We performed a comparison between Kiuwan and Mend.io based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I find it immensely helpful because it's not just about generating code; it's about ensuring efficiency in the execution."
"I personally like the way it breaks down security vulnerabilities with LoC at first glance."
"The solution offers very good technical support."
"I like that I can scan the code without sending it to the Kiuwan cloud. I can do it locally on my device. When the local analyzer finishes, the results display on the dashboard in the cloud. It's essential for security purposes to be able to scan my code locally."
"The most valuable feature of the solution stems from the fact that it is quick when processing and giving an output or generating a report."
"Software analytics for a lot of different languages including ABAP."
"The feature that I have found the most valuable in Kiuwan is the speed of scanning. Compared to other SaaS tools I have used, Kiuwan is much quicker in performing scans. I have not yet used it on a large code base, but from what I have experienced, it is efficient and accurate. Additionally, I have used it both manually and in an automated pipeline, and both methods have been effective. The speed of scanning is what makes it valuable to me."
"The most valuable feature is the time to resolution, where it tells you how long it is going to take to get to a zero-base or a five-star security rating."
"The best feature is that the Mend R&D team does their due diligence for all the vulnerabilities. In case they observe any important or critical vulnerabilities, such as the Log4j-related vulnerability, we usually get a dedicated email from our R&D team saying that this particular vulnerability has been exploited in the world, and we should definitely check our project for this and take corrective actions."
"The solution boasts a broad range of features and covers much of what an ideal SCA tool should."
"We set the solution up and enabled it and we had everything running pretty quickly."
"The dashboard view and the management view are most valuable."
"What is very nice is that the product is very easy to set up. When you want to implement Mend.io, it just takes a few minutes to create your organization, create your products, and scan them. It's really convenient to have Mend scanning your products in less than one hour."
"For us, the most valuable tool was open-source licensing analysis."
"The most valuable feature is the unified JAR to scan for all langs (wss-scanner jar)."
"Enables scanning/collecting third-party libraries and classifying license types. In this way we ensure our third-party software policy is followed."
"DIfferent languages, such Spanish, Portuguese, and so on."
"The QA developer and security could be improved."
"In Kiuwan there are sometimes duplicates found in the dependency scan under the "insights" tab. It's unclear to me why these duplicates are appearing, and it would be helpful if the application teams could investigate further."
"The development-to-delivery phase."
"It would be beneficial to streamline calls and transitions seamlessly for improved functionality."
"I would like to see better integration with the Visual Studio and Eclipse IDEs."
"The product's UI has certain shortcomings, where improvements are required."
"It could improve its scalability abilities."
"If anything, I would spend more time making this more user-friendly, better documenting the CLI, and adding more examples to help expand the current documentation."
"The only thing that I don't find support for on Mend Prioritize is C++."
"The dashboard UI and UX are problematic."
"The UI can be slow once in a while, and we're not sure if it's because of the amount of data we have, or it is just a slow product, but it would be nice if it could be improved."
"I rated the solution an eight out of ten because WhiteSource hasn't built in a couple of features that we would have loved to use and they say they're on their roadmap. I'm hoping that they'll be able to build and deliver in 2022."
"Mend supports most of the common package managers, but it doesn't support some that we use. I would appreciate it if they can quickly make these changes to add new package managers when necessary."
"We have ended our relationship with WhiteSource. We were using an agent that we built in the pipeline so that you can scan the projects during build time. But unfortunately, that agent didn't work at all. We have more than 500 projects, and it doubled or tripled the build time. For other projects, we had the failure of the builds without any known reason. It was not usable at all. We spent maybe one year working on the issues to try to make it work, but it didn't in the end. We should be able to integrate it with ID and Shift Left so that the developers are able to see the scan results without waiting for the build to fail."
"I would like to see the static analysis included with the open-source version."
Kiuwan is ranked 22nd in Application Security Tools with 23 reviews while Mend.io is ranked 13th in Application Security Tools with 29 reviews. Kiuwan is rated 8.6, while Mend.io is rated 8.4. The top reviewer of Kiuwan writes "Though a stable tool, the UI needs improvement". On the other hand, the top reviewer of Mend.io writes "Easy to use, great for finding vulnerabilities, and simple to set up". Kiuwan is most compared with SonarQube, Checkmarx One, Snyk and Veracode, whereas Mend.io is most compared with SonarQube, Black Duck, Veracode, Snyk and Checkmarx One. See our Kiuwan vs. Mend.io report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.