We performed a comparison between Kiuwan and OWASP Zap based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature of the solution stems from the fact that it is quick when processing and giving an output or generating a report."
"I like that I can scan the code without sending it to the Kiuwan cloud. I can do it locally on my device. When the local analyzer finishes, the results display on the dashboard in the cloud. It's essential for security purposes to be able to scan my code locally."
"I personally like the way it breaks down security vulnerabilities with LoC at first glance."
"We are using this solution to increase the quality of our software and to test the vulnerabilities in our tools before the customers find them."
"The feature that I have found the most valuable in Kiuwan is the speed of scanning. Compared to other SaaS tools I have used, Kiuwan is much quicker in performing scans. I have not yet used it on a large code base, but from what I have experienced, it is efficient and accurate. Additionally, I have used it both manually and in an automated pipeline, and both methods have been effective. The speed of scanning is what makes it valuable to me."
"I've found the reporting features the most helpful."
"It provides value by offering options to enhance both code quality and the security of the company."
"The solution has a continuous integration process."
"The solution has tightened our security."
"The community edition updates services regularly. They add new vulnerabilities into the scanning list."
"The product helps users to scan and fix vulnerabilities in the pipeline."
"The HUD is a good feature that provides on-site testing and saves a lot of time."
"The scalability of this product is very good."
"It updates repositories and libraries quickly."
"You can run it against multiple targets."
"ZAP is easy to use. The automated scan is a powerful feature. You can simulate attacks with various parameters. ZAP integrates well with SonarQube."
"The integration process could be improved. It'll also help if it could generate reports automatically. But I'm not sure about the effectiveness of the reports. This is because, in our last project, we still found some key issues that weren't captured by the Kiuwan report."
"I would like to see better integration with the Visual Studio and Eclipse IDEs."
"Integration of the programming tools could be improved."
"The solution seems to give us a lot of false positives. This could be improved quite a bit."
"The configuration hasn't been that good."
"It would be beneficial to streamline calls and transitions seamlessly for improved functionality."
"The QA developer and security could be improved."
"I would like to see additional languages supported."
"ZAP's integration with cloud-based CICD pipelines could be better. The scan should run through the entire pipeline."
"Reporting format has no output, is cluttered and very long."
"The product should allow users to customize the report based on their needs."
"Online documentation can be improved to utilize all features of ZAP and API methods to make use in automation."
"It needs more robust reporting tools."
"They stopped their support for a short period. They've recently started to come back again. In the early days, support was much better."
"There isn't too much information about it online."
"The ability to search the internet for other use cases and to use the solution to make applications more secure should be addressed."
Kiuwan is ranked 16th in Static Application Security Testing (SAST) with 23 reviews while OWASP Zap is ranked 8th in Static Application Security Testing (SAST) with 37 reviews. Kiuwan is rated 8.6, while OWASP Zap is rated 7.6. The top reviewer of Kiuwan writes "Though a stable tool, the UI needs improvement". On the other hand, the top reviewer of OWASP Zap writes "Great for automating and testing and has tightened our security ". Kiuwan is most compared with SonarQube, Checkmarx One, Snyk, Veracode and SonarCloud, whereas OWASP Zap is most compared with SonarQube, Acunetix, Qualys Web Application Scanning, Veracode and PortSwigger Burp Suite Professional. See our Kiuwan vs. OWASP Zap report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.