You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 12 Next »

Frequently Asked Questions

 

General

Technical

How to

What is Kiuwan Code Security (SAST)?
Kiuwan Code Security is a SAST solution that scans your code to identify and remediate security vulnerabilities.

It complies with the most stringent security standards and covers all important programming languages. It is a cloud-based solution but offers the possibility of analyzing your source code locally.

Continuous subscriptions also include an IDE plugin to help developers work more efficiently.

Learn more about it on our here.

What is Kiuwan Insights? (SCA)
Kiuwan Insights is an application that scans your code to identify vulnerabilities in third-party and open-source components.

It also helps you ensure compliance with open source and copyleft licenses.

Learn more about it on our here.

Which security standards are supported by Kiuwan Code Security?
Kiuwan Code Security is an OWASP corporate member and is CWE certified.

It covers the following standards:

  • SANS 25
  • CERT-Java/C/C++
  • WASC
  • PCI-DSS
  • NIST
  • MISRA
  • BIZEC. 

...and the list is continuously growing!

Learn more about how Kiuwan Code Security performs on the OWASP Benchmark here

How does Kiuwan Code Security perform in the OWASP Benchmark?
The OWASP Benchmark is a test suite designed to evaluate the coverage and accuracy of automated vulnerability detection tools.

The chart below shows the performance of Kiuwan Code Security for the latest version of the OWASP Benchmark, as of November 2019. The results show that Kiuwan (at position K) detected 100% of true positives, correctly identifying all vulnerabilities present in the test application.

For more details about the OWASP Benchmark and Kiuwan Code Security, read our original blog post from 2017, or review our most recent results and run your own test

What are the requirements to use the Kiuwan Applications?
Kiuwan Code Security and Kiuwan Insights are cloud-based solutions, so to use the applications you only need Internet access to https://www.kiuwan.com and https://kiuwan.zendesk.com.

If you want to use the Kiuwan Local Analyzer you also need Java Runtime Environment installed on your computer. Read more about the requirements here: Installation Requirements for Kiuwan Local Analyzer

Does Kiuwan Code Security integrate with JIRA?
Defects found by Kiuwan Code Security and incorporated into an Action Plan can generate tasks automatically in JIRA, accelerating the step between the certification of an application and the remediation of the found issues.

Please visit Export an Action Plan for further information.

Can I use Kiuwan Code Security in Continuous Integration?
Developers and integrators can connect to Kiuwan Code Security by different means.

Please visit Developers - Integrations for a full list of possibilities. 

Error rendering macro 'excerpt-include'

No link could be created for 'What programming languages are supported?'.

 

 

 

 

  • No labels