CODE SECURITY (SAST)

Secure Your Code
At Every Stage.

Automatically scan your code to identify and remediate vulnerabilities. Compliant with the most stringent security standards, such as OWASP and CWE, Kiuwan Code Security – SAST covers all important languages and integrates directly with leading DevOps tools across the SDLC.

Kiuwan Static Application Security Testing
Z

Get Rapid Results

Set up in minutes. Scan locally and then share results in the cloud. Identify and remediate vulnerabilities in a blazingly fast, collaborative environment.

Z

Make Informed Decisions

Understand your risk with tailored reports based on industry-standard security ratings. Generate automatic action plans to remediate vulnerabilities and manage technical debt.

Z

Customize to your needs

Choose from a comprehensive set of coding rules to customize the importance of different vulnerabilities for your unique environment.

Website Pop-out Graphic@2x

YOU KNOW CODE, WE KNOW CODE SECURITY

Create an action plan to reduce your cyber security risks
SAST
1

Set your goals

Build an action plan based on your security goals and a “what if” simulation of different scenarios.

2

Monitor your progress

Use the Action Plan dashboard track progress toward your defined goals and avoid deviations.

3

Take action

Kiuwan suggests where to act and to what extent. Drill down to the line of code level, if needed!

Kiuwan gives your team the tools you need to succeed! Action plans are designed to help you identify issues that are pertinent based on your established rules and set milestones & a timeline for remediation. This ease of use empowers your team to manage resolving vulnerabilities in code without falling behind on deadlines.

Full Compliance With IT Security Standards

Kiuwan maintains the highest levels of compliance across the industry to ensure that your applications are developed with security at as a central focus.

OWASP
MISRA
CWE
PCI
CERT
NIST

Kiuwan SAST Can Identify

  • Uninitialized Variables
  • Application Misconfiguration
  • Credential/Session Prediction
  • Directory Indexing
  • Insufficient Authorization/Authentication
  • Automatic Reference Counting
  • Cross Site Request Forgery
  • Information Leakage
  • Insufficient Transport Layer Protection
  • Insufficient Binary Protection
  • Cross Site Scripting
  • Injection Attacks
  • Free Non-Heap Variable
  • Use After-Free
  • Double Free/Close
  • Format String Vulnerability
  • Return Pointer To Local
  • & More
Integrate With Your DevOps Environment

Security should be a central part of any development process, by integrating directly into your DevOps environment, your development team can create a true DevSecOps approach that bakes security into your application’s design.

Add application security to your IDE

Adopt a true “Shift Left” approach by integrating Code Security with your IDE. Kiuwan supports popular IDEs including Eclipse, Visual Studio, IntelliJ IDEA, Phpstorm, Pycharm and Webstorm. Developers can visualize and analyze vulnerabilities directly from their IDE, learning best coding practices with contextual remediation advice

kiuwan-ide-main

Kiuwan SAST Supports Integrations With:

Flexible Licensing To Fit Your Specific Needs

Kiuwan Modules

Make it a 360° solution with

Code Analysis
Code Analysis

Learn about defects in your code around characteristics such as maintainability, portability, efficiency and reliability

Life Cycle
Life Cycle

Audit your software deliveries made by external or internal providers, define checkpoints and compare modifications

Governance
Governance

Manage your application portfolio, understand your business risks and make predictive analysis for objective decision making