Published January 28, 2021
WRITTEN BY THE KIUWAN TEAM
Experienced developers, cyber-security experts, ALM consultants, DevOps gurus and some other dangerous species.
The Kiuwan team is excited to announce the availability of our latest release, with new features for both cloud and on premise customers.
Kiuwan is a fast, reliable and scalable Application Security and Enterprise Software Analytics solution. Kiuwan includes several tools for management and development that identify and guide remediation of security vulnerabilities in source code. These tools support the implementation of critical shift-left strategies that many companies desire today. Fluent in major programming languages and frameworks, Kiuwan allows extensions and customization for customer-specific needs and integrates with leading DevOps IDEs and tools, in an on-premise or SaaS model.
Support for custom components in Kiuwan Insights
As requested by our customers, Kiuwan Insights now supports custom artifacts, allowing the creation and maintenance of custom artifacts along with their associated licenses and vulnerabilities. This allows Kiuwan users to identify the use of custom artifacts stored in their own repositories and to track their use in their development, and signal during Insights analysis vulnerabilities added to the application, license issues, and obsolescence caused by the use of these custom components.
Custom components, licenses, and vulnerabilities can be added and modified both through the UI and the REST API. With this new functionality, customers will be able to have a complete view of the components used either public or private, avoiding the need to track custom components out of Kiuwan.
Engine tuning pack
The Kiuwan engine is able to perform source code analysis on a wide variety of programming languages. It parses source code into memory structures, and these structures are checked with rules to identify quality and security issues.
Each customer has their own way of using their languages and libraries, so we rely on continual feedback from our customers in order to continuously improve the quality and performance of our analysis to benefit customers. This engine tuning pack incorporates new cases and includes widely requested small enhancements.
- Add new detection rules or improve existing rules to find more security vulnerabilities in code
- Updates to reduce some of the false positives returned by the product
- Performance improvements
- Revisions to our security and protection rules for more accurate results
- Language parsing improvements for more language coverage
- Update language levels
Additional bug fixes and improvements
Documentation for this release is available in the product documentation repository.
For a full list of additional bug fixes and improvements, refer to our Change Log.
How to get the new release
The new release is available immediately to our Cloud customers. Access the new version via the customer portal.
Customers using the On-Premises version of Kiuwan should reach out to their account representative for an updated license key.
Would you like to know more Kiuwan solutions? Get in touch with our Kiuwan team! We love to talk about security.