We performed a comparison between Kiuwan and OWASP Zap based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I like that it provides a detailed report that lets you know the risk index and the vulnerability."
"Software analytics for a lot of different languages including ABAP."
"I have found the security and QA in the source code to be most valuable."
"It provides value by offering options to enhance both code quality and the security of the company."
"We use Kiuwan to locate the source of application vulnerabilities."
"The feature that I have found the most valuable in Kiuwan is the speed of scanning. Compared to other SaaS tools I have used, Kiuwan is much quicker in performing scans. I have not yet used it on a large code base, but from what I have experienced, it is efficient and accurate. Additionally, I have used it both manually and in an automated pipeline, and both methods have been effective. The speed of scanning is what makes it valuable to me."
"The solution has a continuous integration process."
"Lifecycle features, because they permit us to show non-technical people the risk and costs hidden into the code due to bad programming practices."
"Automatic updates and pull request analysis."
"This solution has improved my organization because it has made us feel safer doing frequent deployments for web applications. If we have something really big, we might get some professional company in to help us but if we're releasing small products, we will check it ourselves with Zap. It makes it easier and safer."
"It updates repositories and libraries quickly."
"Stability-wise, I rate the solution a nine out of ten. I think it's stable enough. I don't see any crashes within the application, so its stability is high."
"It can be used effectively for internal auditing."
"The interface is easy to use."
"The community edition updates services regularly. They add new vulnerabilities into the scanning list."
"The product helps users to scan and fix vulnerabilities in the pipeline."
"The next release should include more flexibility in the reporting."
"The development-to-delivery phase."
"The QA developer and security could be improved."
"Kiuwan's support has room for improvement. You can only open a ticket is through email, and the support team is outside of our country. They should have a support number or chat."
"The integration process could be improved. It'll also help if it could generate reports automatically. But I'm not sure about the effectiveness of the reports. This is because, in our last project, we still found some key issues that weren't captured by the Kiuwan report."
"The solution seems to give us a lot of false positives. This could be improved quite a bit."
"DIfferent languages, such Spanish, Portuguese, and so on."
"The product's UI has certain shortcomings, where improvements are required."
"Sometimes, we get some false positives."
"If there was an easier to understand exactly what has been checked and what has not been checked, it would make this solution better. We have to trust that it has checked all known vulnerabilities but it's a bit hard to see after the scanning."
"I would like to see a version of “repeater” within OWASP ZAP, a tool capable of sending from one to 1000 of the same requests, but with preselected modified fields, changing from a predetermined word list, or manually created."
"The port scanner is a little too slow."
"The documentation needs to be improved because I had to learn everything from watching YouTube videos."
"It needs more robust reporting tools."
"They stopped their support for a short period. They've recently started to come back again. In the early days, support was much better."
"OWASP Zap needs to extend to mobile application testing."
Kiuwan is ranked 16th in Static Application Security Testing (SAST) with 23 reviews while OWASP Zap is ranked 8th in Static Application Security Testing (SAST) with 37 reviews. Kiuwan is rated 8.6, while OWASP Zap is rated 7.6. The top reviewer of Kiuwan writes "Though a stable tool, the UI needs improvement". On the other hand, the top reviewer of OWASP Zap writes "Great for automating and testing and has tightened our security ". Kiuwan is most compared with SonarQube, Checkmarx One, Snyk, Veracode and SonarCloud, whereas OWASP Zap is most compared with SonarQube, Acunetix, Qualys Web Application Scanning, Veracode and PortSwigger Burp Suite Professional. See our Kiuwan vs. OWASP Zap report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.