TechValidate Customer Research Library / Perforce Software

TechValidate Research on Klocwork

These pages present data that TechValidate has sourced via direct research with verified customers and users of Klocwork. TechValidate stands behind the authenticity of all published data. Learn more »



545 Data Points Collected

13 Published TechFacts

6 Published Charts

4 Published Case Studies



Selected Research Highlights


Klocwork Case Study

Federal Government Agency

Introduction

This case study of a federal government is based on a March 2021 survey of Klocwork customers by TechValidate, a 3rd-party research service. The profiled organization asked to have their name blinded to protect their confidentiality.

Share

Embed

Download

“We have been using the Klocwork tool for the last 10 years and have found it to be a very useful tool as a static code analysis tool.

“Working with certified tools increases trust in the tool execution results.”

Challenges

Tools evaluated or used prior to selecting Perforce SAST Tools:

  • Parasoft

Use Case

Agreed that for static code analysis tools, key features include:

  • The ease of setting up and running static code analysis
  • Integration into CI/CD systems
  • Differential analysis for speed and efficiency
  • The ability to support huge codebases
  • Support for all coding languages that we use
  • No need to pre-process code prior to scanning

Importance of the following:

  • Have a consistent pricing model from your Static Application Security Testing (SAST) tool vendor: very Important
  • Have a SAST tool that can be executed via flexible deployment options (Desktop/IDE/CI/Cloud/Containers): important
  • Have customizable quality reports and analysis: important
  • Get accurate and clean of noise reports: important

Said that audit and/or stakeholder-ready scan results help to speed up release cycles and time to market faster.

They are not comfortable with sharing and uploading their source code to an SAST tool vendor cloud.

Security and safety coding standards coverage most important for them:

  • CERT
  • JSF AV C++

Enterprise console and reporting framework capabilities they value the most:

  • Control access permissions and approval workflows
  • Prioritize defects based on severity, location, and lifecycle

Results

Features of Klocwork compared to other tools that used or evaluated:

  • Ability to scale to projects of any size: superior
  • Wide range of developer tools: better
  • Continuous compliance: superior
  • Ease of automation: superior
  • Differential analysis: superior
  • Flexible deployment options: superior

Organization Profile

The organization featured in this case study asked to have its name publicly blinded because publicly endorsing vendors is against their policies.

TechValidate stands behind the authenticity of this data.

Organization Size:
Federal

Industry:
Government

About Klocwork

We believe in the power of teamwork. And that our development tools should empower the diverse teams that use them by enhancing collaboration, control, quality, speed, scale, and freedom.

Learn More:

Perforce Software

Source: TechValidate survey of a Federal Government
Validated
  Published: May. 12, 2021   TVID: 498-333-D23

Klocwork Customer Research

Which of the following enterprise console and reporting framework capabilities do you value the most?

Prioritize defects based on severity, location, and lifecycle
76%
Distinguish new issues from legacy code issues
72%
View trending and metrics data for project quality and compliance
61%
Compliance and security reports
54%
Defining global or project-specific QA and security objectives and rule configurations
54%
Control access permissions and approval workflows
28%
Push backlog issues to Change Control systems
20%
Source: TechValidate survey of 54 users of Klocwork
Validated
  Published: May. 26, 2021   TVID: 7A0-1A6-AAA

Klocwork Customer Statistic

More than 60% of surveyed organizations evaluated or used SonarSource/SonarQube prior to selecting Klocwork.

63%
Source: TechValidate survey of 46 users of Klocwork
Validated
  Published: Apr. 28, 2021   TVID: AA0-6FE-100

Klocwork Case Study

Schneider Electric

Introduction

This case study of Schneider Electric is based on an April 2021 survey of Klocwork customers by TechValidate, a 3rd-party research service.

Share

Embed

Download

“Good tool to enable continuous integration and quality.”

“Working with certified tools increases trust in the tool execution results.”

Competition Prior to Choosing Klocwork

Tools evaluated or used prior to selecting Perforce SAST Tools:

  • Coverity (Synopsis)
  • Parasoft
  • SonarSource/SonarQube
  • Fortify

Industry Feedback

For static code analysis tools, key features include:

  • The ease of setting up and running static code analysis: strongly agree
  • Integration into CI/CD systems: agree
  • Differential analysis for speed and efficiency: disagree
  • The ability to support huge codebases: disagree
  • Support for all coding languages that we use: neither agree nor disagree
  • No need to pre-process code prior to scanning: strongly agree

Importance of the following:

  • Have a consistent pricing model from your Static Application Security Testing (SAST) tool vendor: important
  • Have a SAST tool that can be executed via flexible deployment options (Desktop/IDE/CI/Cloud/Containers): critical
  • Have customizable quality reports and analysis: very Important
  • Get accurate and clean of noise reports: critical

Said that audit and/or stakeholder-ready scan results help to speed up release cycles and time to market significantly faster.

They are comfortable with sharing and uploading their source code to a SAST tool vendor cloud.

Security and safety coding standards coverage most important for them:

  • OWASP
  • CERT
  • CWE Top25
  • MISRA,
  • JSF AV C++

Enterprise console and reporting framework capabilities they value the most:

  • Defining global or project-specific QA and security objectives and rule configurations
  • View trending and metrics data for project quality and compliance
  • Compliance and security reports
  • Prioritize defects based on severity, location, and lifecycle
  • Distinguish new issues from legacy code issues

Results

Features of Klocwork compared to other tools that used or evaluated:

  • Continuous compliance: superior
  • Ease of automation: best-in-class
  • Differential analysis: superior
  • Flexible deployment options: superior

Company Profile

Company:
Schneider Electric

Company Size:
Global 500

Industry:
Electronics

About Klocwork

We believe in the power of teamwork. And that our development tools should empower the diverse teams that use them by enhancing collaboration, control, quality, speed, scale, and freedom.

Learn More:

Perforce Software

Source: Alain Salmetoz, Software Discipline Leader, Schneider Electric
Validated
  Published: May. 12, 2021   TVID: 938-919-350

Klocwork Customer Statistic

60% of surveyed organizations agree that differential analysis for speed and efficiency is a key feature for static code analysis tools.

60%
Source: TechValidate survey of 57 users of Klocwork
Validated
  Published: Apr. 14, 2021   TVID: F84-56F-2DB

Klocwork Customer Research

Which vendors did you evaluate or replace prior to selecting Perforce SAST Tools?

Which vendors did you evaluate or replace prior to selecting Perforce SAST Tools?

SonarSource/SonarQube
63%
Coverity (Synopsis)
48%
Parasoft
33%
Fortify
30%
Source: TechValidate survey of 46 users of Klocwork
Validated
  Published: May. 26, 2021   TVID: 2E0-201-D77


More to Explore

All TechFacts (13)

All Research Charts (6)

All Case Studies (4)


About Klocwork

Built for enterprise DevOps and DevSecOps, Klocwork scales to projects of any size, integrates with large complex environments, a wide range of developer tools, and provides control, collaboration, and reporting for the entire enterprise. This has made Klocwork the preferred static analyzer that keeps development velocity high while enforcing continuous compliance for security and quality.

Klocwork Website   Perforce Software Website



© Copyright 2024 SurveyMonkey. All marks used on this site are the property of their respective owners. Privacy Policy Terms of Use