Klocwork Room for Improvement

Bob Dean
Principle Engineer with 501-1,000 employees
It is not a panacea, because there is no tool that is a panacea. We bought Klocwork, but it was limited to one little program, but the program is now sort of failing. So, we have a license for usage on a program that is sort of failing, and we really can't use the license on anything else. It is a terrrible shame. Klocwork is still tight on their licensing. If Klocwork would loosen up on the licensing, and where the license could be used, and how many different programs could be run on it, then we have several development programs that I would love to be able to use it for going forward. I would like to have a tool developed by a vendor that picks out all of the NSA Juliet Test Suite cases, then is generous with the licensing. It might be expensive, but it is generous. Klocwork does have a problem with true positives. It only found 30% of true positives in the Juliet test case. View full review »
Sivanesh Waran
Sr. Software Solution Engineer at Meteonic Innovation Pvt Ltd at a tech services company with 11-50 employees
It would be nice to consider having more language support ability. Currently Klocwork supports C/C++, Java and C#, (Android*) View full review »
Ravi
Software Solutions Engineer at a tech services company with 11-50 employees
Not much as of now. But I am feeling Klocwork should support more number of languages like other static code analyzers do. Right now Klocwork has supportability available only to C, C++, Java, and C#. View full review »
Find out what your peers are saying about Rogue Wave, SonarQube, Synopsys and others in Application Security. Updated: October 2019.
373,262 professionals have used our research since 2012.
Ravi
Software Solutions Engineer at a tech services company with 11-50 employees
Nothing as of now. I hope that in each new release they add new features relating to the addition of checkers, improving their analysis engines etc. In the near future I will discuss additional features that need to be added. View full review »
Specialist677
Specialist at a non-tech company with 5,001-10,000 employees
Now the only issue we have is that whenever we need to get the code we have to build it first. Then we can get the report. Without building the source code we have to get the static code and the source code. That's what we are looking into. It would be better if they could provide a solution for this issue, regarding code building, when compiling the report. I would like to see a dashboard added to provide a clear look and feel. The dashboard would then supplement the users to enable them to get a quick view of the content, as long is it is clear. A presentational dashboard would be good. View full review »
Susant Bhuyan
.Net Developer at a tech vendor
Support for AUTOSAR C++14 by adding a new taxonomy that you can use to ensure compliance with the AUTOSAR C++14 Standard, release 18-03. View full review »
Aditya Palanki
Embedded Software Developer at a tech services company with 10,001+ employees
The way to define the rules is too complex. The definition/rules for static analysis could be automated according to various SILs, so as to avoid confusion. It should be semi-flexible. However, this may be due to my limited experience. View full review »
Prasad D
Senior H.R - DevOps & Infrastructure Recruitment Consultant
Nothing much as of now. I feel Klocwork is going in a great way. The one thing I personally feel is that Klocwork must increase their support to some other languages. View full review »
Find out what your peers are saying about Rogue Wave, SonarQube, Synopsys and others in Application Security. Updated: October 2019.
373,262 professionals have used our research since 2012.
Sign Up with Email