We performed a comparison between Fortify on Demand and Kiuwan based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution is user-friendly. One feature I find very effective is the tool's automatic scanning capability. It scans replicas of the code developers write and automatically detects any vulnerabilities. The integration with CI/CD tools is also useful for plugins."
"One of the valuable features is the ability to submit your code and have it run in the background. Then, if something comes up that is more specific, you have the security analyst who can jump in and help, if needed."
"I don’t know of any other On-Demand enterprise solution like this one where we can load the details and within a few days, receive the results of intrusion attacks, and work with HP Security Experts when needed for clarification"
"Micro Focus WebInspect and Fortify code analysis tools are fully integrated with SSC portals and can instantly register to error tracking systems, like TFS and JIRA."
"Being able to reduce risk overall is a very valuable feature for us."
"We have the option to test applications with or without credentials."
"The scanning capabilities, particularly for our repositories, have been invaluable."
"Fortify on Demand can be scaled very easily."
"I've found the reporting features the most helpful."
"I like that I can scan the code without sending it to the Kiuwan cloud. I can do it locally on my device. When the local analyzer finishes, the results display on the dashboard in the cloud. It's essential for security purposes to be able to scan my code locally."
"We use Kiuwan to locate the source of application vulnerabilities."
"Lifecycle features, because they permit us to show non-technical people the risk and costs hidden into the code due to bad programming practices."
"I like that it provides a detailed report that lets you know the risk index and the vulnerability."
"The solution has a continuous integration process."
"The solution offers very good technical support."
"I find it immensely helpful because it's not just about generating code; it's about ensuring efficiency in the execution."
"We have some stability issues, but they are minimal."
"The Visual Studio plugin seems to hang when a scan is run on big projects. I would expect some improvements there."
"We typically do our bulk uploads of our scans with some automation at the end of the development cycle but the scanning can take a lot of time. If you were doing all of it at regular intervals it would still consume a lot of time. This could procedure could improve."
"In terms of communication, they can integrate a few more third-party tools. It would be great if we can have more options for microservice communication. They can also improve the securability a bit more because security is one of the biggest aspects these days when you are using the cloud. Some more security features would be really helpful."
"An improvement would be the ability to get vulnerabilities flowing automatically into another system."
".NET code scanning is still dependent on building the code base before running any scan. Also, it's dependent on an IDE such as Visual Studio."
"There's a bit of a learning curve. Our development team is struggling with following the rules and following the new processes."
"It would be highly beneficial if Fortify on Demand incorporated runtime analysis, similar to how Contrast Security utilizes agents for proactive application security."
"Kiuwan's support has room for improvement. You can only open a ticket is through email, and the support team is outside of our country. They should have a support number or chat."
"It would be beneficial to streamline calls and transitions seamlessly for improved functionality."
"Perhaps more languages supported."
"I would like to see better integration with the Visual Studio and Eclipse IDEs."
"DIfferent languages, such Spanish, Portuguese, and so on."
"I would like to see additional languages supported."
"The next release should include more flexibility in the reporting."
"The development-to-delivery phase."
Fortify on Demand is ranked 8th in Application Security Tools with 57 reviews while Kiuwan is ranked 22nd in Application Security Tools with 23 reviews. Fortify on Demand is rated 8.0, while Kiuwan is rated 8.6. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of Kiuwan writes "Though a stable tool, the UI needs improvement". Fortify on Demand is most compared with SonarQube, Veracode, Checkmarx One, Coverity and Fortify WebInspect, whereas Kiuwan is most compared with SonarQube, Checkmarx One, Snyk, Veracode and OWASP Zap. See our Fortify on Demand vs. Kiuwan report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
