Tomaremos sus comentarios en consideración.

AI
Mid-Market(51-1000 emp.)
Validated Reviewer
Review source: Invitation from the seller
Business partner of the seller or seller's competitor, not included in G2 scores.
What do you like best?

The fact that there is a service in TFS that could automate tje scan Review collected by and hosted on G2.com.

What do you dislike?

lack of automation with some services and integration Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

we want a clean code and secure one Review collected by and hosted on G2.com.

Show More
Show Less
Response from Giulia Di Pietro of Kiuwan Code Security & Insights

Thank you for your review!

Senior .Net Developer
Information Technology and Services
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from the seller
What do you like best?

Kiuwan not only is the only provider that we found that gives correct results but the support is amazing and there are tools that help us easily integrate it into our DevSecOps pipeline. Review collected by and hosted on G2.com.

What do you dislike?

No downsides for us thus far as all our requirement have been met by the product Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Code security within our DevSecOps process Review collected by and hosted on G2.com.

Show More
Show Less
AB
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from the seller
What do you like best?

Easy to use and to setup. Fast scans post the first one. Supports microfocus COBOL. Review collected by and hosted on G2.com.

What do you dislike?

The proyect screen could use and update. The score should use a numeric metric instead of stars. Inside the azure the scan has to be checked un the Kiuwan plataform. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Always define first your security assets, it would help you set your reach inside the realm of reality Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Static scan of code. Two mayor features should always be low false positives and fast scans Review collected by and hosted on G2.com.

Show More
Show Less
CH
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from the seller
Business partner of the seller or seller's competitor, not included in G2 scores.
What do you like best?

Kiuwan is a very versatile tool, it allows you to review different programming languages, and what I like most is the ability to establish an action plan with times according to the vulnerabilities found Review collected by and hosted on G2.com.

What do you dislike?

The tool increased a lot in price in the last year Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Always look for a supplier with experience in the Kiuwan tool Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

The tool serves to perform static code review of critical applications, and also allows compliance with different standards and regulations Review collected by and hosted on G2.com.

Show More
Show Less
Technology area manager
Mid-Market(51-1000 emp.)
Validated Reviewer
Review source: Invitation from the seller
What do you like best?

Security scan analysis and excellent reporting system Review collected by and hosted on G2.com.

What do you dislike?

Poor email notifications. Not trivial integration with SVN Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Compliance Review collected by and hosted on G2.com.

Show More
Show Less
UC
Mid-Market(51-1000 emp.)
Validated Reviewer
Review source: Invitation from the seller
Business partner of the seller or seller's competitor, not included in G2 scores.
What do you like best?

The scan dashboard results are great it’s one place to find all security vulnerabilities. Review collected by and hosted on G2.com.

What do you dislike?

It’s expensive compared to other products in the markets Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Reduced security issues with clients specifically SQL injection. Review collected by and hosted on G2.com.

Show More
Show Less
Do you work for Kiuwan Code Security & Insights?