What’s Kiuwan


Kiuwan is the Optimyth cloud solution platform for Application Security and Enterprise Software Analytics.


From the Security point of view, Kiuwan enforces a rigorous approach in the detection of Security Vulnerabilities.

We strive to meet the most stringent requirements and our compliance reports meet all well known security market standards (OWASP, CWE, MISRA, NIST, PCI, and CERT among others).

Please visit FAQs - Security Standards supported by Kiuwan for further info


Complementing this Security focus, Kiuwan offers a suite of products that allows you build from the ground up the Software Analytics collaborative environment your company, your development teams and your providers need.



How Kiuwan can help me

Companies of all shapes, size and color need to develop software to support their business. Some companies develop their software themselves and some others use external providers to help them develop and maintain their business applications. There are companies that just have a few applications and others that have hundreds even thousands. Some rely in 1 or 2 technologies and languages only and others that have been adapting their technology stack over time and use several different languages and technologies.

No matter what the case is, all have the same needs with different levels of complexity, mostly depending on the size:

In most cases, these companies do not have the people and infrastructure needed to automate Security and Quality Assurance, Control and Certification Management for all developed software. Or cannot afford hiring an "on site" continuous certification service for their software.

Kiuwan is the answer for all these companies. Kiuwan can address all the above needs regardless of the size and the level of complexity of their development processes.


Beyond these corporate needs,  Kiuwan is designed to meet the needs of all the roles involved in any company Software Development Process. Again, no matter the size, complexity or color of the company,  Kiuwan has the right information to the right stakeholder in the IT department.  

Find yourself below and see how Kiuwan can help you:


How Kiuwan works


Kiuwan platform is built on a hybrid cloud architecture and a distributed analysis engine, offering you the best of both approaches (cloud and on-premise).

Kiuwan is a SAAS cloud-based platform, 24x7 fault-tolerant infrastructure (AWS).

There's no need to deploy any local infraestructure, Kiuwan will do all the work for you since the very first moment. All you need to do is signup, and start using Kiuwan.

Nevertheless, you can leverage your own infrastructure and service. Kiuwan offers am on-premise distributed analysis engine (KLA - Kiuwan Local Analyzer) that you can freely instantiate as many times as you need, allowing to integrate and embed it into you existing infrastructure.

This hybrid could architecture lets you fully integrate Kiuwan SAAS with client-side infrastructure and operations such as Continuous Integration, Deployment and Development systems, keeping all the communications between your side and Kiuwan with the most advanced security protection mechanisms.












Kiuwan products

Whatever be you role(s) is, Kiuwan will help you.

It’s been designed to suite your needs and provides you with a full suite of products that leverage you existing source code to build up a comprehensive Security and Software Analytics environment.

At Kiuwan we firmly believe that “the truth is in the source code”. As you could read in this paper, you will see that all Kiuwan functionalities are based on an in-deep analysis of your source code.


Depending on your role, Kiuwan provides a solution to analyze your code, manage your applications portfolio and let you expand to development staff.




Analyze your code

Kiuwan Code Security 

Kiuwan Code Security enforces a rigorous approach in the detection of Security Vulnerabilities.

We strive to meet the most stringent requirements and our compliance reports meet all well known market standards (OWASP, CWE, MISRA, NIST, PCI, and CERT among others). Integrate Kiuwan Code Security in your development process and increase the overall security of your applications while reducing risk and cost thanks to early detection and correction of newly introduced vulnerabilities. Your developers and security managers will have at a finger print all the details of security vulnerabilities and remediation progress.


Kiuwan Code Analysis

Kiuwan Code Analysis offers unparalleled scope in the detection of quality defects, smoothly integrating within continuous development processes.

Identify code defects and manage your remediation effort with blazingly fast speed in a collaborative and unlocalized environment. Your developers and project managers will have all the information they need to continuously improve applications.

Kiuwan Architecture

Kiuwan Architecture offers a revolutionary approach to Application Inventory Management, letting you to detect and surfaces the components and dependencies in your applications, giving you the ability to truly understand your architecture and applications’ structure.


Manage your applications portfolio

Kiuwan Life Cycle

Kiuwan Life Cycle lets you sensibly reduce development time, testing and integration effort during  your software development life cycle by establishing baselines and analyzing deliveries and change requests, letting you to define and apply automatic audits to make sure every delivery is not going to make your application worse.

Kiuwan Governance

Kiuwan Governance helps you to make informed decisions based on the objective information gathered by Code Security and Code Analysis. Group your applications in portfolios that are meaningful for your business and consume aggregated information by the perspectives they provide. Manage the different types of risk you face in the different perspectives, create rankings to prioritize efforts and much more. Help decision makers focus on that, make decisions, without the complicated technical details.


Expand to your daily tasks

Kiuwan for Developers

Kiuwan for Developers is a plug-in available for Eclipse and IBM RAD IDEs that will check code against Security and Quality issues at the earliest stage, i.e. as you type your code. Define your Security and Quality thresholds and spread the check over the developers’ workbench. That way, you will be sure that no “bad” code arrives to production or integration environments without have been properly fixed at the developer desk.

Kiuwan Code Review

Kiuwan Code Review is a Kiuwan version specially suited to GitHub collaborative environment.  If you are using this environment, you can benefit of Kiuwan by seamlessly analyze (automatically or on-demand) your GitHub repositories.


How Kiuwan works


Kiuwan gathers evidence form application's source code using home grown original Kiuwan static analyzers.


Based on this evidence, Kiuwan calculate and presents relevant Software Analytics metrics to help different stakeholder in the SDLC, make informed decisions and manage all kinds of aspects of the process with the common goal of continuously improve software and processes.

Kiuwan support Static Analysis for more than 20 technologies and basically does the following:


Beyond the specific analysis information provided at the analysis moment, Kiuwan provides a collaborative environment that let to explore all the gathered information:


How do you start to work with Kiuwan

In order to use Kiuwan, you must have a Kiuwan Account. If you do not have yet, register for a Kiuwan trial account

Once you have a Kiuwan account, you have access to the Kiuwan collaborative environment in the cloud, and you can start analyzing your applications to generate the Software Analytics for your application portfolio.

The user experience helps us to make its operation extremely intuitive and simple:


From there, the sky is the limit.