We performed a comparison between Fortify on Demand and Kiuwan based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."There is not only one specific feature that we find valuable. The idea is to integrate the solution in DevSecOps which we were able to do."
"The solution saves us a lot of money. We're trying to reduce exposure and costs related to remediation."
"Micro Focus WebInspect and Fortify code analysis tools are fully integrated with SSC portals and can instantly register to error tracking systems, like TFS and JIRA."
"The solution is user-friendly."
"It is an extremely robust, scalable, and stable solution."
"The most valuable features of Micro Focus Fortify on Demand have been SAT analysis and application security."
"It improves future security scans."
"The features that I have found most valuable include its security scan, the vulnerability finds, and the web interface to search and review the issues."
"I like that I can scan the code without sending it to the Kiuwan cloud. I can do it locally on my device. When the local analyzer finishes, the results display on the dashboard in the cloud. It's essential for security purposes to be able to scan my code locally."
"The most valuable feature is the time to resolution, where it tells you how long it is going to take to get to a zero-base or a five-star security rating."
"We are using this solution to increase the quality of our software and to test the vulnerabilities in our tools before the customers find them."
"I have found the security and QA in the source code to be most valuable."
"The feature that I have found the most valuable in Kiuwan is the speed of scanning. Compared to other SaaS tools I have used, Kiuwan is much quicker in performing scans. I have not yet used it on a large code base, but from what I have experienced, it is efficient and accurate. Additionally, I have used it both manually and in an automated pipeline, and both methods have been effective. The speed of scanning is what makes it valuable to me."
"I personally like the way it breaks down security vulnerabilities with LoC at first glance."
"It provides value by offering options to enhance both code quality and the security of the company."
"I've tried many open source applications and the remediation or correction actions that were provided by Kiuwan were very good in comparison."
".NET code scanning is still dependent on building the code base before running any scan. Also, it's dependent on an IDE such as Visual Studio."
"The thing that could be improved is reducing the cost of usage and including some of the most pricey features, such as dynamic analysis and that sort of functionality, which makes the difference between different types of tools."
"During development, when our developer makes changes to their code, they typically use GitHub or GitLab to track those changes. However, proper integration between Fortify on Demand and GitHub and GitLab is not there yet. Improved integration would be very valuable to us."
"The biggest deficiency is the integration with bug tracker systems. It might be better if the configuration screen presented for accessing the bug tracking systems could provide some flexibility."
"The UI could be better. Fortify should also suggest new packages in the product that can be upgraded. Currently, it shows that, but it's not visible enough. In future versions, I would like more insights about the types of vulnerabilities and the pages associated with the exact CVE."
"The Visual Studio plugin seems to hang when a scan is run on big projects. I would expect some improvements there."
"The products must provide better integration with build tools."
"An improvement would be the ability to get vulnerabilities flowing automatically into another system."
"The development-to-delivery phase."
"The next release should include more flexibility in the reporting."
"The product's UI has certain shortcomings, where improvements are required."
"I would like to see better integration with the Visual Studio and Eclipse IDEs."
"It would be beneficial to streamline calls and transitions seamlessly for improved functionality."
"The integration process could be improved. It'll also help if it could generate reports automatically. But I'm not sure about the effectiveness of the reports. This is because, in our last project, we still found some key issues that weren't captured by the Kiuwan report."
"The QA developer and security could be improved."
"The configuration hasn't been that good."
Fortify on Demand is ranked 8th in Application Security Tools with 57 reviews while Kiuwan is ranked 22nd in Application Security Tools with 23 reviews. Fortify on Demand is rated 8.0, while Kiuwan is rated 8.6. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of Kiuwan writes "Though a stable tool, the UI needs improvement". Fortify on Demand is most compared with SonarQube, Veracode, Checkmarx One, Coverity and Fortify WebInspect, whereas Kiuwan is most compared with SonarQube, Checkmarx One, Snyk, Veracode and OWASP Zap. See our Fortify on Demand vs. Kiuwan report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.