CAST Highlight vs Klocwork comparison

The compared CAST and Perforce solutions aren't in the same category. CAST is ranked #16 in SCA , with an average rating of 7.5, and holds a 0.9% mindshare in the category. Perforce is ranked #22 in AS , with an average rating of 8.3, and holds a 1.4% mindshare. Additionally, 85% of CAST users are willing to recommend the solution, compared to 92% of Perforce users who would recommend it.

CAST Highlight

Read 7 CAST Highlight reviews

453 Views
327 Comparison Views

85% willing to recommend

Klocwork

Read 22 Klocwork reviews

2,839 Views
1,691 Comparison Views

92% willing to recommend

CAST Highlight

Klocwork

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between CAST Highlight and Klocwork based on real PeerSpot user reviews.

Find out in this report how the two Software Composition Analysis (SCA) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed CAST Highlight vs. Klocwork Report (Updated: September 2022).

Buyer's Guide

CAST Highlight vs. Klocwork

September 2022

Download the complete report

Helped 838,713 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

CAST Highlight

Average Rating

7.8

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Software Composition Analysis (SCA) (16th)

Klocwork

Average Rating

8.2

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Application Security Tools (22nd), Static Application Security Testing (SAST) (15th), Static Code Analysis (5th)

Mindshare comparison

While both are Security Software solutions, they serve different purposes. CAST Highlight is designed for Software Composition Analysis (SCA) and holds a mindshare of 0.9%, up 0.9% compared to last year.
Klocwork, on the other hand, focuses on Application Security Tools, holds 1.4% mindshare, down 1.5% since last year.

Software Composition Analysis (SCA)

Application Security Tools

Featured Reviews

Jayanti Rode

Technical Associate Manager at Accenture

Identifies migration blockers and boosters while facing challenges with platform-specific roadblocks

The solution provides agnostic blockers for platforms as well as for containerization. Within that containerization, it offers generic blockers. However, my project might require it to provide Windows-specific blockers or Linux-specific blockers, as I often work with only one platform at a time. If I received categorization in containerization blockers, it would save time. Understanding only the OS-specific blockers means I would avoid resolving irrelevant issues, thus saving time. Initially, I receive a response from support, however, if there is involvement from R&D or other teams, it may take longer than expected. The support team is challenging when sharing source code. As this is a static code analysis tool, it sometimes requires source code for R&D. However, CAST clients may be restricted from sharing due to business logic and nondisclosure agreements. This creates a challenge, and I may have to share pseudo code or seek client approval, risking escalation.

Read full review

AnirbanSarkar

Head - Solution Management Group at Meteonic Innovation Pvt. Ltd.

Lets you find defects during the development phase, so you don't have to wait till the development is over to find and address flaws

What needs improvement in Klocwork, compared to other products in the market, is the dashboard or reporting mechanisms that need to be a bit more flexible. The Klocwork dashboard could be improved. Though it's good, it's not as good as some of the other products in the market, which is a problem. The reporting could be more detailed and easier to sort out because sorting in Klocwork could be a bit more time-consuming, mainly when sorting defects based on filters, compared to how it's done on other tools such as Coverity. What I'd like added in the next release of Klocwork is the peer code review Cahoots which used to be a part of Klocwork, and the architecture analysis and both have been taken out of Klocwork. I found the two critical for specific deployments, so if those can be brought back to Klocwork, that would be very good.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The most valuable features of CAST Highlight are automation and speed."

"CAST Highlight provides a clear overview of the role portfolio and allows users to assess the overall quality of the environment. Users can see where improvements are needed and follow up on trends of the application."

"It offers good performance."

"The most valuable features of the CAST Highlight are the interface and there are three notations that are very simple to understand and communicate with."

"In cloud migration, I use CAST highlight to identify blockers, which are the negative road patterns, and also the boosters, which are positive code patterns."

"The way it tells you which codebase is more ready for the cloud and which codebase is less ready is very valuable. It works seamlessly with most languages."

"The solution provides agnostic blockers for platforms as well as for containerization."

"CAST Highlight is easy to use and has a good dashboard."

"The tool helps the team to think beforehand about corner cases or potential bugs that might arise in real-time."

"The reporting helps us understand the trend of our results and whether we improve over time. We can see the history within Klocwork's server architecture and know that we're making things better. It creates a great story for our management. We can demonstrate value and how our software is developing over time."

"We like using the static analysis and code refactoring, which are very valuable because of our requirements to meet safety critical levels and reliability."

"The best advantage of Klocwork is the reduced setup time."

"It's integrated into our CI, continuous integration."

"The most valuable feature is the Incremental analysis."

"There's a feature in Klocwork called 'on-the-fly analysis', which helps developers to find and fix the defects at the time of development itself."

"The ability to create custom checkers is a plus."

More Klocwork pros

Cons

"The ease of configuration and customization could be improved in CAST Highlight."

"The reports that describe the issues of concern are rather abstract and the issues should be more clearly described to the user."

"There could be potential improvements or additional features added to CAST Highlight to make it better."

"CAST Highlight could improve to allow us to comment and do a deep analysis by ourselves."

"Its price should be better. It is a pretty costly tool. They have two products: CAST Highlight and CAST AIP. I would expect CAST Highlight to have the Help dashboard and the Engineering dashboard. These dashboards are currently a part of CAST AIP, and if these are made available in CAST Highlight, customers won't have to use two different products all the time."

"If I received categorization in containerization blockers, it would save time."

"There's a bit of a learning curve at the outset."

"I hope that in each new release they add new features relating to the addition of checkers, improving their analysis engines etc."

"Klocwork does have a problem with true positives. It only found 30% of true positives in the Juliet test case."

"Klocwork sometimes provides too many additional warnings which require expertise to manage."

"The way to define the rules is too complex. The definition/rules for static analysis could be automated according to various SILs, so as to avoid confusion."

"Klocwork has to improve its features to stay ahead of other free solutions."

"Modern languages, such as Angular and .NET, should be included as a part of Klocwork. They have recently added Kotlin as a part of their project, but we would like to see more languages in Klocwork. That's the reason we are using Coverity as a backup for some of the other languages."

"We'd like to see integration with Agile DevOps and Agile methodologies."

"Under NIST cybersecurity standards, we must address vulnerabilities within a specified time after discovering them. When we try to propagate those updates and fixes through the system, it would be nice if the clients could reconnect to the existing server or have the server dynamically updated in some way. I know that isn't easy, but maybe processes could be enhanced to make that more streamlined from a DevOps perspective."

More Klocwork cons

Pricing and Cost Advice

"Basic support is included with the standard licensing feed but it can be upgraded for an additional cost."

"It is a pretty costly tool. A lot of customers are resistant to using it."

"CAST Highlight is an expensive solution. However, CAST Highlight is less expensive than the CAST AIP, but it remains too expensive and the professional services from CAST are also too expensive. The high price is part of the problem with the CAST solutions."

"CAST Highlight is an expensive solution."

"The limitation that we have is that Klocwork is licensed to certain programs, and if you want to license them to other programs, you have to pay more money."

"Klocwork should not to be quite so heavy handed on the licensing for very specific programs."

"When it comes to licensing, the solution has two packages, one for a fixed and the other for a floating server, with the former being more cost effective than the latter."

"The pricing for Klocwork is very competitive if you compare it from apple to apple. It has competitive pricing regarding the licensing model and the per-license cost. Klocwork isn't a high-end investment for anyone deploying it; even SMBs can afford it. The Klocwork cost per user would depend on the license type, so I'm unable to mention a ballpark figure because it would depend on the type of installation and how the deployment will be, and the nodes to give an accurate calculation or figure. The total price depends on the package, so my company could never publish pricing for Klocwork on the website. My team first collects information from potential clients on the deployment scenario, project environment, etc., before suggesting a package for Klocwork. My rating for Klocwork in terms of pricing is a five because of its flexible license models. There's a license model for every type of organization, whether small, midsize, or enterprise, so it's a five out of five for me."

"This solution offers competitive pricing."

"Klocwork is still tight on their licensing. If Klocwork would loosen up on the licensing, and where the license could be used, and how many different programs could be run on it, then we have several development programs that I would love to be able to use it for going forward."

"There are other solutions on the market such as Microsoft Visual Studio. They have been adding more static code analysis features that come for free. It is getting better all the time. That is one of the possibilities is that we've been considering that we may stop using the Klocwork because it doesn't give us any added value."

"Licensing fees are paid annually, but they also have a perpetual license."

See which vendors are best for you

Use our free recommendation engine to learn which Software Composition Analysis (SCA) solutions are best for your needs.

See recommendations

838,713 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

23%

Computer Software Company

16%

Insurance Company

Manufacturing Company

Educational Organization

41%

Manufacturing Company

19%

Computer Software Company

Financial Services Firm

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about CAST Highlight?

The most valuable features of CAST Highlight are automation and speed.

See all answers

What is your experience regarding pricing and costs for CAST Highlight?

The pricing of CAST Highlight was not considered expensive or cheap, and no specific comment was made about the setup cost.

See all answers

What needs improvement with CAST Highlight?

See all answers

What do you like most about Klocwork?

It's integrated into our CI, continuous integration.

See all answers

What is your experience regarding pricing and costs for Klocwork?

Our purchasing department is responsible for tracking costs. It's one of the most widely used tools in our organization. It likely does not have a high price point. I don't have insights into licen...

See all answers

What needs improvement with Klocwork?

The main problem is that since it only parses the code, the warnings or the problems that are given as a result of the report can sometimes require a lot of effort to analyze. It will show all poss...

See all answers

Comparisons

SonarQube Server (formerly SonarQube) vs CAST Highlight

Compared 66% of the time

Black Duck vs CAST Highlight

Compared 6% of the time

GitLab vs CAST Highlight

Compared 5% of the time

JFrog Xray vs CAST Highlight

Compared 5% of the time

Veracode vs CAST Highlight

Compared 5% of the time

More CAST Highlight Competitors

SonarQube Server (formerly SonarQube) vs Klocwork

Compared 39% of the time

Coverity vs Klocwork

Compared 30% of the time

Polyspace Code Prover vs Klocwork

Compared 13% of the time

Checkmarx One vs Klocwork

Compared 3% of the time

Parasoft SOAtest vs Klocwork

Compared 3% of the time

More Klocwork Competitors

Product Reports

Buyer's Guide

CAST Highlight

February 2025

Download CAST Highlight product report

Buyer's Guide

Klocwork

February 2025

Download Klocwork product report

Overview

CAST Highlight is a SaaS software intelligence product for performing rapid application portfolio analysis. It automatically analyzes source code of hundreds of applications in a week for Cloud Readiness, Software Composition Analysis (Open Source risks), Resiliency, and Technical Debt. Objective software insights from automated source code analysis combined with built-in qualitative surveys for business context enable more informed decision-making about application portfolios.

CAST is the software intelligence category leader. CAST technology can see inside custom applications with MRI-like precision, automatically generating intelligence about their inner workings - composition, architecture, transaction flows, cloud readiness, structural flaws, legal and security risks. It’s becoming essential for faster modernization for cloud, raising the speed and efficiency of Software Engineering, better open source risk control, and accurate technical due diligence. CAST operates globally with offices in North America, Europe, India, China. Visit www.castsoftware.com.

CAST

Klocwork detects security, safety, and reliability issues in real-time by using this static code analysis toolkit that works alongside developers, finding issues as early as possible, and integrates with teams, supporting continuous integration and actionable reporting.

Perforce

Sample Customers

Wells Fargo, Bank of NY Mellon, Northern Trust, Microsoft, Amazon, IBM, BMW, AT&T, US Army, US Air Force, US Navy, John Hancock, Marsh & McLennan, Ernst & Young, PwC, Volkswagen, Boston Consulting Group, London Stock Exchange, Telefonica, Saur France, Total Energies France, SNCF

ACCESS Co Ltd, Risk-AI, Winbond Electronics, Bristol-Myers Squibb Pharmaceutical Research Institute, University of Southern California, Alebra Technologies, SIMULIA, Risk Management Solutions, Brigham Young University, SRD, HRL

Buyer's Guide

CAST Highlight vs. Klocwork

September 2022

Free Report: CAST Highlight vs. Klocwork

Find out what your peers are saying about CAST Highlight vs. Klocwork and other solutions. Updated: September 2022.

DOWNLOAD NOW

838,713 professionals have used our research since 2012.

See our CAST Highlight vs. Klocwork report.

We monitor all Software Composition Analysis (SCA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.