We performed a comparison between HCL AppScan and Kiuwan based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."This is a stable solution."
"It highlights, with several grades of severity, the types of vulnerabilities, so we can focus on the most severe security vulnerabilities in the code."
"It was easy to set up."
"The solution is easy to install. I would rate the product's setup between six to seven out of ten. The deployment time depends on the applications that need to be scanned. We have a development and operations team to take care of the product's maintenance."
"The HCL AppScan turnaround time for Burp Suite or any new feature request is pretty good, and that is why we are sticking with the HCL."
"There's extensive functionality with custom rules and a custom knowledge base."
"We are now deploying less defects to production."
"It identifies all the URLs and domains on its own and then performs tests and provides the results."
"Lifecycle features, because they permit us to show non-technical people the risk and costs hidden into the code due to bad programming practices."
"I like that I can scan the code without sending it to the Kiuwan cloud. I can do it locally on my device. When the local analyzer finishes, the results display on the dashboard in the cloud. It's essential for security purposes to be able to scan my code locally."
"I find it immensely helpful because it's not just about generating code; it's about ensuring efficiency in the execution."
"I've found the reporting features the most helpful."
"The most valuable feature of the solution stems from the fact that it is quick when processing and giving an output or generating a report."
"Software analytics for a lot of different languages including ABAP."
"The solution has a continuous integration process."
"We use Kiuwan to locate the source of application vulnerabilities."
"Sometimes it doesn't work so well."
"The product has some technical limitations."
"We would like to see a check in the specific vulnerabilities in mobile applications or rooted devices, such as jailbreaking devices."
"Scans become slow on large websites."
"A desktop version should be added."
"IBM Security AppScan Source is rather hard to use."
"It has crashed at times."
"We have experienced challenges when trying to integrate this solution with other products. When you compare it with the other SecOps products, the quality of the output is too low. It is not a new-age product. It is very outdated."
"In Kiuwan there are sometimes duplicates found in the dependency scan under the "insights" tab. It's unclear to me why these duplicates are appearing, and it would be helpful if the application teams could investigate further."
"The configuration hasn't been that good."
"Integration of the programming tools could be improved."
"The next release should include more flexibility in the reporting."
"The QA developer and security could be improved."
"It could improve its scalability abilities."
"The solution seems to give us a lot of false positives. This could be improved quite a bit."
"DIfferent languages, such Spanish, Portuguese, and so on."
HCL AppScan is ranked 14th in Application Security Tools with 41 reviews while Kiuwan is ranked 22nd in Application Security Tools with 23 reviews. HCL AppScan is rated 7.8, while Kiuwan is rated 8.6. The top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". On the other hand, the top reviewer of Kiuwan writes "Though a stable tool, the UI needs improvement". HCL AppScan is most compared with SonarQube, Veracode, Acunetix, PortSwigger Burp Suite Professional and OWASP Zap, whereas Kiuwan is most compared with SonarQube, Checkmarx One, Snyk, Veracode and Fortify on Demand. See our HCL AppScan vs. Kiuwan report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.