PERCEPTIVA
new-360.png

Do you know the security risk in your application portfolios and are able make informed decisions?

header-360.jpg

360 APPLICATION ANALYSIS

Do you know the security risk in your application portfolios and are able make informed decisions?

 
 

Security should be a seamless part of Devops.  PERCEPTIVA enables a DevSecOps approach by silently adding security without the need to analyze on central servers thanks to its distributed engine and the speed of its analysis.

Kiuwan is unique in allowing the possibility of scaling its engine to as many developers as needed, while granting them secure coding practices, and assuring security by design from the outset.

 
codesecp.png

Code Security (SAST) 

Blazingly fast cyber threat remediation.

Automatically scan your code and identify vulnerabilities. Polyglot coverage of technologies and 3rd party integration.

 

 

Fast & collaborative: Identify and remediate cyber threats in a blazingly fast, collaborative environment, with seamlessly integration in your SDLC

Executive overview: Kiuwan SAST offers tailored reports with industry standard security ratings for application security

Set it up: Configure the level of criticality of your applications. Enjoy one of the most comprehensive sets of coding rules.

code-security-01.jpg
 
 

Detect and eliminate vulnerabilities

  • Uninitialized Variables

  • Application Misconfiguration

  • Credential/Session Prediction

  • Directory Indexing

  • Insufficient Authorization / Authentication

  • Automatic Reference Counting

  • Cross Site Request Forgery

  • Information Leakage

  • Insufficient Transport Layer Protection

  • Insufficient Binary Protection

  • Cross Site Scripting

  • Injection Attacks

  • Interprocess Communication

  • OS Commanding

  • Insecure Cryptography

  • SQL injection

  • Cryptographic Related Attacks

  • Buffer Overrun

  • Free Non-Heap Variable

  • Use After-Free

  • Double Free/Close

  • Format String Vulnerability

  • Return Pointer To Local

  • These are just a brief example.

 

Full compliance with security market standards

logos-seguridad.jpg
 

Among others!

  • Check the OWASP benchmark results below

  • Check the Kiuwan CWE declaration here

 
 

Action plans to reduce your risks

cs-whatif.png

1.Set your goals

Determine the effort required by the development teams or the rating you want to achieve

2.Follow up

Check out the progress & accomplishment of your goals, and avoid deviations

3.Take action

Kiuwan suggests to you where to act and to what extent. Line of code level, if needed!

 

 

Insights (SCA) - Manage risks from using Open Source components.

Insights guarantees the with a complete multi-technology solution that seamlessly integrates within the main SDLC tools.

Insights allows you to secure and manage any vulnerabilities, compliance and operational risk that may arise from using open source components.

Open source components are a significant and important part of commercial software today. By automating the process of managing these components, you ensure that your developments meet all your management needs. open source components detection, security vulnerabilities, license risk and compliance analysis and policy enforcement.

insights002.png
 
  Components inventory   Generate a complete and accurate inventory of all open source and third-party components used during builds or in applications.

Components inventory

Generate a complete and accurate inventory of all open source and third-party components used during builds or in applications.

  Detect threats   Investigate the security risks involved with your open source components and address each of them.

Detect threats

Investigate the security risks involved with your open source components and address each of them.

  Avoid obsolescence   Manage your libraries obsolescence: updates, versions and security issues. Get obsolescence alerts.

Avoid obsolescence

Manage your libraries obsolescence: updates, versions and security issues. Get obsolescence alerts.

 

Eliminate time consuming

Eliminate time consuming and error prone process of manually compiling the inventory in an effort to determine if you’re impacted by a new security vulnerability alert or to check for license issues.

Unveil security risk

Investigate the security risks involved with your open source components and address each of them as they apply to your application.

Isolate dependencies

Open source deployments often include a lot of unused features that cause dependency issues. Kiuwan code quality analysis helps identify unused code and remove it, further reducing the risk of running into dependency problems.

 
 

Kiuwan Insights is continuously updating NIST’s database for new vulnerabilities, alongside our own knowledge base and research by security experts.

 
 

What you will find

 

Security risks: When Kiuwan analyze your application, for every external component it search identified vulnerabilities at NIST – National Vulnerability Database. If Kiuwan finds any, it will display the details of the vulnerability and score that component in a Security Risk indicator.

New vulnerabilities: If there are new vulnerabilities that affect some of the components of your app, those components will display those new vulnerabilities (marked as New) without the need to run a new analysis. This feature will keep your components inventory up-to-date.

 

Duplicated components: With Kiuwan Insights you can identify different versions of the same component used by your application.

Obsolescence: With Kiuwn Insights, you can explore the exact version of the used components. This way, you would easily identify old versions of components.

Licensing information: Inspect the License type of every 3rd party component used in your application.

 
 
ss0010.png

Code Analysis (QA) - Unparalleled scope in the detection of errors

Identify code defects & manage your remediation efforts

 
 

Blazingly fast analysis in a collaborative and unlocalized environment.

defects.jpg
 
 
 
action-plan-1.jpg

Action plans

Fixing defects has never been easier. Code Analysis automatically creates an action plan with the defects that need to be fixed in order to achieve the set goals.

 
 

Common Features

 
 

Support for all major programming languages

logos-varios.jpg
 
textos.jpg
 

Widely integrated with your favorite tools

textos04.jpg
 

Fully integrated with your IDE

Kiuwan allows for a true shiflteft approach by integrating with all the main IDEs.

We cover Eclipse, Visual Studio, IntelliJ IDEA, Phpstorm, Pycharm and Webstorm so developers can visualize and analyze directly from their IDE, learning best coding practices with contextual remediation advice.

eclipseide.png
 

Governance

Complete visibility of your entire application portfolio

Objective information to negotiate your SLA’s

Measure external providers, understand their path from a unique vantage point.

screen5.png
 
summary-governance21.png

Make informed decisions

Decision quadrants: Detect risky applications using different decision quadrants

Evolution: Predictive analytics of the evolution of your application’s portfolio.

Activity: Record the activity of your development teams and software vendors, both in application and maintenance projects or change requests.

 
audit.jpg

Audit your software deliveries

Compare baseline modifications in order to detect new defects during the development process.

Define checkpoints and audits tailored to each type of project or change request.

Check control points continuously during the construction or maintenance phases to ensure that applications do not degrade over time after modifications.

 
 

Kiuwan Code Security (SAST)

 

Kiuwan Insights (Open Source)

 

Kiuwan Code Analysis