Kiuwan Insights vs OpenText Static Application Security Testing comparison

Kiuwan and OpenText are both solutions in the Static Code Analysis category. Kiuwan is ranked #24, while OpenText is ranked #4 with an average rating of 7.4. Kiuwan holds a 1.6% mindshare in SCAS, compared to OpenText’s 5.5% mindshare. Additionally, 89% of OpenText users are willing to recommend the solution.

Kiuwan Insights

Read 2 Kiuwan Insights reviews

355 Views
355 Comparison Views

0% willing to recommend

OpenText Static Application...

Read 19 OpenText Static Application Security Testing reviews

4,348 Views
1,609 Comparison Views

89% willing to recommend

Kiuwan Insights

OpenText Static Application...

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Mar 29, 2026

OpenText Static Application Security Testing and Kiuwan Insights are competitive products in the security testing solutions category. Kiuwan Insights currently has the upper hand due to its extensive feature set and integration capabilities, while OpenText provides better pricing and customer support.

Features: OpenText Static Application Security Testing is known for detecting vulnerabilities with precision and offers extensive reporting and analysis. Kiuwan Insights provides rich integration capabilities, in-depth analytics, and a wide range of supported frameworks, providing a comprehensive feature set that enhances its perceived value.

Ease of Deployment and Customer Service: OpenText Static Application Security Testing features a straightforward deployment process accompanied by reliable customer support that reassures users. Kiuwan Insights offers a flexible cloud-based deployment model and responsive service, providing ease in setting up and addressing customer needs efficiently.

Pricing and ROI: OpenText Static Application Security Testing is priced competitively, providing good ROI supported by extensive customer support. Kiuwan Insights, though higher in initial setup costs, delivers strong ROI owing to its powerful features, effectively justifying its investment through enhanced functionality and performance.

To learn more, read our detailed Kiuwan Insights vs. OpenText Static Application Security Testing Report (Updated: April 2026).

Buyer's Guide

Kiuwan Insights vs. OpenText Static Application Security Testing

April 2026

Download the complete report

Helped 893,221 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Kiuwan Insights

Ranking in Static Code Analysis

24th

Average Rating

4.0

Reviews Sentiment

6.4

Number of Reviews

Ranking in other categories

No ranking in other categories

OpenText Static Application...

Ranking in Static Code Analysis

4th

Average Rating

8.2

Reviews Sentiment

6.9

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of May 2026, in the Static Code Analysis category, the mindshare of Kiuwan Insights is 1.6%, up from 0.5% compared to the previous year. The mindshare of OpenText Static Application Security Testing is 5.5%, down from 12.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Static Code Analysis Mindshare Distribution
Product	Mindshare (%)
OpenText Static Application Security Testing	5.5%
Kiuwan Insights	1.6%
Other	92.9%

Static Code Analysis

Featured Reviews

Felix Esteban

Head of Development and Consulting at Logalty

Protects problematic libraries; sorely lacking in customer services

Kiuwan lacks decent support, it's very bad. A couple of years ago an American company bought Kiuwan and support became non-existent. It's a big part of why we're looking to move to another product. We have questions regarding false positives and nobody responds to our tickets. They don't have any answers. If you're looking for a cheaper solution and don't require support, it might be okay, but a large end company that has a lot of questions about how the developers are programming will have trouble.

Read full review

Dristi Kurre

Lead Information Security Analyst at a financial services firm with 10,001+ employees

Focuses on detailed scans to find critical vulnerabilities while ensuring minimal false positives

I think Fortify Static Code Analyzer could be improved by updating the number of rule packs according to the latest vulnerabilities we find each year. We have updated to a version that is one less than the current latest version. It would be really helpful to include trending vulnerabilities and how to manage them. While it includes all the OWASP top factors, AI has come into the picture, so those updates should also be considered. I haven't thought much about additional features for improvement since I am using it daily. Most of our work revolves around scanning and providing the results, which sometimes feels like a crunch. However, I believe rule pack updates should be implemented. It feels easy to upgrade to the latest version as well.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Insights is valuable at protecting a problematic library and enabling you to reduce the number of false positives."

"I have found the interface to be perfect."

"Can help in reducing the number of false positives."

"You can really see what's happening after you've developed something."

"Integrating the Fortify Static Code Analyzer into our software development lifecycle was straightforward. It highlights important information beyond just syntax errors. It identifies issues like password credentials and access keys embedded in the code."

"I like the Fortify taxonomy as it provides us with a list of all of the vulnerabilities found, and Fortify releases updated rule packs quarterly, with accompanying documentation, that lets us know what new features are being released."

"The Software Security Center, which is often overlooked, stands out as the most effective feature."

"I like the Fortify taxonomy as it provides us with a list of all of the vulnerabilities found. Fortify release updated rule packs quarterly, with accompanying documentation, that lets us know what new features are being released."

"Its flexibility is most valuable; it is such a flexible tool that can be implemented in a number of ways, can do anything you want it to do, can be fully automated within a DevOps pipeline, and can also be used in an ad hoc, special test case scenario and anywhere in between."

"The reference provided for each issue is extremely helpful."

"The integration Subset core integration, using Jenkins is one of the good features."

More OpenText Static Application Security Testing pros

Cons

"The solution is great, but improvement is needed in the number of lines of code allowed, that is the capacity. Pricing can be improved as well."

"Kiuwan lacks decent support, it's very bad. A couple of years ago an American company bought Kiuwan and support became non-existent."

"The solution has issues detecting intrusive methods."

"The solution is great, but improvement is needed in the number of lines of code allowed, that is the capacity. Pricing can be improved as well."

"The pricing is a bit high."

"Streamlining the upgrade process and enhancing compatibility would make it easier for us to keep our security tools up-to-date."

"I know the areas that they are trying to improve on. They've been getting feedback for several years. There are two main points. The first thing is keeping current with static code languages. I know it is difficult because code languages pop up all the time or there are new variants, but it is something that Fortify needs to put a better focus on. They need to keep current with their language support. The second thing is a philosophical issue, and I don't know if they'll ever change it. They've done a decent job of putting tools in place to mitigate things, but static code analysis is inherently noisy. If you just take a tool out of the box and run a scan, you're going to get a lot of results back, and not all of those results are interesting or important, which is different for every organization. Currently, we get four to five errors on the side of tagging, and it notifies you of every tiny inconsistency. If the tool sees something that it doesn't know, it flags, which becomes work that has to be done afterward. Clients don't typically like it. There has got to be a way of prioritizing. There are a ton of filter options within Fortify, but the problem is that you've got to go through the crazy noisy scan once before you know which filters you need to put in place to get to the interesting stuff. I keep hearing from their product team that they're working on a way to do container or docker scanning. That's a huge market mover. A lot of people are interested in that right now, and it is relevant. That is definitely something that I'd love to see in the next version or two."

"Fortify Static Code Analyzer is a good solution, but sometimes we receive false positives."

"The troubleshooting capabilities of this solution could be improved. This would reduce the number of cases that users have to submit."

"The price can be improved."

"The generation of false positives should be reduced."

More OpenText Static Application Security Testing cons

Pricing and Cost Advice

"Pricing can be improved as well."

"The licensing is expensive and is in the 50K range."

"Although I am not responsible for the budget, Fortify SAST is expensive."

"The price of Fortify Static Code Analyzer could be reduced."

"It has a couple of license models. The one that we use most frequently is called their flexible deployment. We use this one because it is flexible and based on the number of code-contributing developers in the organization. It includes almost everything in the Fortify suite for one developer price. It gives access to not just the secure code analyzer (SCA) but also to FSC, the secure code. It gives us accessibility to scan central, which is the decentralized scanning farm. It also gives us access to the software security center, which is the vulnerability management platform."

"The setup costs and pricing for Fortify may vary depending on the organization's needs and requirements."

"From our standpoint, we are significantly better off with Fortify due to the favorable pricing we secured five years ago."

"I rate the pricing of Fortify Static Code Analyzer as a seven out of ten since it is a bit expensive."

"There is a licensing fee, and if you bring them to the company and you want them to do the installation and the implementation in the beginning, there is a separate cost. Similarly, if you want consultation or training, there is a separate cost. I see it as suitable only for enterprises. I do not see it suitable for a small business or individual use."

See which vendors are best for you

Use our free recommendation engine to learn which Static Code Analysis solutions are best for your needs.

See recommendations

893,221 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

No data available

Financial Services Firm

28%

Manufacturing Company

Computer Software Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

By reviewers
Company Size	Count
Small Business	4
Midsize Enterprise	3
Large Enterprise	11

Questions from the Community

Ask a question

Earn 20 points

What is your experience regarding pricing and costs for Fortify Static Code Analyzer?

My experience with the pricing, setup costs, and licensing has been good. We have the scan machines, and we are planning to request more from Micro Focus now. We have calls every month or every oth...

See all answers

What needs improvement with Fortify Static Code Analyzer?

See all answers

What is your primary use case for Fortify Static Code Analyzer?

Our main use cases for Fortify Static Code Analyzer typically involve trying to figure out the critical vulnerabilities. It depends on the type of scans that we are doing, whether it is a release s...

See all answers

Comparisons

Veracode vs Kiuwan Insights

Compared 42% of the time

Checkmarx One vs Kiuwan Insights

Compared 21% of the time

More Kiuwan Insights Competitors

Black Duck SCA vs OpenText Static Application Security Testing

Compared 12% of the time

Veracode vs OpenText Static Application Security Testing

Compared 9% of the time

Snyk vs OpenText Static Application Security Testing

Compared 8% of the time

Semgrep vs OpenText Static Application Security Testing

Compared 7% of the time

DeepSource vs OpenText Static Application Security Testing

Compared 4% of the time

More OpenText Static Application Security Testing Competitors

Product Reports

Buyer's Guide

Static Code Analysis

April 2026

Download Kiuwan Insights product report

Buyer's Guide

OpenText Static Application Security Testing

April 2026

OpenText Static Application Security Testing report

Download OpenText Static Application Security Testing product report

Also Known As

Insights SCA

Fortify Static Code Analysis SAST

Overview

Kiuwan Insights offers cutting-edge security solutions designed to meet the needs of a tech-savvy audience. It empowers organizations to manage vulnerabilities efficiently while ensuring robust protection of software applications.

Kiuwan Insights is a versatile tool that enables IT teams to enhance application security, understand vulnerabilities, and achieve airtight security results. Built with advanced reporting and analytics capabilities, it allows for seamless integration into existing workflows while facilitating real-time risk management and compliance monitoring.

What are the key features of Kiuwan Insights?

Vulnerability Detection: Identifies security gaps in code and recommends fixes.
Code Analysis: Delivers comprehensive insights into code quality and risks.
Integration Capability: Seamlessly integrates with CI/CD pipelines and development tools.
Compliance Management: Ensures adherence to industry standards and regulations.
Real-Time Reporting: Provides instant analysis and detailed reports for informed decision-making.

What ROI or benefits should users look for in reviews?

Increased Security: Improved protection against threats and minimized vulnerabilities.
Operational Efficiency: Streamlined processes leading to time and cost savings.
Regulatory Compliance: Ensures compliance with data security standards.
Enhanced Quality: Better software quality through detailed analysis and reporting.

Implementing Kiuwan Insights in industries such as finance and healthcare allows these sectors to prioritize security due to their sensitive data handling requirements. By adopting its solutions, companies in these industries can significantly forge a pathway to enhanced protection and quality assurance, mitigating risks through tailored security measures.

Kiuwan

OpenText Static Application Security Testing empowers teams with efficient vulnerability detection and streamlined secure coding practices, offering comprehensive language support and seamless integration with development tools.

OpenText Static Application Security Testing enhances software security during development by accurately identifying vulnerabilities with minimal false positives. It integrates seamlessly with IDEs and CI/CD pipelines, making it highly efficient for early detection of security issues. Users benefit from its easy setup, clear documentation, and centralized portal for managing security findings. Despite facing challenges like high costs and complex configurations for certain languages, its role in facilitating compliance and streamlining secure coding processes is indispensable. Improvements are needed in areas such as outdated design, language support, and integration capabilities to meet evolving user expectations.

What features does OpenText Static Application Security Testing offer?

Seamless IDE Integration: Integrates effortlessly with development environments for real-time feedback.
Comprehensive Language Support: Covers a wide range of programming languages, enhancing detection accuracy.
Centralized Security Portal: Provides a streamlined interface for managing vulnerabilities.

What benefits and ROI should users consider?

Enhanced Security: Identifies vulnerabilities early, preventing potential breaches.
Time Efficiency: Automates processes and speeds up remediation efforts.
Compliance Facilitation: Assists in adhering to security standards and regulations.

Organizations across diverse sectors implement OpenText Static Application Security Testing primarily to secure applications during development phases. Its integration with tools like GitLab, Jenkins, and Azure DevOps ensures a robust security pipeline. By combining with Sonatype Nexus, secure code, and library management is achieved effectively.

OpenText

Buyer's Guide

Kiuwan Insights vs. OpenText Static Application Security Testing

April 2026

Free Report: Kiuwan Insights vs. OpenText Static Application Security Testing

Find out what your peers are saying about Kiuwan Insights vs. OpenText Static Application Security Testing and other solutions. Updated: April 2026.

DOWNLOAD NOW

893,221 professionals have used our research since 2012.

See our Kiuwan Insights vs. OpenText Static Application Security Testing report.

See our list of best Static Code Analysis vendors.

We monitor all Static Code Analysis reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.