We just raised a $30M Series A: Read our story
2019-07-07T06:35:00Z

What needs improvement with Kiuwan?

7

Please share with the community what you think needs improvement with Kiuwan.

What are its weaknesses? What would you like to see changed in a future version?

ITCS user
Guest
77 Answers

author avatar
Top 5Real User

When you do the download test, there is some part that remains there from the static test. When it comes to the configuration of this library, I've not sure that Kiuwan gives a real vulnerability assessment for a configuration. The configuration hasn't been that good. From a security perspective, we are looking into something in the middle between the static and the dynamic. There are many open-source tools that can generate perfect results. It's not as good as the quality as the Kiuwan or maybe the SonarQube, however, I'm sure it's really close, and it's also free We've had issues with technical support not being responsive enough. We also have had issues with the initial setup.

2021-09-16T14:42:59Z
author avatar
Top 20Real User

The integration process could be improved. It'll also help if it could generate reports automatically. But I'm not sure about the effectiveness of the reports. This is because, in our last project, we still found some key issues that weren't captured by the Kiuwan report.

2021-05-06T07:57:06Z
author avatar
Top 20Real User

I'm still working on learning all the specifics of the tool; it's quite new to me. The solution seems to give us a lot of false positives. This could be improved quite a bit. The rules could be more clear. They need to have more clarity in that respect. It would help make the solution easier to use.

2020-11-19T16:01:57Z
author avatar
Top 10Real User

Improvement could be made with the integration of the programming tools. The solution provides some integration tools but for now we're not using these tools very much because it's expensive and we don't get much return. In the future we might be more interested. They could also improve repositories in the solution. I also think the coding could be improved technically and include some features that could be valuable for enterprise companies.

2020-04-30T10:58:56Z
author avatar
Real User

The rate of false positives, where it reports issues that are not really issues, can be improved. Scanning of vulnerabilities on open-source projects is not particularly useful as it is. I would like to see better integration with Azure DevOps in the next release of this solution.

2019-09-05T05:37:00Z
author avatar
Top 10Real User

Better integration with code repositories is something that we will need. I would like to see better integration with the Visual Studio and Eclipse IDEs. It would be helpful to have better testing for vulnerabilities in mobile development.

2019-08-28T09:52:00Z
author avatar
Real User

I do not have a clear idea about what could be better. I feel like the general tool is pretty good. The next release should include more flexibility in the reporting.

2019-07-07T06:35:00Z
Find out what your peers are saying about Kiuwan, SonarSource, Veracode and others in Application Security. Updated: October 2021.
540,984 professionals have used our research since 2012.