We performed a comparison between Fortify on Demand and Kiuwan based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."One of the valuable features is the ability to submit your code and have it run in the background. Then, if something comes up that is more specific, you have the security analyst who can jump in and help, if needed."
"We have the option to test applications with or without credentials."
"There is not only one specific feature that we find valuable. The idea is to integrate the solution in DevSecOps which we were able to do."
"It helps deploy and track changes easily as per time-to-time market upgrades."
"The user interface is good."
"The SAST feature is the most valuable."
"The most valuable feature is the capacity to be able to check vulnerabilities during the development process. The development team can check whether the code they are using is vulnerable to some type of attack or there is some type of vulnerability so that they can mitigate it. It helps us in achieving a more secure approach towards internal applications. It is an intuitive solution. It gives all the information that a developer needs to remediate a vulnerability in the coding process. It also gives you some examples of how to remediate a vulnerability in different programming languages. This solution is pretty much what we were searching for."
"One of the top features is the source code review for vulnerabilities. When we look at source code, it's hard to see where areas may be weak in terms of security, and Fortify on Demand's source code review helps with that."
"We are using this solution to increase the quality of our software and to test the vulnerabilities in our tools before the customers find them."
"The most valuable feature is the time to resolution, where it tells you how long it is going to take to get to a zero-base or a five-star security rating."
"I have found the security and QA in the source code to be most valuable."
"I've found the reporting features the most helpful."
"I find it immensely helpful because it's not just about generating code; it's about ensuring efficiency in the execution."
"I like that I can scan the code without sending it to the Kiuwan cloud. I can do it locally on my device. When the local analyzer finishes, the results display on the dashboard in the cloud. It's essential for security purposes to be able to scan my code locally."
"We use Kiuwan to locate the source of application vulnerabilities."
"Software analytics for a lot of different languages including ABAP."
"There were some regulated compliances, which were not there."
"There's a bit of a learning curve. Our development team is struggling with following the rules and following the new processes."
"It lacks of some important features that the competitors have, such as Software Composition Analysis, full dead code detection, and Agile Alliance's Best Practices and Technical Debt."
"The products must provide better integration with build tools."
"New technologies and DevOps could be improved. Fortify on Demand can be slow (slower than other vendors) to support new technologies or new software versions."
"If you have a continuous integration in place, for example, and you want it to run along with your build and you want it to be fast, you're not going to get it. It adds to your development time."
"Integration to CI/CD pipelines could be improved. The reporting format could be more user friendly so that it is easy to read."
"During development, when our developer makes changes to their code, they typically use GitHub or GitLab to track those changes. However, proper integration between Fortify on Demand and GitHub and GitLab is not there yet. Improved integration would be very valuable to us."
"The development-to-delivery phase."
"The solution seems to give us a lot of false positives. This could be improved quite a bit."
"I would like to see better integration with the Visual Studio and Eclipse IDEs."
"I would like to see additional languages supported."
"DIfferent languages, such Spanish, Portuguese, and so on."
"The product's UI has certain shortcomings, where improvements are required."
"The configuration hasn't been that good."
"I would like to see better integration with Azure DevOps in the next release of this solution."
Fortify on Demand is ranked 10th in Application Security Tools with 57 reviews while Kiuwan is ranked 22nd in Application Security Tools with 23 reviews. Fortify on Demand is rated 8.0, while Kiuwan is rated 8.6. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of Kiuwan writes "Though a stable tool, the UI needs improvement". Fortify on Demand is most compared with SonarQube, Veracode, Checkmarx One, Coverity and Fortify WebInspect, whereas Kiuwan is most compared with SonarQube, Checkmarx One, Snyk, Veracode and OWASP Zap. See our Fortify on Demand vs. Kiuwan report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.