Our main test case is to check for some of our internal standards which we usually do manually. But when we got Klocwork, it completely changed the scenario. We are writing a simple logic for checking our internal standards without much overhead.
.Net Developer at Sure Shield Infotech
The on-the-fly analysis reduces the time for developing code and report generation
What is our primary use case?
How has it helped my organization?
One more is on-the-fly analysis which is the most important feature, and CI which Klocwork provides I believe.
What is most valuable?
- First will be the on-the-fly analysis as it is reducing the time for developing code and report generation.
- One more best thing is the reports section which is very nice to understand.
What needs improvement?
Support for AUTOSAR C++14 by adding a new taxonomy that you can use to ensure compliance with the AUTOSAR C++14 Standard, release 18-03.
Buyer's Guide
Klocwork
November 2024
Learn what your peers think about Klocwork. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
For how long have I used the solution?
Three to five years.
What's my experience with pricing, setup cost, and licensing?
I don't know much about cost and licensing as my management is looking at these things.
Which other solutions did I evaluate?
No.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Specialist at a non-tech company with 5,001-10,000 employees
Good stability and tech support and the setup is straightforward
Pros and Cons
- "Now the only issue we have is that whenever we need to get the code we have to build it first. Then we can get the report."
What is our primary use case?
We currently use Klocwork mainly for static code analysis.
What needs improvement?
Now the only issue we have is that whenever we need to get the code we have to build it first. Then we can get the report. Without building the source code we have to get the static code and the source code. That's what we are looking into. It would be better if they could provide a solution for this issue, regarding code building, when compiling the report.
I would like to see a dashboard added to provide a clear look and feel. The dashboard would then supplement the users to enable them to get a quick view of the content, as long is it is clear. A presentational dashboard would be good.
For how long have I used the solution?
We've been using Klocwork for two years.
What do I think about the stability of the solution?
The stability is good. We can run it on multiple machines without an issue.
What do I think about the scalability of the solution?
We have a server license here for two servers and ten users.
How are customer service and technical support?
The technical support is good. They support us whenever we need it.
How was the initial setup?
The initial setup was straightforward, not too complicated.
What other advice do I have?
Klocwork is a good product, but keep in mind that before building the code you have to get a report. Then you use the code. If you don't need to get a report after building the source code then this is a good solution for you. I prefer this tool.
I would rate Klocwork as eight out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Klocwork
November 2024
Learn what your peers think about Klocwork. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
Senior H.R - DevOps & Infrastructure Recruitment Consultant at Meteonic Innovation Pvt. Ltd.
Support to a vast number of IDEs and so on
What is our primary use case?
My primary case would be checking for memory related issues and some null pointer issues where Klocwork is too strong in this section. We used to check these issues most often, and Klocwork is the one which provides us this clear way.
How has it helped my organization?
We are very concerned about these issues for some of the critical projects which are very important for us. Using Klocwork, we have cleared all these issues without much difficulty.
What is most valuable?
- Its vast checkers supportability
- Custom checker creation
- Industry standards supportability
- Support to a vast number of IDEs and so on.
What needs improvement?
Nothing much as of now. I feel Klocwork is going in a great way. The one thing I personally feel is that Klocwork must increase their support to some other languages.
For how long have I used the solution?
One to three years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Embedded Software Developer at a tech services company with 10,001+ employees
The tool has good support for static analysis
Pros and Cons
- "The tool helps the team to think beforehand about corner cases or potential bugs that might arise in real-time."
- "We like using the static analysis and code refactoring, which are very valuable because of our requirements to meet safety critical levels and reliability."
- "The way to define the rules is too complex. The definition/rules for static analysis could be automated according to various SILs, so as to avoid confusion."
What is our primary use case?
We are using Klocwork to perform static code analysis of our solutions towards an embedded project. The project is built on an RTOS, and the relevant middleware and applications are developed in C++.
How has it helped my organization?
The tool helps the team to think beforehand about corner cases or potential bugs that might arise in real-time. This, in turn, increases the efficiency of the project as well as the team.
What is most valuable?
We like using the static analysis and code refactoring, which are very valuable because of our requirements to meet safety critical levels and reliability.
What needs improvement?
The way to define the rules is too complex. The definition/rules for static analysis could be automated according to various SILs, so as to avoid confusion.
It should be semi-flexible. However, this may be due to my limited experience.
For how long have I used the solution?
Less than one year.
How is customer service and technical support?
The tool has good support for static analysis.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Klocwork Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Product Categories
Application Security Tools Static Application Security Testing (SAST) Static Code AnalysisPopular Comparisons
SonarQube Server (formerly SonarQube)
Veracode
GitLab
Checkmarx One
Snyk
Fortify on Demand
Qualys Web Application Scanning
CodeSonar
Polyspace Code Prover
Buyer's Guide
Download our free Klocwork Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- If you had to both encrypt and compress data during transmission, which would you do first and why?
- When evaluating Application Security, what aspect do you think is the most important to look for?
- What are the Top 5 cybersecurity trends in 2022?
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- Which application security solutions include both vulnerability scans and quality checks?
- We're evaluating Tripwire, what else should we consider?
- Is SonarQube the best tool for static analysis?
- Why Do I Need Application Security Software?
- Which Email Security enterprise solution would you choose: Cisco Secure Email vs Forcepoint Email Security vs Barracuda Email Security Gateway?
- SAST vs. DAST: Which is better for application security testing?