We performed a comparison between Kiuwan and OWASP Zap based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Software analytics for a lot of different languages including ABAP."
"I find it immensely helpful because it's not just about generating code; it's about ensuring efficiency in the execution."
"I've found the reporting features the most helpful."
"I've tried many open source applications and the remediation or correction actions that were provided by Kiuwan were very good in comparison."
"The solution offers very good technical support."
"I have found the security and QA in the source code to be most valuable."
"I personally like the way it breaks down security vulnerabilities with LoC at first glance."
"It provides value by offering options to enhance both code quality and the security of the company."
"It can be used effectively for internal auditing."
"They offer free access to some other tools."
"It has improved my organization with faster security tests."
"The application scanning feature is the most valuable feature."
"Stability-wise, I rate the solution a nine out of ten. I think it's stable enough. I don't see any crashes within the application, so its stability is high."
"We use the solution for security testing."
"The solution is scalable."
"The solution has tightened our security."
"I would like to see better integration with Azure DevOps in the next release of this solution."
"The configuration hasn't been that good."
"Integration of the programming tools could be improved."
"In Kiuwan there are sometimes duplicates found in the dependency scan under the "insights" tab. It's unclear to me why these duplicates are appearing, and it would be helpful if the application teams could investigate further."
"It could improve its scalability abilities."
"Perhaps more languages supported."
"The integration process could be improved. It'll also help if it could generate reports automatically. But I'm not sure about the effectiveness of the reports. This is because, in our last project, we still found some key issues that weren't captured by the Kiuwan report."
"I would like to see better integration with the Visual Studio and Eclipse IDEs."
"There are too many false positives."
"Zap could improve by providing better reports for security and recommendations for the vulnerabilities."
"The work that it does in the limited scope is good, but the scope is very limited in terms of the scanning features. The number of things it tests or finds is limited. They need to make it a more of a mainstream tool that people can use, and they can even think about having it on a proprietary basis. They need to increase the coverage of the scan and the results that it finds. That has always been Zap's limitation. Zap is a very good tool for a beginner, but once you start moving up the ladder where you want further details and you want your scan to show more in-depth results, Zap falls short because its coverage falls short. It does not have the capacity to do more."
"Reporting format has no output, is cluttered and very long."
"As security evolves, we would like DevOps built into it. As of now, Zap does not provide this."
"Deployment is somewhat complicated."
"I would like to see a version of “repeater” within OWASP ZAP, a tool capable of sending from one to 1000 of the same requests, but with preselected modified fields, changing from a predetermined word list, or manually created."
"I prefer Burp Suite to SWASP Zap because of the extensive coverage it offers."
Kiuwan is ranked 16th in Static Application Security Testing (SAST) with 23 reviews while OWASP Zap is ranked 7th in Static Application Security Testing (SAST) with 37 reviews. Kiuwan is rated 8.6, while OWASP Zap is rated 7.6. The top reviewer of Kiuwan writes "Though a stable tool, the UI needs improvement". On the other hand, the top reviewer of OWASP Zap writes "Great for automating and testing and has tightened our security ". Kiuwan is most compared with SonarQube, Checkmarx One, Snyk, Veracode and SonarCloud, whereas OWASP Zap is most compared with SonarQube, Acunetix, Qualys Web Application Scanning, Veracode and PortSwigger Burp Suite Professional. See our Kiuwan vs. OWASP Zap report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.