We performed a comparison between Kiuwan and OWASP Zap based on real PeerSpot user reviews.
Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I personally like the way it breaks down security vulnerabilities with LoC at first glance."
"I've tried many open source applications and the remediation or correction actions that were provided by Kiuwan were very good in comparison."
"The most valuable feature is the time to resolution, where it tells you how long it is going to take to get to a zero-base or a five-star security rating."
"We use Kiuwan to locate the source of application vulnerabilities."
"I find it immensely helpful because it's not just about generating code; it's about ensuring efficiency in the execution."
"The solution offers very good technical support."
"The most valuable feature of the solution stems from the fact that it is quick when processing and giving an output or generating a report."
"I like that I can scan the code without sending it to the Kiuwan cloud. I can do it locally on my device. When the local analyzer finishes, the results display on the dashboard in the cloud. It's essential for security purposes to be able to scan my code locally."
"The scalability of this product is very good."
"The product discovers more vulnerabilities compared to other tools."
"The community edition updates services regularly. They add new vulnerabilities into the scanning list."
"The interface is easy to use."
"The vulnerabilities that it finds, because the primary goal is to secure applications and websites."
"Automatic updates and pull request analysis."
"Stability-wise, I rate the solution a nine out of ten. I think it's stable enough. I don't see any crashes within the application, so its stability is high."
"The OWASP's tool is free of cost, which gives it a great advantage, especially for smaller companies to make use of the tool."
"The integration process could be improved. It'll also help if it could generate reports automatically. But I'm not sure about the effectiveness of the reports. This is because, in our last project, we still found some key issues that weren't captured by the Kiuwan report."
"The solution seems to give us a lot of false positives. This could be improved quite a bit."
"I would like to see better integration with the Visual Studio and Eclipse IDEs."
"I would like to see better integration with Azure DevOps in the next release of this solution."
"The QA developer and security could be improved."
"The product's UI has certain shortcomings, where improvements are required."
"I would like to see additional languages supported."
"In Kiuwan there are sometimes duplicates found in the dependency scan under the "insights" tab. It's unclear to me why these duplicates are appearing, and it would be helpful if the application teams could investigate further."
"The solution is unable to customize reports."
"The documentation needs to be improved because I had to learn everything from watching YouTube videos."
"The product reporting could be improved."
"The forced browse has been incorporated into the program and it is resource-intensive."
"Too many false positives; test reports could be improved."
"The port scanner is a little too slow."
"OWASP Zap needs to extend to mobile application testing."
"I prefer Burp Suite to SWASP Zap because of the extensive coverage it offers."
Kiuwan is ranked 16th in Application Security Testing (AST) with 23 reviews while OWASP Zap is ranked 8th in Application Security Testing (AST) with 37 reviews. Kiuwan is rated 8.6, while OWASP Zap is rated 7.6. The top reviewer of Kiuwan writes "Though a stable tool, the UI needs improvement". On the other hand, the top reviewer of OWASP Zap writes "Great for automating and testing and has tightened our security ". Kiuwan is most compared with SonarQube, Checkmarx One, Veracode, Snyk and Mend.io, whereas OWASP Zap is most compared with SonarQube, Acunetix, PortSwigger Burp Suite Professional, Qualys Web Application Scanning and Veracode. See our Kiuwan vs. OWASP Zap report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
