Page tree

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


Table of Contents


What is Kiuwan?



Kiuwan is a cloud-based solution platform for Application Security and Enterprise Software Analytics.

Kiuwan can address all the following needs regardless of the size and the level of complexity of the development processes:

  • Early detection of Security Vulnerabilities, before deployment, and fix them as soon as possible
  • Reduction of issues —bugs— of the technical requirements of the

    solutions help teams of all sizes meet their objectives:  

    • Detect security vulnerabilities as early as possible in the development life cycle
    • Reduce issues —bugs— in the technical aspects of applications: performance, efficiency, etc.
    • Proper cost managementManage costs associated with development and maintenance, whether it’s by themselves from internal or external resources,
    • Align developed applications with business goals and missions
    • Increase the productivity of the projects, orteam productivity 
    • Gain greater control —governance— of application development or maintenance outsourcing.

    Kiuwan gathers evidence from the an application's source code using Kiuwan static analyzers,  supporting which support more than 30 different technologies



    How Kiuwan works


    Kiuwan calculates and presents relevant Software Analytics metrics to help stakeholders make informed decisions and continuously improve the software and SDLC processes.

    • Source code static analysis, either locally —through through a downloadable agent— agent or in the cloud —uploading , uploading the code to Kiuwan site—site
    • In-depth detection of Security Vulnerabilitiessecurity vulnerabilities, providing detailed reports on where the vulnerabilities appear, their correlation to Security security standards, providing remediation clues and assessing remediation progress.
    • Quality Defectsdefects detection that affects important software characteristics: Reliabilityreliability, Efficiencyefficiency, Maintainabilitymaintainability, and Portabilityportability
    • Calculation of Software Metricssoftware metrics —number of violations, complexity, design, code size...—.
    • Detection of Duplicate Codeduplicate code.
    • Calculation of Global Software global software Indicators, necessary for the governance and management of the software applications portfolio —Risk , including risk associated with the structural Security security and Quality quality of the code, Global global Indicator and software characteristics indicators, Effort effort to target, Technical and technical debt .


    All results are available in your Kiuwan account through Dashboardsdashboards (with powerful Filtersfilters,  Aggregated aggregated and Historical Viewshistorical views,  etc)

    You can also extract results to consume elsewhere through Kiuwan's REST API.

    Reports generation at all levels and in different formats (PDF, CSV, etc.), with the ability to create your custom Reportscreate custom reports with a custom level of details depending on your specific needs

    A complete set of tools to fully customize Kiuwan to your needs:

    • Create and manage different software models to analyze your applications.
    • Generate and track action plans automatically.
    • Mute defects when needed and re-calculate analytics on the fly.
    • Create and manage different audits and apply them automatically to all deliveries in your application life cycle.
    • Group your applications in portfolios to give you relevant perspectives of your Software Analytics.
    • Generate rankings by perspective.
    • Cross different perspectives for several metrics and indicators to answer important questions about your application portfolio.
    • Etc.



    How do I start using Kiuwan? 



    If you do not have a Kiuwan account yet, request a demo from our sales team here

    If you already have an account, visit our User Guide or see below:

    In short: 

    Once you have a Kiuwan account, you have access to the Kiuwan collaborative environment in the cloud, and you can start analyzing your applications to generate the Software Analytics for your application portfolio.

    The user experience is extremely intuitive and simpleBelow is an outline of the basic steps to analyze your application:

    1. Create your first application.

    2. Decide how to analyze the code
      1. Locally, by downloading and installing the Kiuwan Local Analyzer on a local machine and sends the results to the server; or
      2. In the cloud, uploading the code of your application.

    3. Analyze your application
      1. Do not worry if there is a code of different technologies and languages, Kiuwan knows how to distinguish them.
      2. If you choose to analyze in the Kiuwan cloud, Kiuwan deletes the uploaded code to safeguard your privacy once the analysis is finished

    4. Work with the results in one of these ways:
      1. Using Use the Kiuwan Dashboards;
      2. Generating Generate PDF reports, either at an executive or detail level;
      3. Exporting Export the result data in Excel format; or
      4. Using Use the REST API to extract relevant information.

    5. Iterate and Refinerefine
      1. With the results and the list of recommendations, it would be normal that your development team wants will likely want to review and fix the code and analyze it again, to verify whether they have achieved the desired goals.
      2. You As a result, you can see , therefore, the evolution over time of your application's Software Analytics. This will let allows you "to refine " the Kiuwan default Software Model to your specific needs.

    6. Manage and Governgovern
      1. Kiuwan Governance allows you to group your applications in "portfolios" or logical groups, to obtain global indicators for the criteria you need —Technology— technology, Supplierssuppliers, functional units, etc. .. — to analyze their evolution in time or compare its results.

    7. Integrate the analysis in your Software Development Life Cycle
      1. To implement continuous analysis within other SDLC continuous processes (integration, deployment).
      • You can automate Kiuwan analyses for your application or deliveries of change requests during maintenance if you include Kiuwan Life Cycle functionality.


    Kiuwan Analysis Options



    Kiuwan Local Analyzer

    Kiuwan Local Analyzer (KLA) is the distributed analysis engine that allows you to execute Kiuwan analyses locally.

     With Kiuwan Local Analyzer, you can perform analyses without the source code leaving your premises.

    It analyzes the source code and uploads (encrypted and through HTTPS)  the results to Kiuwan.


    Kiuwan Cloud Analyzer

    You also have the option of uploading your source code (encrypted and through HTTPS to the cloud and analyzing it there.

    The results will show in Kiuwan, just like the KLA.


    Kiuwan On-Premises

    Kiuwan On-Premises is the on-premises version of Kiuwan SaaS, providing full Kiuwan functionalities but completely deployed on your own premises.

    It is an alternative to the cloud solution for those customers who prefer to maintain a private instance completely managed within their own infrastructure.

    It Kiuwan On-Premises can be installed on a single host or on multiple hosts (externalizing one, some or all of the provided infrastructure services).


    Developers - Integrations

    Kiuwan can integrate with the most popular IDEs and CI environments.


    Kiuwan Modules


    Image Added

    Kiuwan Code Security

    Kiuwan Code Security enforces a rigorous approach in the detection of Security Vulnerabilitiessecurity vulnerabilities.

    We strive to meet the most stringent requirements and our compliance reports meet support well-known market standards (OWASP, CWE, MISRA, NIST, PCI, and CERT among others). Integrate Kiuwan Code Security in your development process and increase the overall security of your applications while reducing risk and cost thanks to early detection and correction of newly introduced vulnerabilities. Your developers and security managers will have at their fingertips details of security vulnerabilities and remediation progress.


    Image Added

    Kiuwan Insights

    With Kiuwan Insights, you can identify and manage vulnerabilities, compliance, and operational risk that may arise from using open source components.

    Open source components are a significant and important part of commercial software today.

    Yet the use of these components introduces the risk of security vulnerabilities, as well as a need to ensure proper licensing and adherence to policies.



    Kiuwan Code Analysis

    Kiuwan Code Analysis offers unparalleled scope in the detection of quality defects, smoothly integrating within continuous development processes.

    Identify code defects and manage your remediation effort with blazingly fast speed in a collaborative and decentralized environment. Your developers and project managers will have all the information they need to continuously improve applications


    Kiuwan Governance

    Kiuwan Governance helps you to make informed decisions based on the objective information gathered by Code Security and Code Analysis.

    Group your applications in portfolios that are meaningful for your business and consume aggregated information by the perspectives they provide.

    Manage the different types of risk you face in the different perspectives, create rankings to prioritize efforts, and much more. Help decision-makers focus on that, make decisions, without the complicated technical details.


    Kiuwan Life Cycle

    Kiuwan Life Cycle lets Cycle helps you sensibly reduce development time, testing, and integration effort during your software development life cycle by establishing baselines and analyzing deliveries and change requests, letting . This empowers you to define and apply automatic audits to make sure every delivery is not going to make your application worseeach delivery meets your goals without introducing regressions.