We performed a comparison between Kiuwan and OWASP Zap based on real PeerSpot user reviews.
Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I like that it provides a detailed report that lets you know the risk index and the vulnerability."
"Software analytics for a lot of different languages including ABAP."
"I've found the reporting features the most helpful."
"The most valuable feature is the time to resolution, where it tells you how long it is going to take to get to a zero-base or a five-star security rating."
"We are using this solution to increase the quality of our software and to test the vulnerabilities in our tools before the customers find them."
"I personally like the way it breaks down security vulnerabilities with LoC at first glance."
"It provides value by offering options to enhance both code quality and the security of the company."
"I've tried many open source applications and the remediation or correction actions that were provided by Kiuwan were very good in comparison."
"We use the solution for security testing."
"ZAP is easy to use. The automated scan is a powerful feature. You can simulate attacks with various parameters. ZAP integrates well with SonarQube."
"They offer free access to some other tools."
"Fuzzer and Java APIs help a lot with our custom needs."
"The community edition updates services regularly. They add new vulnerabilities into the scanning list."
"Stability-wise, I rate the solution a nine out of ten. I think it's stable enough. I don't see any crashes within the application, so its stability is high."
"It has improved my organization with faster security tests."
"You can run it against multiple targets."
"The development-to-delivery phase."
"I would like to see better integration with the Visual Studio and Eclipse IDEs."
"The product's UI has certain shortcomings, where improvements are required."
"The QA developer and security could be improved."
"Perhaps more languages supported."
"The solution seems to give us a lot of false positives. This could be improved quite a bit."
"Integration of the programming tools could be improved."
"Kiuwan's support has room for improvement. You can only open a ticket is through email, and the support team is outside of our country. They should have a support number or chat."
"I'd like to see a kind of feature where we can just track what our last vulnerability was and how it has improved or not. More reports that can have some kind of base-lining, I think that would be a good feature too. I'm not sure whether it can be achieved and implement but I think that would really help."
"ZAP's integration with cloud-based CICD pipelines could be better. The scan should run through the entire pipeline."
"The documentation needs to be improved because I had to learn everything from watching YouTube videos."
"I would like to see a version of “repeater” within OWASP ZAP, a tool capable of sending from one to 1000 of the same requests, but with preselected modified fields, changing from a predetermined word list, or manually created."
"They stopped their support for a short period. They've recently started to come back again. In the early days, support was much better."
"The automated vulnerability assessments that the application performs needs to be simplified as well as diversified."
"Lacks resources where users can internally access a learning module from the tool."
"The reporting feature could be more descriptive."
Kiuwan is ranked 16th in Application Security Testing (AST) with 23 reviews while OWASP Zap is ranked 7th in Application Security Testing (AST) with 37 reviews. Kiuwan is rated 8.6, while OWASP Zap is rated 7.6. The top reviewer of Kiuwan writes "Though a stable tool, the UI needs improvement". On the other hand, the top reviewer of OWASP Zap writes "Great for automating and testing and has tightened our security ". Kiuwan is most compared with SonarQube, Checkmarx One, Snyk, Veracode and Mend.io, whereas OWASP Zap is most compared with SonarQube, Acunetix, Qualys Web Application Scanning, PortSwigger Burp Suite Professional and Veracode. See our Kiuwan vs. OWASP Zap report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.