We performed a comparison between Kiuwan Insights and Veracode based on real PeerSpot user reviews.
Find out what your peers are saying about Veracode, Checkmarx, OpenText and others in Static Code Analysis."Can help in reducing the number of false positives."
"I have found the interface to be perfect."
"Veracode creates a list of issues. You can go through them one by one and click through to a new window with all the information about the issue discovered."
"The product provides guidance to develop secure software."
"There are quite a few features that are very reliable, like the newly launched Veracode Pipelines Scan, which is pretty awesome. It supports the synchronous pipeline pretty well. We been using it out of the Jira plugin, and that is fantastic."
"Their dashboard is really good, overall. In my opinion, it's one of the best in the market, and I say that because we have used other service providers."
"Veracode enables us to build a strong data security layer in our platforms. We can increase customer confidence in data security. Some PCI/HIPAA compliance issues were impossible to resolve without Veracode."
"Veracode's integration with our continuous integration solution is what I've found to be the most valuable feature. It is easy to connect the two and to run scans in an automated way without needing as much manual intervention."
"The developers' awareness of the security weaknesses within their code has improved. They aren't just mitigating these issues, they are realizing these are, in fact, issues that have to be dealt with."
"It has provided what we were looking for in such an application, meaning static application security testing functionality. That was what we were interested in."
"The solution is great, but improvement is needed in the number of lines of code allowed, that is the capacity. Pricing can be improved as well."
"The solution has issues detecting intrusive methods."
"There needs to be better API integration to the development team's pipeline, which is something that is missing and needs to be improved."
"The security labs integration has room for improvement."
"The GUI requires significant simplification, as its current complexity creates a steep learning curve for new users."
"The number of false positives could be reduced a lot. For each good result, we are getting somewhere around 15 to 20 false positives."
"Veracode does not support scans for .NET Blazor server applications."
"It could have better integration with our pipeline. If we could have better integration with our application pipeline, e.g., Jira, Bamboo, or Azure DevOps, then that will be very helpful. Right now, it is quite hard to integrate the solution into our existing pipeline."
"I would like to see them provide more content in the developer training section. This field is really changing each day and there are flaws that are detected each day. Some sort of regular updates to the learning would help."
"Veracode should provide more flexibility in its pricing and licensing modules so that it could be more affordable for all types of projects and not only for very active mission-critical projects."
Earn 20 points
Kiuwan Insights is ranked 12th in Static Code Analysis while Veracode is ranked 1st in Static Code Analysis with 194 reviews. Kiuwan Insights is rated 4.0, while Veracode is rated 8.2. The top reviewer of Kiuwan Insights writes "Protects problematic libraries; sorely lacking in customer services". On the other hand, the top reviewer of Veracode writes "Helps to reduce false positives and prevent vulnerable code from entering production, but does not support incremental scanning ". Kiuwan Insights is most compared with , whereas Veracode is most compared with SonarQube, Checkmarx One, Fortify on Demand, Snyk and OWASP Zap.
See our list of best Static Code Analysis vendors.
We monitor all Static Code Analysis reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.