We performed a comparison between Kiuwan and Veracode based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I like that it provides a detailed report that lets you know the risk index and the vulnerability."
"We are using this solution to increase the quality of our software and to test the vulnerabilities in our tools before the customers find them."
"The most valuable feature of the solution stems from the fact that it is quick when processing and giving an output or generating a report."
"We use Kiuwan to locate the source of application vulnerabilities."
"I like that I can scan the code without sending it to the Kiuwan cloud. I can do it locally on my device. When the local analyzer finishes, the results display on the dashboard in the cloud. It's essential for security purposes to be able to scan my code locally."
"I have found the security and QA in the source code to be most valuable."
"The feature that I have found the most valuable in Kiuwan is the speed of scanning. Compared to other SaaS tools I have used, Kiuwan is much quicker in performing scans. I have not yet used it on a large code base, but from what I have experienced, it is efficient and accurate. Additionally, I have used it both manually and in an automated pipeline, and both methods have been effective. The speed of scanning is what makes it valuable to me."
"I personally like the way it breaks down security vulnerabilities with LoC at first glance."
"We have such a wide variety of users for Veracode, including security champions, development leads, developers themselves, that the ease of use is really quite important, because we don't assume anything about what those people might already know, or need to know. It just makes it very useful for anyone who has to engage with it."
"The capability to identify vulnerable code is the most valuable feature of Veracode."
"Being able to scan our applications and identify all codes and defects is an extremely valuable feature."
"It has the ability to scale, and the fact that it doesn't produce a lot of false positives."
"It's hard to say that any single feature is the most essential. There are many errors and vulnerabilities in software today in the standard libraries for different vendors because. We don't need to reinvent the wheel every time because we're using standard libraries, and it's important to know that your security isn't compromised because you are using libraries with vulnerabilities."
"It's straightforward, and it does not require a lot of time. It's a straightforward platform that you can use for performing scans or mitigating issues. It has a very good user interface. FAQs are also helpful in case you are not familiar with it."
"Our development team use this solution for static code analysis and pen testing."
"The coverage of backdoors attacks on security that's the most valuable for my clients."
"The QA developer and security could be improved."
"It could improve its scalability abilities."
"I would like to see additional languages supported."
"Kiuwan's support has room for improvement. You can only open a ticket is through email, and the support team is outside of our country. They should have a support number or chat."
"The integration process could be improved. It'll also help if it could generate reports automatically. But I'm not sure about the effectiveness of the reports. This is because, in our last project, we still found some key issues that weren't captured by the Kiuwan report."
"It would be beneficial to streamline calls and transitions seamlessly for improved functionality."
"DIfferent languages, such Spanish, Portuguese, and so on."
"The next release should include more flexibility in the reporting."
"There are many times when their product goes to check my code and it dies, and I don't know why. I've contacted support and they're not really helpful with this particular problem. I go to the logs and I look at what I can but I can't tell why the check process has essentially just died in the middle of checking."
"Reporting. Some of the reporting features of Veracode do need improvement. They do not have the most robust access to data. That would be a bit more beneficial to a lot of our clients as well as our actual in-house staff. I've been talking to our program management at Veracode about that, and that is actually on their radar to have that improved, I think actually this year."
"I would ask Veracode to be a lot more engaged with the customer and set up live sessions where they force the customer to engage with Veracode's technical team. Veracode could show them a repo, how they should do things, this is what these results mean, here is a dashboard, here's the interpretation, here's where you find the results."
"From what we have seen of Veracode's SCA offering, it is just average."
"It would help to have more training for developers to help them set it up."
"We have approximately 900 people using the solution. The solution is scalable, but there is a high cost attached to it."
"It could be improved with support for more programming languages, like SQL."
"Because our application is large, it takes a long time to upload and scan."
Kiuwan is ranked 21st in Application Security Tools with 23 reviews while Veracode is ranked 2nd in Application Security Tools with 193 reviews. Kiuwan is rated 8.6, while Veracode is rated 8.2. The top reviewer of Kiuwan writes "Though a stable tool, the UI needs improvement". On the other hand, the top reviewer of Veracode writes "Helps to reduce false positives and prevent vulnerable code from entering production, but does not support incremental scanning ". Kiuwan is most compared with SonarQube, Checkmarx One, Snyk, Fortify on Demand and SonarCloud, whereas Veracode is most compared with SonarQube, Checkmarx One, Snyk, Fortify on Demand and OWASP Zap. See our Kiuwan vs. Veracode report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.