We performed a comparison between Checkmarx One and Kiuwan based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We use the solution for dynamic application testing."
"The solution has good performance, it is able to compute in 10 to 15 minutes."
"I like that you don't have to compile the code in order to execute static code analysis. So, it's very handy."
"The only thing I like is that Checkmarx does not need to compile."
"The product's most valuable feature is static code and supply chain effect analysis. It provides a lot of visibility."
"Less false positive errors as compared to any other solution."
"Our static operation security has been able to identify more security issues since implementing this solution."
"We were using HPE Security Fortify to scan code for security vulnerabilities, but it can scan only after a successful compile. If the code has dependencies or build errors, the scan fails. With Checkmarx, pre-compile scanning is seamless. This allows us to scan more code."
"It provides value by offering options to enhance both code quality and the security of the company."
"We use Kiuwan to locate the source of application vulnerabilities."
"We are using this solution to increase the quality of our software and to test the vulnerabilities in our tools before the customers find them."
"I like that I can scan the code without sending it to the Kiuwan cloud. I can do it locally on my device. When the local analyzer finishes, the results display on the dashboard in the cloud. It's essential for security purposes to be able to scan my code locally."
"The solution offers very good technical support."
"I like that it provides a detailed report that lets you know the risk index and the vulnerability."
"Lifecycle features, because they permit us to show non-technical people the risk and costs hidden into the code due to bad programming practices."
"The most valuable feature is the time to resolution, where it tells you how long it is going to take to get to a zero-base or a five-star security rating."
"We can run only one project at a time."
"The validation process needs to be sped up."
"We have received some feedback from our customers who are receiving a large number of false positives."
"Checkmarx reports many false positives that we need to manually segregate and mark “Not exploitable”."
"It provides us with quite a handful of false positive issues. If Checkmarx could reduce this number, it would be a great tool to use."
"The plugins for the development environment have room for improvements such as for Android Studio and X code."
"Checkmarx is not good because it has too many false positive issues."
"Checkmarx could improve the REST APIs by including automation."
"Kiuwan's support has room for improvement. You can only open a ticket is through email, and the support team is outside of our country. They should have a support number or chat."
"In Kiuwan there are sometimes duplicates found in the dependency scan under the "insights" tab. It's unclear to me why these duplicates are appearing, and it would be helpful if the application teams could investigate further."
"I would like to see better integration with Azure DevOps in the next release of this solution."
"DIfferent languages, such Spanish, Portuguese, and so on."
"It would be beneficial to streamline calls and transitions seamlessly for improved functionality."
"The solution seems to give us a lot of false positives. This could be improved quite a bit."
"It could improve its scalability abilities."
"I would like to see additional languages supported."
Checkmarx One is ranked 3rd in Application Security Tools with 67 reviews while Kiuwan is ranked 22nd in Application Security Tools with 23 reviews. Checkmarx One is rated 7.6, while Kiuwan is rated 8.6. The top reviewer of Checkmarx One writes "The report function is a great, configurable asset but sometimes yields false positives". On the other hand, the top reviewer of Kiuwan writes "Though a stable tool, the UI needs improvement". Checkmarx One is most compared with SonarQube, Veracode, Fortify on Demand, Snyk and Coverity, whereas Kiuwan is most compared with SonarQube, Snyk, Veracode, Fortify on Demand and SonarCloud. See our Checkmarx One vs. Kiuwan report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.