We performed a comparison between Kiuwan and Veracode based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I've found the reporting features the most helpful."
"We are using this solution to increase the quality of our software and to test the vulnerabilities in our tools before the customers find them."
"I've tried many open source applications and the remediation or correction actions that were provided by Kiuwan were very good in comparison."
"I have found the security and QA in the source code to be most valuable."
"The most valuable feature of the solution stems from the fact that it is quick when processing and giving an output or generating a report."
"The most valuable feature is the time to resolution, where it tells you how long it is going to take to get to a zero-base or a five-star security rating."
"I like that I can scan the code without sending it to the Kiuwan cloud. I can do it locally on my device. When the local analyzer finishes, the results display on the dashboard in the cloud. It's essential for security purposes to be able to scan my code locally."
"It provides value by offering options to enhance both code quality and the security of the company."
"Veracode is very easy to use."
"The pricing is worth it."
"Regarding Software Composition Analysis, an exceptional feature is that during a SAST scan, SCA is seamlessly conducted in the background."
"One thing that I like about Veracode is that it is quite a good tool for dynamic application testing."
"I like the sandbox, the ability to upload compiled code, and how easy it is."
"Integrations into our developer's IDE (Greenlight) and the DevOps Pipeline SAST / SourceClear Integrations has particularly increased our time to market and confidence."
"Veracode's integration with our continuous integration solution is what I've found to be the most valuable feature. It is easy to connect the two and to run scans in an automated way without needing as much manual intervention."
"Because it is a SaaS offering, I do not have to support the infrastructure."
"I would like to see additional languages supported."
"Integration of the programming tools could be improved."
"The QA developer and security could be improved."
"Perhaps more languages supported."
"The solution seems to give us a lot of false positives. This could be improved quite a bit."
"In Kiuwan there are sometimes duplicates found in the dependency scan under the "insights" tab. It's unclear to me why these duplicates are appearing, and it would be helpful if the application teams could investigate further."
"It would be beneficial to streamline calls and transitions seamlessly for improved functionality."
"The integration process could be improved. It'll also help if it could generate reports automatically. But I'm not sure about the effectiveness of the reports. This is because, in our last project, we still found some key issues that weren't captured by the Kiuwan report."
"The ideal situation in terms of putting the results in front of the developers would be with Veracode integration into the developer environment (IDE). They do have a plugin, which we've used in the past, but we were not as positive about it."
"One feature I would like would be more selectivity in email alerts. While I like getting these, I would like to be able to be more granular in which ones I receive."
"The training lab is not very user-friendly and takes a long time to set up."
"Calypso (our application) is large and the results take up to two months. Further, we also have to package Calypso in a special manner to meet size guidelines."
"We have some constraints interacting with Veracode self-support. I'm not talking about their technical support. I'm talking about self-support. We sometimes have a hard time communicating with them."
"I think for us the biggest improvement would be to have an indicator when there's something wrong with a scan."
"The overall reporting structure is complicated, and it's difficult to understand the report."
"The negative that I found is that it has a subscription-based model."
Kiuwan is ranked 21st in Application Security Tools with 23 reviews while Veracode is ranked 2nd in Application Security Tools with 194 reviews. Kiuwan is rated 8.6, while Veracode is rated 8.2. The top reviewer of Kiuwan writes "Though a stable tool, the UI needs improvement". On the other hand, the top reviewer of Veracode writes "Helps to reduce false positives and prevent vulnerable code from entering production, but does not support incremental scanning ". Kiuwan is most compared with SonarQube, Checkmarx One, Snyk, Fortify on Demand and SonarCloud, whereas Veracode is most compared with SonarQube, Checkmarx One, Snyk, Fortify on Demand and OWASP Zap. See our Kiuwan vs. Veracode report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.