We performed a comparison between GitLab and Klocwork based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The merging feature makes it easy later on for the deployment."
"The most valuable features of Gitlab are integration with CIE and the ability to rapidly deploy solutions, projects, and applications. It is very easy to use, and there are no complaints."
"Git hosting has an integration with ACD which is why we liked this solution in the first place."
"This product is always evolving, and they listen to the customers."
"CI/CD is very good. The version control system is also good. These are the two features that we use."
"The most valuable feature of GitLab is the automatic merging of code."
"GitLab offers a good interface for doing code reviews between two colleagues."
"The dashboard and interface make it easy to use."
"The most valuable feature of Klocwork is finding defects while you're doing the coding. For example, if you have an IDE plug-in of Klocwork on Visual Studio or Eclipse, you can find the faults; similar to using spell check on Word, you can find out defects during the development phase, which means that you don't have to wait till the development is over to find the flaws and address the deficiencies. I also find language support in Klocwork good because it used to support only C, C++, C#, and Java, but now, it also supports Java scripts and Python."
"I like not having to dig through false positives. Chasing down a false positive can take anywhere from five minutes for a small easy one, then something that is complicated and goes through a whole bunch of different class cases, and it can take up to 45 minutes to an hour to find out if it is a false positive or not."
"It's integrated into our CI, continuous integration."
"Technical support is quite good."
"On-the-fly analysis and incremental analysis are the best parts of Klocwork. Currently, we are using both of these features very effectively."
"The tool helps the team to think beforehand about corner cases or potential bugs that might arise in real-time."
"We like using the static analysis and code refactoring, which are very valuable because of our requirements to meet safety critical levels and reliability."
"Klocwork's most valuable feature is the static code analysis feature. It detects the potential problem earlier to allow the developer to receive feedback quickly and then address it before it becomes a problem."
"Reporting could be improved."
"We would like to generate document pages from the sources."
"GitLab can improve by integrating with more tools, such as servers with Docker."
"The solution does not have many built-in functions or variables so scripting is required."
"GitLab could improve the patch repository. It does not have support for Conan patch version regions. Additionally, better support for Kubernetes deployment is needed as part of the package."
"I would like to see better integration with project management tools such as Jira."
"I would like to see static analysis also embedded in GitLab. That would also help us. If there's something that it does internally by GitLab and then that is already tied up with your pipeline and then it can tell you that you're coding is good or your code is not great. Based on that, it would pass or fail. That should be streamlined. I would think that would help to a greater extent, in terms of having one solution rather than depending on multiple vendors."
"The solution could improve by providing more integration into the CI/CD pipeline, an autocomplete search tool, and more supporting documentation."
"This solution could be improved if they offered support of more languages including Ada and Golang. They currently only support seven languages."
"I would like to see better codes between projects and a more user-friendly desktop in the next release."
"Now the only issue we have is that whenever we need to get the code we have to build it first. Then we can get the report."
"Every update that we receive requires of us a lengthy and involved process."
"Under NIST cybersecurity standards, we must address vulnerabilities within a specified time after discovering them. When we try to propagate those updates and fixes through the system, it would be nice if the clients could reconnect to the existing server or have the server dynamically updated in some way. I know that isn't easy, but maybe processes could be enhanced to make that more streamlined from a DevOps perspective."
"The main problem is that since it only parses the code, the warnings or the problems that are given as a result of the report can sometimes require a lot of effort to analyze."
"We'd like to see integration with Agile DevOps and Agile methodologies."
"We bought Klocwork, but it was limited to one little program, but the program is now sort of failing. So, we have a license for usage on a program that is sort of failing, and we really can't use the license on anything else."
GitLab is ranked 7th in Application Security Tools with 68 reviews while Klocwork is ranked 19th in Application Security Tools with 20 reviews. GitLab is rated 8.6, while Klocwork is rated 8.0. The top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". On the other hand, the top reviewer of Klocwork writes "Their technical team helps us get the most out of the solution, but we've faced some stability problems in our environment". GitLab is most compared with Microsoft Azure DevOps, Bamboo, AWS CodePipeline, SonarQube and Tekton, whereas Klocwork is most compared with SonarQube, Coverity, Polyspace Code Prover and CodeSonar. See our GitLab vs. Klocwork report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.