I'm a product architect and belong to a classic management system team. We're a Klocwork customer. We have around 50-60 developers in the team and I'm involved in the utilization of the tool and I am familiar with its capability. We've just started using the latest version which is the first one that's compatible with .NET framework 4.7.2. The previous version was not fully compatible with Visual Studio 2017.
In our case, the use is for static code analysis for each baseline in order to see what kind of violation we have.
Parallel to that, we use the results and apply some refactoring in order to solve this violation. For us, the violation is considered the highest priority according to our risk assessment model.