We performed a comparison between Kiuwan and OWASP Zap based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution has a continuous integration process."
"We are using this solution to increase the quality of our software and to test the vulnerabilities in our tools before the customers find them."
"Lifecycle features, because they permit us to show non-technical people the risk and costs hidden into the code due to bad programming practices."
"The feature that I have found the most valuable in Kiuwan is the speed of scanning. Compared to other SaaS tools I have used, Kiuwan is much quicker in performing scans. I have not yet used it on a large code base, but from what I have experienced, it is efficient and accurate. Additionally, I have used it both manually and in an automated pipeline, and both methods have been effective. The speed of scanning is what makes it valuable to me."
"I've found the reporting features the most helpful."
"I find it immensely helpful because it's not just about generating code; it's about ensuring efficiency in the execution."
"I personally like the way it breaks down security vulnerabilities with LoC at first glance."
"We use Kiuwan to locate the source of application vulnerabilities."
"The interface is easy to use."
"The solution has tightened our security."
"The community edition updates services regularly. They add new vulnerabilities into the scanning list."
"It's great that we can use it with Portswigger Burp."
"The OWASP's tool is free of cost, which gives it a great advantage, especially for smaller companies to make use of the tool."
"It has improved my organization with faster security tests."
"Two features are valuable. The first one is that the scan gets completed really quickly, and the second one is that even though it searches in a limited scope, what it does in that limited scope is very good. When you use Zap for testing, you're only using it for specific aspects or you're only looking for certain things. It works very well in that limited scope."
"Fuzzer and Java APIs help a lot with our custom needs."
"It could improve its scalability abilities."
"The integration process could be improved. It'll also help if it could generate reports automatically. But I'm not sure about the effectiveness of the reports. This is because, in our last project, we still found some key issues that weren't captured by the Kiuwan report."
"The configuration hasn't been that good."
"It would be beneficial to streamline calls and transitions seamlessly for improved functionality."
"The QA developer and security could be improved."
"Perhaps more languages supported."
"The development-to-delivery phase."
"The product's UI has certain shortcomings, where improvements are required."
"I prefer Burp Suite to SWASP Zap because of the extensive coverage it offers."
"The reporting feature could be more descriptive."
"The documentation is lacking and out-of-date, it really needs more love."
"ZAP's integration with cloud-based CICD pipelines could be better. The scan should run through the entire pipeline."
"It would be a great improvement if they could include a marketplace to add extra features to the tool."
"It would be ideal if I could try some pre-built deployment scenarios so that I don't have to worry about whether the configuration sector team is doing it right or wrong. That would be very helpful."
"If there was an easier to understand exactly what has been checked and what has not been checked, it would make this solution better. We have to trust that it has checked all known vulnerabilities but it's a bit hard to see after the scanning."
"It would be beneficial to enhance the algorithm to provide better summaries of automatic scanning results."
Kiuwan is ranked 16th in Static Application Security Testing (SAST) with 23 reviews while OWASP Zap is ranked 7th in Static Application Security Testing (SAST) with 37 reviews. Kiuwan is rated 8.6, while OWASP Zap is rated 7.6. The top reviewer of Kiuwan writes "Though a stable tool, the UI needs improvement". On the other hand, the top reviewer of OWASP Zap writes "Great for automating and testing and has tightened our security ". Kiuwan is most compared with SonarQube, Checkmarx One, Snyk, Veracode and SonarCloud, whereas OWASP Zap is most compared with SonarQube, Acunetix, Qualys Web Application Scanning, Veracode and PortSwigger Burp Suite Professional. See our Kiuwan vs. OWASP Zap report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.