We performed a comparison between Kiuwan and SonarQube based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We use Kiuwan to locate the source of application vulnerabilities."
"The solution offers very good technical support."
"The solution has a continuous integration process."
"I've tried many open source applications and the remediation or correction actions that were provided by Kiuwan were very good in comparison."
"It provides value by offering options to enhance both code quality and the security of the company."
"I have found the security and QA in the source code to be most valuable."
"I find it immensely helpful because it's not just about generating code; it's about ensuring efficiency in the execution."
"I like that it provides a detailed report that lets you know the risk index and the vulnerability."
"My focus is mainly on the DevOps pipeline side of things, and from my perspective, the ease of use and configuration is valuable. It is pretty straightforward to take a deployment pipeline or CI/CD pipeline and integrate SonarQube into it."
"The stability is good."
"This solution has helped with the integration and building of our CICD pipeline."
"SonarQube: Recording of issues over a period of time, with an indication of the addition in the new issues or the reduction of existing issues (which were fixed)."
"The most valuable features are code scanning and Quality Gates."
"We've configured it to run on each commit, providing feedback on our software quality. ]"
"I like that it has a better dashboard compared to Clockwork. It's also stable."
"Before you even compile, it can catch known vulnerability issues or patterns."
"The product's UI has certain shortcomings, where improvements are required."
"I would like to see better integration with the Visual Studio and Eclipse IDEs."
"DIfferent languages, such Spanish, Portuguese, and so on."
"It could improve its scalability abilities."
"It would be beneficial to streamline calls and transitions seamlessly for improved functionality."
"I would like to see better integration with Azure DevOps in the next release of this solution."
"In Kiuwan there are sometimes duplicates found in the dependency scan under the "insights" tab. It's unclear to me why these duplicates are appearing, and it would be helpful if the application teams could investigate further."
"The configuration hasn't been that good."
"There are sometimes security breaches in our code, which aren't be caught by SonarQube. In the security area, SonarCube has to improve. It needs to better compete with other products."
"It would be a great add-on if SonarQube could update its database for vulnerabilities or plugging parts."
"The product must improve security analysis."
"I find it is light on the security side."
"There could be better integration with other products."
"Ease of use/interface."
"In terms of what can be improved, the areas that need more attention in the solution are its architecture and development."
"The learning curve can be fairly steep at first, but then, it's not an entry-level type of application. It's not like an introduction to C programming. You should know not just C programming and how to make projects but also how to apply its findings to the bigger picture. I've had users who said that they wish it was easier to understand how to configure, but I don't know if that's doable because what it's doing is a very complicated thing. I don't know if it is possible to make a complicated thing trivially simple."
Kiuwan is ranked 22nd in Application Security Tools with 23 reviews while SonarQube is ranked 1st in Application Security Tools with 110 reviews. Kiuwan is rated 8.6, while SonarQube is rated 8.0. The top reviewer of Kiuwan writes "Though a stable tool, the UI needs improvement". On the other hand, the top reviewer of SonarQube writes "Easy to integrate and has a plug-in that supports both C and C++ languages". Kiuwan is most compared with Checkmarx One, Snyk, Veracode, Fortify on Demand and SonarCloud, whereas SonarQube is most compared with Checkmarx One, SonarCloud, Coverity, Veracode and Snyk. See our Kiuwan vs. SonarQube report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.