We performed a comparison between Kiuwan and SonarQube based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature of the solution stems from the fact that it is quick when processing and giving an output or generating a report."
"The feature that I have found the most valuable in Kiuwan is the speed of scanning. Compared to other SaaS tools I have used, Kiuwan is much quicker in performing scans. I have not yet used it on a large code base, but from what I have experienced, it is efficient and accurate. Additionally, I have used it both manually and in an automated pipeline, and both methods have been effective. The speed of scanning is what makes it valuable to me."
"I have found the security and QA in the source code to be most valuable."
"I personally like the way it breaks down security vulnerabilities with LoC at first glance."
"It provides value by offering options to enhance both code quality and the security of the company."
"The solution has a continuous integration process."
"Software analytics for a lot of different languages including ABAP."
"I've tried many open source applications and the remediation or correction actions that were provided by Kiuwan were very good in comparison."
"I like that it has a better dashboard compared to Clockwork. It's also stable."
"We have worked with the support from SonarQube and we have had good experiences."
"I like the by-default policies that are they, as they seem to cover most of what I need."
"SonarQube is a fantastic tool which saves us precious time."
"I am only interested in the security features in SonarQube. There are plenty of features other features, such as test coverage, code anomalies, and pointer access are handled by the business logic teams. They get the reports and they have to fix them in JIRA or Bugzilla."
"We have the software metrics that SonarQube gives us, which is something we did not have before. This helps us work towards aiming coding standards to empower us to move in the direction of better code quality. SonarQube provides targets and metrics for that."
"The code coverage feature is very good."
"It helps our developers work more efficiently as we can identify things in a code prior to it being pushed to where it needs to go."
"The integration process could be improved. It'll also help if it could generate reports automatically. But I'm not sure about the effectiveness of the reports. This is because, in our last project, we still found some key issues that weren't captured by the Kiuwan report."
"The solution seems to give us a lot of false positives. This could be improved quite a bit."
"I would like to see better integration with Azure DevOps in the next release of this solution."
"The configuration hasn't been that good."
"I would like to see better integration with the Visual Studio and Eclipse IDEs."
"The development-to-delivery phase."
"The next release should include more flexibility in the reporting."
"The QA developer and security could be improved."
"Ease of use/interface."
"After scanning our code and generating a report, it would be helpful if SonarQube could also generate a solution to fix vulnerabilities in the report."
"The product's user documentation can be vastly improved."
"We could use some team support, but since we are using the community version, it's not available."
"The solution could improve by providing more advanced technologies."
"Monitoring is a feature that can be improved in the next version."
"This solution finds issues that are similar to what is found by Checkmarx, and it would be nice if the overlap could be eliminated."
"The BPM language is important and should be considered in SonarQube."
Kiuwan is ranked 22nd in Application Security Tools with 23 reviews while SonarQube is ranked 1st in Application Security Tools with 110 reviews. Kiuwan is rated 8.6, while SonarQube is rated 8.0. The top reviewer of Kiuwan writes "Though a stable tool, the UI needs improvement". On the other hand, the top reviewer of SonarQube writes "Easy to integrate and has a plug-in that supports both C and C++ languages". Kiuwan is most compared with Checkmarx One, Snyk, Veracode, Fortify on Demand and SonarCloud, whereas SonarQube is most compared with Checkmarx One, SonarCloud, Coverity, Veracode and Snyk. See our Kiuwan vs. SonarQube report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.