Most Helpful Review
Its ability to find security defects is valuable.
I like not having to dig through false positives. Chasing down a false positive can take anywhere from five minutes for a small easy one, then something that is complicated and goes through a whole bunch of different class cases, and it can take up to 45 minutes to an hour to find out if it is a false positive or not.
The ability to create custom checkers is a plus.
The tool helps the team to think beforehand about corner cases or potential bugs that might arise in real-time.
We like using the static analysis and code refactoring, which are very valuable because of our requirements to meet safety critical levels and reliability.
Support for older compilers/IDEs is lacking.
Klocwork does have a problem with true positives. It only found 30% of true positives in the Juliet test case.
We bought Klocwork, but it was limited to one little program, but the program is now sort of failing. So, we have a license for usage on a program that is sort of failing, and we really can't use the license on anything else.
I hope that in each new release they add new features relating to the addition of checkers, improving their analysis engines etc.
The way to define the rules is too complex. The definition/rules for static analysis could be automated according to various SILs, so as to avoid confusion.
Pricing and Cost Advice
Information Not Available
Klocwork is still tight on their licensing. If Klocwork would loosen up on the licensing, and where the license could be used, and how many different programs could be run on it, then we have several development programs that I would love to be able to use it for going forward.
Klocwork should not to be quite so heavy handed on the licensing for very specific programs.
The limitation that we have is that Klocwork is licensed to certain programs, and if you want to license them to other programs, you have to pay more money.
Compared 58% of the time.
Compared 16% of the time.
See more Fortify Application Defender competitors »
Compared 9% of the time.
Compared 44% of the time.
Compared 14% of the time.
See more Klocwork competitors »
Compared 10% of the time.
Also Known As
|Also Known As||HPE Fortify Application Defender, Micro Focus Fortify Application Defender|
|Website/Video||Micro Focus||Rogue Wave|
|Overview||Micro Focus Security Fortify Application Defender is a runtime application self-protection (RASP) solution that helps you manage and mitigate risk from homegrown or third-party applications. It provides centralized visibility into application use and abuse while protecting from software vulnerability exploits and other violations in real time.|
Klocwork detects security, safety, and reliability issues in real-time by using this static code analysis toolkit that works alongside developers, finding issues as early as possible, and integrates with teams, supporting continuous integration and actionable reporting.
Learn more about Fortify Application Defender
Learn more about Klocwork
Information Not Available
|ACCESS Co Ltd, Risk-AI, Winbond Electronics, Bristol-Myers Squibb Pharmaceutical Research Institute, University of Southern California, Alebra Technologies, SIMULIA, Risk Management Solutions, Brigham Young University, SRD, HRL|