Try our new research platform with insights from 80,000+ expert users

Checkmarx One vs Kiuwan comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 8, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Checkmarx One
Ranking in Application Security Tools
3rd
Ranking in Static Application Security Testing (SAST)
3rd
Average Rating
7.6
Reviews Sentiment
6.9
Number of Reviews
70
Ranking in other categories
Vulnerability Management (20th), Static Code Analysis (2nd), API Security (2nd), DevSecOps (2nd), Risk-Based Vulnerability Management (7th)
Kiuwan
Ranking in Application Security Tools
19th
Ranking in Static Application Security Testing (SAST)
15th
Average Rating
8.6
Reviews Sentiment
7.0
Number of Reviews
23
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of February 2025, in the Application Security Tools category, the mindshare of Checkmarx One is 11.5%, down from 15.2% compared to the previous year. The mindshare of Kiuwan is 1.0%, down from 1.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools
 

Featured Reviews

Rohit Kesharwani - PeerSpot reviewer
Provides good security analysis and security identification within the source code
We integrate Checkmarx into our software development cycle using GitLab's CI/CD pipeline. Checkmark has been the most helpful for us in the development stage. The solution's incremental scanning feature has impacted our development speed. The solution's vulnerability detection is around 80% to 90% accurate. I would recommend Checkmarx to other users because it is one of the good tools for doing security analysis and security identification within the source code. Overall, I rate Checkmarx a nine out of ten.
Mustufa Bhavnagarwala - PeerSpot reviewer
Though a stable tool, the UI needs improvement
Kiuwan can improve its UI a little more. The user experience can be made better. Kiuwan offers a user interface that is similar to the one offered by Windows 7 or Windows 98, which I saw when I ran the tool and tried to scan the repository to find the security issues. The product's UI has certain shortcomings, where improvements are required.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution improved the efficiency of our code security reviews. It helps tremendously because it finds hundreds of potential problems sometimes."
"Vulnerability details is valuable."
"Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%."
"It gives the proper code flow of vulnerabilities and the number of occurrences."
"Checkmarx pinpoints the vulnerability in the code and also presents the flow of malicious input across the application."
"It has all the features we need."
"One of the most valuable features is it is flexible."
"Checkmarx has helped us deliver more secure products. We are able to do static code analysis with the tool before shipping our code to production. When the integration is in the pipeline, this tool gives us early notifications on code fixes."
"The most valuable feature is the time to resolution, where it tells you how long it is going to take to get to a zero-base or a five-star security rating."
"I like that I can scan the code without sending it to the Kiuwan cloud. I can do it locally on my device. When the local analyzer finishes, the results display on the dashboard in the cloud. It's essential for security purposes to be able to scan my code locally."
"The solution has a continuous integration process."
"The solution offers very good technical support."
"I've tried many open source applications and the remediation or correction actions that were provided by Kiuwan were very good in comparison."
"I personally like the way it breaks down security vulnerabilities with LoC at first glance."
"I have found the security and QA in the source code to be most valuable."
"​We use Kiuwan to locate the source of application vulnerabilities."
 

Cons

"They can support the remaining languages that are currently not supported. They can also create a different model that can identify zero-day attacks. They can work on different patterns to identify and detect zero-day vulnerability attacks."
"Some of the descriptions were found to be missing or were not as elaborate as compared to other descriptions. Although, they could be found across various standard sources but it would save a lot of time for developers, if this was fixed."
"We want to have a holistic view of the portfolio-level dashboard and not just an individual technical project level."
"Licensing models and Swift language support are the aspects in which this product needs to improve. Swift is a new language, in which major customers require support for lower prices."
"Checkmarx could improve by reducing the price."
"Checkmarx is not good because it has too many false positive issues."
"The plugins for the development environment have room for improvements such as for Android Studio and X code."
"Meta data is always needed."
"It would be beneficial to streamline calls and transitions seamlessly for improved functionality."
"The QA developer and security could be improved."
"The solution seems to give us a lot of false positives. This could be improved quite a bit."
"The next release should include more flexibility in the reporting."
"The integration process could be improved. It'll also help if it could generate reports automatically. But I'm not sure about the effectiveness of the reports. This is because, in our last project, we still found some key issues that weren't captured by the Kiuwan report."
"Perhaps more languages supported."
"Kiuwan's support has room for improvement. You can only open a ticket is through email, and the support team is outside of our country. They should have a support number or chat."
"The development-to-delivery phase."
 

Pricing and Cost Advice

"The pricing is competitive and provides a lower TCO (total cost of ownership) for achieving application security."
"We have purchased an annual license to use this solution. The price is reasonable."
"The average deal size was usually anywhere between $120K to $175K on an annual basis, which could be divided across 12 months."
"The price of Checkmarx could be reduced to match their competitors, it is expensive."
"Before implementing the product I would evaluate if it is really necessary to scan so many different languages and frameworks. If not, I think there must be a cheaper solution for scanning Java-only applications (which are 90% of our applications)."
"If you want more, you have to pay more. You have to pay for additional modules or functionalities."
"The solution is costly."
"The solution's price is high and you pay based on the number of users."
"It follows a subscription model. I think the price is somewhere in the middle."
"Nothing special. It's a very fair model."
"Check with your account manager."
"The price of Kiuwan is lower than that of other tools on the market."
"This solution is cheaper than other tools."
"Kiuwan is an open-source solution and free to use."
"I recommend contacting a sales person who will create the best plan payment plan for you, as we did."
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
832,138 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
22%
Computer Software Company
14%
Manufacturing Company
10%
Government
5%
Financial Services Firm
16%
Computer Software Company
15%
Comms Service Provider
8%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What alternatives are there for Fortify WebInspect and Fortify SCA?
I would like to recommend Checkmarx. With Checkmarx, you are able to have an all in one solution for SAST and SCA as well. Veracode is only a cloud solution. Hope this helps.
What do you like most about Checkmarx?
Compared to the solutions we used previously, Checkmarx has reduced our workload by almost 75%.
What is your experience regarding pricing and costs for Checkmarx?
The pricing is relatively expensive due to the product's quality and performance, but it is worth it.
What do you like most about Kiuwan?
The most valuable feature of the solution stems from the fact that it is quick when processing and giving an output or generating a report.
What is your experience regarding pricing and costs for Kiuwan?
I'm not entirely sure about the price and business aspects, but I assume Checkmarx might be less expensive. I think Checkmarx might offer more affordable options, especially in its smaller business...
What needs improvement with Kiuwan?
Kiuwan can improve its UI a little more. The user experience can be made better. Kiuwan offers a user interface that is similar to the one offered by Windows 7 or Windows 98, which I saw when I ran...
 

Comparisons

 

Overview

 

Sample Customers

YIT, Salesforce, Coca-Cola, SAP, U.S. Army, Liveperson, Playtech Case Study: Liveperson Implements Innovative Secure SDLC
DHL, BNP Paribas, Zurich, AXA, Ernst & Young, KFC, Santander, Latam, Ferrovial
Find out what your peers are saying about Checkmarx One vs. Kiuwan and other solutions. Updated: January 2025.
832,138 professionals have used our research since 2012.