Kiuwan is useful because it provides functions related to secure code review, source code review, detection of security vulnerabilities, and development of proper input validations to get proper output and coding to see if all the systems in our environment are properly used. Some SQL queries are written at the back end or at the server-side code, and the tool helps to check how they have been written. The tool helps us find if there is an issue, like whether an SQL injection attack has occurred in some SQL queries or not, meaning it helps deal with OWASP Top 10 vulnerabilities and some other vulnerabilities that a user can find through source code review. The tool also helps protect sensitive data, including passwords or encryption keys.
I am utilizing Kiuwan for quick and efficient scans, specifically static scanning for web applications. This includes checking the application's code base and dependencies, known as SaaS scans. In the first quarter, there is a "code-based security and insight" tab where we can review the application's code for any vulnerabilities arising from dependencies. We then analyze these vulnerabilities and provide solutions for mitigating them.
We use the solution for in-house development. In one of the cases, we use it for some applications that we need to create something from scratch. What we are considering more than anything else is maybe its quality of performance. We are looking for security vulnerabilities. I'm an Information Security Officer and that's why we are looking for vulnerabilities more than the quality of the code or the performance, however, it's great that it gives more detailed information about performance and the quality of the code. I'm actually looking to try another technology, to see if there's something we can do around static tests.
Information Security Specialist at a tech company with 51-200 employees
Real User
2021-05-06T07:57:06Z
May 6, 2021
I'm currently working at a FinTech company, and we normally use Kiuwan for code analysis. This helps us ensure that our product complies with proper codes.
Test Engineer at a tech company with 501-1,000 employees
Real User
2020-11-19T16:01:57Z
Nov 19, 2020
We analyze all the portfolio of applications from the customer. The customer is within the government of Spain. We analyze all their applications. On the portfolio of publications, we run analyses from all the applications.
Our primary use case is to focus on and discover the vulnerabilities in our code, to clean the code and to make it safer and more secure for our customers. We are a customer of Kiuwan and sell it to our customers. We employ an analyzer for our coding.
Software Architect at Digital Solution Foundry (Pty) Ltd
Real User
2019-09-05T05:37:00Z
Sep 5, 2019
We are a solution provider, and we are using this solution with one of our clients. The primary use case for this solution is security and vulnerability testing. We are currently integrating this solution into our software development process. We have a public cloud deployment.
Software analytics technology with a breadth of third party integrations that takes into account the wealth of applications your teams are currently using.
We facilitate and encourage work between unlocalized teams. We understand the complexity of working on multi technology environments, constantly striving to increase the number of programming languages and technologies we support.
Kiuwan is useful because it provides functions related to secure code review, source code review, detection of security vulnerabilities, and development of proper input validations to get proper output and coding to see if all the systems in our environment are properly used. Some SQL queries are written at the back end or at the server-side code, and the tool helps to check how they have been written. The tool helps us find if there is an issue, like whether an SQL injection attack has occurred in some SQL queries or not, meaning it helps deal with OWASP Top 10 vulnerabilities and some other vulnerabilities that a user can find through source code review. The tool also helps protect sensitive data, including passwords or encryption keys.
I develop use cases to enhance code quality, and in the event of code vulnerabilities, I guide the team on how to address and rectify them.
I am utilizing Kiuwan for quick and efficient scans, specifically static scanning for web applications. This includes checking the application's code base and dependencies, known as SaaS scans. In the first quarter, there is a "code-based security and insight" tab where we can review the application's code for any vulnerabilities arising from dependencies. We then analyze these vulnerabilities and provide solutions for mitigating them.
Our company produces a financial application, and we use Kiuwan for vulnerability testing. Kiuwan scans our code to detect some security issues.
We use the solution for in-house development. In one of the cases, we use it for some applications that we need to create something from scratch. What we are considering more than anything else is maybe its quality of performance. We are looking for security vulnerabilities. I'm an Information Security Officer and that's why we are looking for vulnerabilities more than the quality of the code or the performance, however, it's great that it gives more detailed information about performance and the quality of the code. I'm actually looking to try another technology, to see if there's something we can do around static tests.
I'm currently working at a FinTech company, and we normally use Kiuwan for code analysis. This helps us ensure that our product complies with proper codes.
We analyze all the portfolio of applications from the customer. The customer is within the government of Spain. We analyze all their applications. On the portfolio of publications, we run analyses from all the applications.
Our primary use case is to focus on and discover the vulnerabilities in our code, to clean the code and to make it safer and more secure for our customers. We are a customer of Kiuwan and sell it to our customers. We employ an analyzer for our coding.
We are a solution provider, and we are using this solution with one of our clients. The primary use case for this solution is security and vulnerability testing. We are currently integrating this solution into our software development process. We have a public cloud deployment.
We have just recently adopted this solution to use for our code security. We are still new to using these kinds of tools.
I use the solution for daily software development in our company.