...
...
...
maxLevel | 5 |
---|---|
absoluteUrl | true |
What’s Kiuwan
...
...
Info |
---|
From the Security point of view, Kiuwan enforces a rigorous approach in the detection of Security Vulnerabilities. We strive to meet the most stringent requirements and our compliance reports meet all well known security market standards:
Please visit FAQs - Security Standards supported by Kiuwan for further info |
Kiuwan offers not only functionality focusing on Security, but also a suite of features that allows you to build a Software Analytics collaborative environment customized for the needs of your company, your development teams and your providers
How Kiuwan can help me
Companies of different sizes, maturities and industries need to develop software to support their business. Some companies develop their software themselves and some use external providers to help them develop and maintain their business applications. There are companies that just have a few applications and others that have hundreds or even thousands. Some rely on 1 or 2 technologies and languages only and others that have been adapting their technology stack over time and use several different languages and technologies.
No matter the case, all have the same needs with different levels of complexity:
...
...
...
...
...
...
...
...
...
In most cases, these companies do not have the people and infrastructure needed to automate Security and Quality Assurance, Control and Certification Management for all developed software, or cannot afford hiring an "on site" continuous certification service for the development process.
Info |
---|
Kiuwan is the answer to all these companies. Kiuwan can address all the above needs regardless of the size and the level of complexity of the development processes. |
Beyond these corporate needs, Kiuwan is designed to meet the needs of all the roles involved in any company's Software Development Process. Again, no matter the size, complexity or color of the company, Kiuwan has the right information to the right stakeholder in the IT department.
Find yourself below and see how Kiuwan can help you:
- CIOs (Chief Information Officers) who need to make strategic decisions to improve software development.
- CSOs (Chief Security Officers) who need to tackle security from the application perspective.
- QA Managers and Engineers who need to control and monitor the quality state of applications under development.
- Project Managers, who need to know the health of the projects they manage from a technical perspective.
- Application Architects, who can discover structural flaws early in the development process.
- Operations, that need to know the level of quality and security of the application they have in production.
- DevOps, if companies are taking that transformation path Kiuwan is an essential tool for the people who make it happen.
- Integration and Deployment Managers, who need to make sure the structural and technical health of the applications they are moving in their respective pipelines is what is expected in the next environment.
- Developers, who want to develop the best software possible and learn as much as possible in the process.
Kiuwan SaaS platform
Info |
---|
Kiuwan is a SaaS cloud platform, 24x7 fault-tolerant infrastructure (AWS). It is built on a hybrid cloud architecture and a distributed analysis engine, offering you the best of both approaches (cloud and on-premise). |
There's no need to deploy any local infrastructure, Kiuwan can do the SAST software analysis for you. All you need to do is signup, and start using Kiuwan.
Nevertheless, you can leverage your own infrastructure and service. Kiuwan offers an on-premise distributed analysis engine (KLA - Kiuwan Local Analyzer) that you can freely instantiate as many times as you need, allowing your company to integrate and embed it into existing infrastructure.
This hybrid cloud architecture lets you fully integrate Kiuwan SAAS with client-side infrastructure and operations such as Continuous Integration, Deployment and Development systems, limiting all the communications between your side and Kiuwan to the analysis results and via the most advanced security protection mechanisms.
Local Analysis - Kiuwan Local Analyzer (KLA)
Whatever may be the reason (source code privacy, leverage existing computing resources or integrate analysis within you infrastructure), you may want to analyze locally.
Info |
---|
Kiuwan Local Analyzer (KLA) is the distributed analysis engine that allows to you to execute Kiuwan analyses locally. |
With Kiuwan Local Analyzer, you can perform analyses without the source code leaving your premises. It analyzes the source code and uploads (encrypted and through HTTPS) the results (containing the defects found, the number of the line containing the defects, and optionally, the source code of the lines found to be defective) to Kiuwan.
The KLA is adaptable to each organization’s network settings and can be easily configured to work with a proxy server, or an implemented corporate authentication service, such as LDAP.
With KLA:
...
...
...
Info |
---|
Kiwuan Local Analyzer provides the basis for external system integration (CI systems, SAP servers, etc) as well as to execute analyses in your development IDE. Please visit Developers - Integrations for further help on how to integrate with Jenkins, Team Foundation Server, IBM UrbanCode Deploy, Cloudbees, Bluemix DevOps, TeamCity, etc. Also, you can visit Kiuwan for Developers if you need to use Kiuwan from within your IDE.
Please visit Kiuwan Local Analyzer Deprecated for further info. |
How Kiuwan works
...
...
...
...
Please visit Kiuwan Supported Technologies
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
Beyond the specific analysis information provided at the analysis moment, Kiuwan provides a collaborative environment that lets you to explore all the gathered information
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
Kiuwan products
Kiuwan Saas has been designed to suit your needs and provides you with a full suite of solutions that leverage your existing source code to build up a comprehensive Security and Software Analytics environment.
Info | ||
---|---|---|
| ||
At Kiuwan we firmly believe that “the truth is in the source code”. As you could read in this paper, you will see that all Kiuwan functionalities are based on an in-depth analysis of your source code. |
Depending on your needs, Kiuwan provides solutions to analyze your code, manage your applications portfolio and expand to development staff.
Analyze your code
Kiuwan Code Security
Kiuwan Code Security enforces a rigorous approach in the detection of Security Vulnerabilities.
We strive to meet the most stringent requirements and our compliance reports meet well-known market standards (OWASP, CWE, MISRA, NIST, PCI, and CERT among others). Integrate Kiuwan Code Security in your development process and increase the overall security of your applications while reducing risk and cost thanks to early detection and correction of newly introduced vulnerabilities. Your developers and security managers will have at their fingertips details of security vulnerabilities and remediation progress.
Kiuwan Code Analysis
Kiuwan Code Analysis offers unparalleled scope in the detection of quality defects, smoothly integrating within continuous development processes.
Identify code defects and manage your remediation effort with blazingly fast speed in a collaborative and decentralized environment. Your developers and project managers will have all the information they need to continuously improve applications.
Kiuwan Architecture
Kiuwan Architecture offers a revolutionary approach to Application Inventory Management, letting you detect and surfaces the components and dependencies in your applications, giving you the ability to truly understand your architecture and applications’ structure.
Manage your applications portfolio
Kiuwan Life Cycle
Kiuwan Life Cycle lets you sensibly reduce development time, testing and integration effort during your software development life cycle by establishing baselines and analyzing deliveries and change requests, letting you to define and apply automatic audits to make sure every delivery is not going to make your application worse.
Kiuwan Governance
Kiuwan Governance helps you to make informed decisions based on the objective information gathered by Code Security and Code Analysis. Group your applications in portfolios that are meaningful for your business and consume aggregated information by the perspectives they provide. Manage the different types of risk you face in the different perspectives, create rankings to prioritize efforts and much more. Help decision-makers focus on that, make decisions, without the complicated technical details.
Expand to your daily tasks
Kiuwan for Developers
Kiuwan for Developers is a plug-in available for Eclipse and IBM RAD IDEs that will check code against Security and Quality issues at the earliest stage, i.e. as you type your code. Define your Security and Quality thresholds and spread the check over the developers’ workbench. That way, you will be sure that no “bad” code arrives at production or integration environments without having been properly fixed at the developer desk.
Kiuwan Code Review
(old) Kiuwan Code Review is a Kiuwan version especially suited to GitHub collaborative environment. If you are using this environment, you can benefit of Kiuwan by seamlessly analyze (automatically or on-demand) your GitHub repositories.
How can I start to work with Kiuwan
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
...
From there, the sky is the limit.
...