Kiuwan Reviews

Kiuwan is useful because it provides functions related to secure code review, source code review, detection of security vulnerabilities, and development of proper input validations to get proper output and coding to see if all the systems in our environment are properly used. Some SQL queries are written at the back end or at the server-side code, and the tool helps to check how they have been written. The tool helps us find if there is an issue, like whether an SQL injection attack has occurred in some SQL queries or not, meaning it helps deal with OWASP Top 10 vulnerabilities and some other vulnerabilities that a user can find through source code review. The tool also helps protect sensitive data, including passwords or encryption keys.

The most valuable feature of the solution stems from the fact that it is quick when processing and giving an output or generating a report.

I am utilizing Kiuwan for quick and efficient scans, specifically static scanning for web applications. This includes checking the application's code base and dependencies, known as SaaS scans. In the first quarter, there is a "code-based security and insight" tab where we can review the application's code for any vulnerabilities arising from dependencies. We then analyze these vulnerabilities and provide solutions for mitigating them.

The feature that I have found the most valuable in Kiuwan is the speed of scanning. Compared to other SaaS tools I have used, Kiuwan is much quicker in performing scans. I have not yet used it on a large code base, but from what I have experienced, it is efficient and accurate. Additionally, I have used it both manually and in an automated pipeline, and both methods have been effective. The speed of scanning is what makes it valuable to me.

Kiuwan provides a detailed analysis and mitigation steps for any vulnerabilities reported, which is very helpful for teams in addressing the issues.

We use it to modify and enhance code across various aspects of our projects, particularly focusing on key data. The extent of modification varies and is influenced by the specific application and repository requirements.

The significance varies, and it is usually linked to the code's length. I find it immensely helpful because it's not just about generating code; it's about ensuring efficiency in the execution. It offers comprehensive information, covering not only the basics but also delving into controllers, interfaces, and more.

We use Kiuwan to assess the code, resolve issues, and showcase technical indicators. These indicators reveal the number of errors over a timeline and offer guidance on addressing issues related to business servers. We haven't integrated Kiuwan with additional tools; it operates as a standalone application and isn't integrated into the development life cycle.

It provides opportunities for improvement by guiding us toward better coding practices. It's a valuable learning tool, teaching developers about security concepts and ways to rectify various issues across different programming languages. 

I appreciate Kiuwan for its simplicity in establishing programming rules, especially with the Kiuwan client development tool. It allows programming rules by loading the code into the tool and using the DXPath and AST functionalities.

Our company produces a financial application, and we use Kiuwan for vulnerability testing. Kiuwan scans our code to detect some security issues. 

Kiuwan has enabled us to give our customers peace of mind through early identification of code vulnerabilities and remediation before delivery to the customer.

We analyze all the portfolio of applications from the customer. The customer is within the government of Spain. We analyze all their applications. On the portfolio of publications, we run analyses from all the applications.

From the tool itself, the developer can run an analysis with the same quality. With this tool, every developer has the opportunity to do an unlimited analysis.

The solution can scale well.

The solution offers very good technical support.

It's quite a stable product.

Our primary use case is to focus on and discover the vulnerabilities in our code, to clean the code and to make it safer and more secure for our customers. We are a customer of Kiuwan and sell it to our customers. We employ an analyzer for our coding.

The most valuable feature of the solution is the continuous integration process. This enables us to make the best in terms of security of our solution and not introduce new mistakes. Problems are solved step by step. 

We have just recently adopted this solution to use for our code security. We are still new to using these kinds of tools.

We are using this solution to increase the quality of our software and to test the vulnerabilities in our tools before the customers find them. Customers look for problems in code, so it is better to perform tests and prove that our code is free from vulnerabilities beforehand.

This is standard here in Spain, where the customers use the same tools to check for vulnerabilities. If we are using the same tools then it is not possible for the customers to find different problems. If we are using different tools then maybe the results would be different. We want the customer's report to list the same issues.

So far, the tool has shown us four issues, and we are starting to clean the vulnerabilities.