We performed a comparison between Snyk and Kiuwan based on our users’ reviews in four categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Based on the parameters we compared, Snyk comes out ahead of Kiuwan. Kiuwan has difficulties with the initial setup and installation, which may deter some potential users. Also, there is no phone or chat support available.
"We use Kiuwan to locate the source of application vulnerabilities."
"The solution has a continuous integration process."
"The most valuable feature of the solution stems from the fact that it is quick when processing and giving an output or generating a report."
"I've found the reporting features the most helpful."
"The feature that I have found the most valuable in Kiuwan is the speed of scanning. Compared to other SaaS tools I have used, Kiuwan is much quicker in performing scans. I have not yet used it on a large code base, but from what I have experienced, it is efficient and accurate. Additionally, I have used it both manually and in an automated pipeline, and both methods have been effective. The speed of scanning is what makes it valuable to me."
"I've tried many open source applications and the remediation or correction actions that were provided by Kiuwan were very good in comparison."
"Lifecycle features, because they permit us to show non-technical people the risk and costs hidden into the code due to bad programming practices."
"I personally like the way it breaks down security vulnerabilities with LoC at first glance."
"It is a stable solution. Stability-wise, I rate the solution a ten out of ten."
"Our overall security has improved. We are running fewer severities and vulnerabilities in our packages. We fixed a lot of the vulnerabilities that we didn't know were there."
"Snyk helps me pinpoint security errors in my code."
"The most valuable features of Snyk are vulnerability scanning and automation. The automation the solution brings around vulnerability scanning is useful."
"The most valuable features are their GitLab and JIRA integrations. The GitLab integration lets us pull projects in pretty easily, so that it's pretty minimal for developers to get it set up. Using the JIRA integration, it's also pretty easy to get the information that is generated, as a result of that GitLab integration, back to our teams in a non-intrusive way and in a workflow that we are already using."
"The dependency checks of the libraries are very valuable, but the licensing part is also very important because, with open source components, licensing can be all over the place. Our project is not an open source project, but we do use quite a lot of open source components and we want to make sure that we don't have surprises in there."
"The most valuable feature of Snyk is the software composition analysis."
"I am impressed with the product's security vulnerability detection. My peers in security are praising the tool for its accuracy to detect security vulnerabilities. The product is very easy to onboard. It doesn't require a lot of preparation or prerequisites. It's a bit of a plug-and-play as long as you're using a package manager or for example, you are using a GitHub repository. And that is an advantage for this tool because developers don't want to add more tools to what they're currently using."
"The next release should include more flexibility in the reporting."
"I would like to see better integration with the Visual Studio and Eclipse IDEs."
"I would like to see better integration with Azure DevOps in the next release of this solution."
"It would be beneficial to streamline calls and transitions seamlessly for improved functionality."
"The solution seems to give us a lot of false positives. This could be improved quite a bit."
"The QA developer and security could be improved."
"Kiuwan's support has room for improvement. You can only open a ticket is through email, and the support team is outside of our country. They should have a support number or chat."
"I would like to see additional languages supported."
"I would like to give further ability to grouping code repositories, in such a way that you could group them by the teams that own them, then produce alerting to those teams. The way that we are seeing it right now, the alerting only goes to a couple of places. I wish we could configure the code to go to different places."
"A feature we would like to see is the ability to archive and store historical data, without actually deleting it. It's a problem because it throws my numbers off. When I'm looking at the dashboard's current vulnerabilities, it's not accurate."
"We were using Microsoft Docker images. It was reporting some vulnerabilities, but we were not able to figure out the fix for them. It was reporting some vulnerabilities in the Docker images given by Microsoft, which were out of our control. That was the only limitation. Otherwise, it was good."
"There is always more work to do around managing the volume of information when you've got thousands of vulnerabilities. Trying to get those down to zero is virtually impossible, either through ignoring them all or through fixing them. That filtering or information management is always going to be something that can be improved."
"The documentation sometimes is not relevant. It does not cover the latest updates, scanning, and configurations. The documentation for some things is wrong and does not cover some configuration scannings for the multiple project settings."
"We use Bamboo for CI.CD, and we had problems integrating Snyk with it. Ultimately, we got the two solutions to work together, but it was difficult."
"Generating reports and visibility through reports are definitely things they can do better."
"The product is very expensive."
Kiuwan is ranked 22nd in Application Security Tools with 23 reviews while Snyk is ranked 4th in Application Security Tools with 41 reviews. Kiuwan is rated 8.6, while Snyk is rated 8.2. The top reviewer of Kiuwan writes "Though a stable tool, the UI needs improvement". On the other hand, the top reviewer of Snyk writes "Performs software composition analysis (SCA) similar to other expensive tools". Kiuwan is most compared with SonarQube, Checkmarx One, Veracode, Fortify on Demand and SonarCloud, whereas Snyk is most compared with SonarQube, Black Duck, GitHub Advanced Security, Fortify Static Code Analyzer and Veracode. See our Kiuwan vs. Snyk report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.